[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fCyVqvTD-FoMzmYn6U-G6KTp8sH--e6ubc6puex5hb8o":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":107,"crawl_stats":36,"alternatives":112,"analysis":214,"fingerprints":1021},"forum-server","WP Forum Server","1.8.2","lucidcrew","https:\u002F\u002Fprofiles.wordpress.org\u002Flucidcrew\u002F","\u003Cp>WP Forum Server : A complete forum system for your wordpress blog.\u003Cbr \u002F>\nThe forum is a plugin, so no additional work is needed to integrate it into your site.\u003C\u002Fp>\n\u003Cp>WP Forum Server is a an advanced, stable fork of WP Forum.\u003C\u002Fp>\n\u003Cp>If there are any problems installing this plugin\u003Cbr \u002F>\nplease visit the site at http:\u002F\u002Fforumpress.org\u002F\u003Cbr \u002F>\nand download the plugin from there.\u003C\u002Fp>\n\u003Cp>If you want to show off your forum please\u003Cbr \u002F>\nvisit: http:\u002F\u002Fforumpress.org\u002Fsupport\u002Fforumpress-g5\u002Fforum-server-1.4-and-previous-archive-f19\u003Cbr \u002F>\nand leave a link to your site.\u003C\u002Fp>\n","This Wordpress plugin is a complete forum system for your wordpress blog.",100,232252,66,12,"2015-05-07T14:53:00.000Z","4.2.39","2.6","",[20,21,22],"bbpress","forum","integrated","http:\u002F\u002Fforumpress.org\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fforum-server.zip",24,6,2,"2025-06-27 00:00:00","2026-03-15T15:16:48.613Z",[31,45,56,71,83,93],{"id":32,"url_slug":33,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":36,"severity":38,"cvss_score":39,"cvss_vector":40,"vuln_type":41,"published_date":28,"updated_date":42,"references":43,"days_to_patch":36},"CVE-2025-53305","wp-forum-server-cross-site-request-forgery","WP Forum  Server \u003C= 1.8.2 - Cross-Site Request Forgery","The WP Forum Server plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.8.2. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to perform an unauthorized action granted they can trick a site administrator into performing an action such as clicking on a link.",null,"\u003C=1.8.2","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Cross-Site Request Forgery (CSRF)","2025-07-02 19:46:32",[44],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F4782a5cd-bc20-4348-b902-23e5e380b3b8?source=api-prod",{"id":46,"url_slug":47,"title":48,"description":49,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":36,"severity":38,"cvss_score":50,"cvss_vector":51,"vuln_type":52,"published_date":28,"updated_date":53,"references":54,"days_to_patch":36},"CVE-2025-53306","wp-forum-server-authenticated-administrator-sql-injection","WP Forum  Server \u003C= 1.8.2 - Authenticated (Administrator+) SQL Injection","The WP Forum  Server plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 1.8.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for authenticated attackers, with administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.",4.9,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:H\u002FUI:N\u002FS:U\u002FC:H\u002FI:N\u002FA:N","Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')","2025-07-02 19:46:05",[55],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F70e059d9-3a69-4d6b-97ea-4f7f40199af9?source=api-prod",{"id":57,"url_slug":58,"title":59,"description":60,"plugin_slug":4,"theme_slug":36,"affected_versions":61,"patched_in_version":62,"severity":38,"cvss_score":63,"cvss_vector":64,"vuln_type":65,"published_date":66,"updated_date":67,"references":68,"days_to_patch":70},"CVE-2012-6622","wp-forum-server-authenticated-admin-stored-cross-site-scripting","WP Forum Server \u003C= 1.7.3 - Authenticated (Admin+) Stored Cross-Site Scripting","The WP Forum Server plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the (1) groupid parameter in an editgroup action or (2) usergroup_id parameter in an edit_usergroup action in versions up to, and including, 1.7.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with administrative capabilities to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This can also be exploited via CSRF by unauthenticated users due to missing nonce validation.","\u003C=1.7.3","1.7.4",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2012-05-15 00:00:00","2024-01-22 19:56:02",[69],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F190106bd-05ac-4a8f-b7a5-a042092a5713?source=api-prod",4270,{"id":72,"url_slug":73,"title":74,"description":75,"plugin_slug":4,"theme_slug":36,"affected_versions":76,"patched_in_version":77,"severity":78,"cvss_score":79,"cvss_vector":80,"vuln_type":65,"published_date":66,"updated_date":67,"references":81,"days_to_patch":70},"CVE-2012-6623","wp-forum-server-cross-site-scripting","WP Forum Server \u003C 1.7.5 - Cross-Site Scripting","Cross-site scripting (XSS) vulnerability in fs-admin\u002Fwpf-add-forum.php in the ForumPress WP Forum Server plugin before 1.7.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the groupid parameter in an addforum action to wp-admin\u002Fadmin.php.","\u003C1.7.5","1.7.5","high",7.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:L",[82],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F65db2345-4b55-466c-b148-7d954de96a87?source=api-prod",{"id":84,"url_slug":85,"title":86,"description":87,"plugin_slug":4,"theme_slug":36,"affected_versions":88,"patched_in_version":62,"severity":78,"cvss_score":89,"cvss_vector":90,"vuln_type":52,"published_date":66,"updated_date":67,"references":91,"days_to_patch":70},"CVE-2012-6625","wp-forum-server-sql-injection-2","WP Forum Server \u003C 1.7.4 - SQL Injection","SQL injection vulnerability in fs-admin\u002Ffs-admin.php in the ForumPress WP Forum Server plugin before 1.7.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the groupid parameter in an editgroup action.","\u003C1.7.4",7.2,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:H\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H",[92],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fd4a6c1e4-635f-4d4d-87a4-8eeded25f07f?source=api-prod",{"id":94,"url_slug":95,"title":96,"description":97,"plugin_slug":4,"theme_slug":36,"affected_versions":98,"patched_in_version":99,"severity":100,"cvss_score":101,"cvss_vector":102,"vuln_type":52,"published_date":103,"updated_date":67,"references":104,"days_to_patch":106},"CVE-2011-1047","wp-forum-server-sql-injection","WP Forum Server \u003C= 1.6.5 - SQL Injection","Multiple SQL injection vulnerabilities in VastHTML Forum Server (aka ForumPress) plugin 1.6.1 and 1.6.5 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) search_max parameter in a search action to index.php, which is not properly handled by wpf.class.php, (2) id parameter in an editpost action to index.php, which is not properly handled by wpf-post.php, or (3) topic parameter to feed.php.","\u003C=1.6.5","1.6.6","critical",9.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","2011-02-22 00:00:00",[105],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F85dc6513-90cb-433d-8f8f-5b56b4a76897?source=api-prod",4718,{"slug":7,"display_name":7,"profile_url":8,"plugin_count":108,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":109,"trust_score":110,"computed_at":111},1,4382,26,"2026-04-05T08:44:36.770Z",[113,139,158,180,195],{"slug":114,"name":115,"version":116,"author":117,"author_profile":118,"description":119,"short_description":120,"active_installs":121,"downloaded":122,"rating":123,"num_ratings":124,"last_updated":125,"tested_up_to":126,"requires_at_least":127,"requires_php":128,"tags":129,"homepage":133,"download_link":134,"security_score":135,"vuln_count":136,"unpatched_count":137,"last_vuln_date":138,"fetched_at":29},"wpforo","wpForo Forum","2.4.17","Tomdever","https:\u002F\u002Fprofiles.wordpress.org\u002Ftomdever\u002F","\u003Cp>wpForo Forums is the best WordPress forum plugin. Full-fledged yet easy and light forum solution for your WordPress website. Comes with modern and responsive forum layouts and styles. This WordPress forum plugin brings everything you need to run an efficient and professional community. Powerful and beautiful forum with unique features. The best alternative to bbPress forum plugin.\u003C\u002Fp>\n\u003Ch4>wpForo 3.0 AI Edition is Here!\u003C\u002Fh4>\n\u003Cp>The next version of wpForo is a major release with a brand-new theme, AI-powered features, improved layouts, and much more. We encourage you to test it on a staging site before updating your live forum.\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fv3.wpforo.com\u002F\" rel=\"nofollow ugc\">\u003Cstrong>Explore wpForo 3.0\u003C\u002Fstrong>\u003C\u002Fa>\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fwpforo.com\u002Fcommunity\u002Fwpforo-3-beta-test\u002Fwpforo-3-0-ai-edition-we-start-early-access-beta-program\u002F\" rel=\"nofollow ugc\">\u003Cstrong>Join the wpForo 3.0 Beta Program\u003C\u002Fstrong>\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>5 Minute Forum Installation!\u003C\u002Fh4>\n\u003Cpre>\u003Ccode>1. Activate plugin and find forums on \u002Fcommunity\u002F page, (\u002Fcommunity-2\u002F if \u002Fcommunity\u002F is used),\n2. Manage Forum Page, Title, etc in Dashboard > wpForo > Board > Edit Board admin page,\n3. Manage Forums in Dashboard > wpForo > Forums admin page,\n4. Manage Forum Menu in Dashboard > Appearance > Menu admin page,\n5. Manage Forum Widgets in Dashboard > Appearance > Widgets admin page,\n6. Manage Forum Colors in Dashboard > wpForo > Settings > Colors & Styles admin page, you can choose forum color styles.\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Support Forum and Demo: \u003Ca href=\"https:\u002F\u002Fwpforo.com\u002Fcommunity\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fwpforo.com\u002Fcommunity\u002F\u003C\u002Fa>\u003Cbr \u002F>\nForum Documentation: \u003Ca href=\"https:\u002F\u002Fwpforo.com\u002Fdocs\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fwpforo.com\u002Fdocs\u002F\u003C\u002Fa>\u003Cbr \u002F>\nGDPR Compliance: \u003Ca href=\"https:\u002F\u002Fwpforo.com\u002Fgdpr\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fwpforo.com\u002Fgdpr\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Multi-layout WordPress Forum Plugin\u003C\u002Fh4>\n\u003Col>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforo.com\u002Fdocs\u002Fwpforo-v2\u002Fcategories-and-forums\u002Fforum-layouts\u002Fextended-layout\u002F\" rel=\"nofollow ugc\">\u003Cstrong>Extended Forum Layout\u003C\u002Fstrong>\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforo.com\u002Fdocs\u002Fwpforo-v2\u002Fcategories-and-forums\u002Fforum-layouts\u002Fsimplified-layout\u002F\" rel=\"nofollow ugc\">\u003Cstrong>Simplified Forum Layout\u003C\u002Fstrong>\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforo.com\u002Fdocs\u002Fwpforo-v2\u002Fcategories-and-forums\u002Fforum-layouts\u002Fqa-layout\u002F\" rel=\"nofollow ugc\">\u003Cstrong>Question and Answer Forum Layout\u003C\u002Fstrong>\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforo.com\u002Fdocs\u002Fwpforo-v2\u002Fcategories-and-forums\u002Fforum-layouts\u002Fthreaded-layout\u002F\" rel=\"nofollow ugc\">\u003Cstrong>Threaded Forum Layout\u003C\u002Fstrong>\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Migrate to wpForo\u003C\u002Fh4>\n\u003Cp>Free Migration Tool Go2wpForo: \u003Ca href=\"https:\u002F\u002Fwpforo.com\u002Fdocs\u002Fwpforo-v2\u002Fmigrate-to-wpforo\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fwpforo.com\u002Fdocs\u002Fwpforo-v2\u002Fmigrate-to-wpforo\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>- Migrate bbPress forum to wpForo\n- Migrate Asgaros forum to wpForo\n- Migrate SimplePress forum to wpForo\n- Migrate phpBB forum to wpForo\n- Migrate SMF forum to wpForo\n- Migrate Joomla Kunena forum to wpForo\n- Migrate MyBB forum to wpForo\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Forum Integration\u003C\u002Fh4>\n\u003Cp>wpForo forum plugin is well integrated with many Profile Builder and Paid Membership plugins, such as \u003Cstrong>BuddyPress\u003C\u002Fstrong>, \u003Cstrong>Ultimate Members\u003C\u002Fstrong>, \u003Cstrong>WooCommerce Membership\u003C\u002Fstrong>, \u003Cstrong>Paid Memberships Pro\u003C\u002Fstrong>, \u003Cstrong>MemberPress\u003C\u002Fstrong>, \u003Cstrong>Groups\u003C\u002Fstrong> and \u003Cstrong>SureMembers\u003C\u002Fstrong> plugins.\u003C\u002Fp>\n\u003Ch4>Forum Translation\u003C\u002Fh4>\n\u003Cp>wpForo is a WordPress forum plugin with all possibilities of plugin translation. We’d really appreciate if you could help \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fwpforo\u002F\" rel=\"nofollow ugc\">translating wpForo forum plugin to your language here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>FORUM FEATURES\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Multi-board: Allows to have multiple separate forum pages\u003C\u002Fli>\n\u003Cli>Multi-language: Allows to forums with different languages\u003C\u002Fli>\n\u003Cli>Multi-layout: Four modern forum layouts (Q&A, Threaded…)\u003C\u002Fli>\n\u003Cli>Designed for small and extremely large forums\u002Fcommunities.\u003C\u002Fli>\n\u003Cli>Migrate from other forums using \u003Ca href=\"https:\u002F\u002Fwpforo.com\u002Fcommunity\u002Fmigrate-to-wpforo-from-other-forum-plugins\u002Fmigrate-to-wpforo-go2wpforo-tool\u002F\" rel=\"nofollow ugc\">Go2wpForo\u003C\u002Fa> tool.\u003C\u002Fli>\n\u003Cli>Four different forum layouts and designs.\u003C\u002Fli>\n\u003Cli>Six set of forum color styles including dark style.\u003C\u002Fli>\n\u003Cli>Super responsive forum on all kind of devices.\u003C\u002Fli>\n\u003Cli>Live user notification system\u003C\u002Fli>\n\u003Cli>Built-in forum SEO functions.\u003C\u002Fli>\n\u003Cli>Built-in forum Sitemap and Search Engine ping.\u003C\u002Fli>\n\u003Cli>Built-in forum Cache System.\u003C\u002Fli>\n\u003Cli>Built-in forum Antispam and Akismet integration.\u003C\u002Fli>\n\u003Cli>Advanced forum user profile system.\u003C\u002Fli>\n\u003Cli>Forum Member Rating and Badges.\u003C\u002Fli>\n\u003Cli>Built-in forum\u002Ftopic subscription.\u003C\u002Fli>\n\u003Cli>Drag and Drop forum management system.\u003C\u002Fli>\n\u003Cli>Topic and Post front-end moderation.\u003C\u002Fli>\n\u003Cli>Forum topics and posts Read \u002F Unread logging.\u003C\u002Fli>\n\u003Cli>Topic Tags and Tags Widget.\u003C\u002Fli>\n\u003Cli>Forum styles with different colors.\u003C\u002Fli>\n\u003Cli>Built-in, powerful forum Usergroup system.\u003C\u002Fli>\n\u003Cli>Forum Access sets per Usergroup per Forum.\u003C\u002Fli>\n\u003Cli>Forum Phrase System for quick translation.\u003C\u002Fli>\n\u003Cli>WordPress .MO\u002F.PO translation files.\u003C\u002Fli>\n\u003Cli>Tools and options for GDPR Compliance\u003C\u002Fli>\n\u003Cli>Social Network Share Buttons\u003C\u002Fli>\n\u003Cli>BuddyPress Integration\u003C\u002Fli>\n\u003Cli>Ultimate Member Integration\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Need more forum features?\u003C\u002Fh4>\n\u003Cp>Find wpForo forum plugin addons on \u003Ca href=\"https:\u002F\u002Fgvectors.com\u002Fproduct-category\u002Fwpforo\u002F\" rel=\"nofollow ugc\">gVectors Team website…\u003C\u002Fa>\u003C\u002Fp>\n","Number one WordPress forum plugin. Full-fledged forum solution with modern and responsive forum design. Community builder WordPress forum plugin.",20000,1615308,94,389,"2026-03-15T11:26:00.000Z","6.9.4","5.2","7.2",[20,130,21,131,132],"community","forum-plugin","forums","https:\u002F\u002Fwpforo.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpforo.2.4.17.zip",76,35,0,"2026-04-03 22:11:24",{"slug":140,"name":141,"version":142,"author":143,"author_profile":144,"description":145,"short_description":146,"active_installs":147,"downloaded":148,"rating":149,"num_ratings":150,"last_updated":151,"tested_up_to":126,"requires_at_least":18,"requires_php":18,"tags":152,"homepage":155,"download_link":156,"security_score":150,"vuln_count":27,"unpatched_count":137,"last_vuln_date":157,"fetched_at":29},"bbp-style-pack","bbp style pack","6.4.4","Robin W","https:\u002F\u002Fprofiles.wordpress.org\u002Frobin-w\u002F","\u003Cp>This Plugin lets you style bbPress, and add display features\u003C\u002Fp>\n\u003Cp>You can change the forum styling for elements, letting you match (or contrast!) bbPress to your theme\u003C\u002Fp>\n\u003Cp>Many features are available at the click of a button, such as creating vertical lists, adding create new topic links, hiding counts and much more.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Style font sizes colors etc. in forums and topics\u003C\u002Fli>\n\u003Cli>Change forum display layouts\u003C\u002Fli>\n\u003Cli>Add or take away forum elements, such as adding descriptions or removing ‘this forum contains..’\u003C\u002Fli>\n\u003Cli>Change the forum order\u003C\u002Fli>\n\u003Cli>Change the freshness display to date and time, or combination date and freshness\u003C\u002Fli>\n\u003Cli>Change the breadcrumbs to alter or remove elements, or remove breadcrumbs completely\u003C\u002Fli>\n\u003Cli>Add Create new Topic, Subscribe and Profile buttons, making navigation easier\u003C\u002Fli>\n\u003Cli>Add login Register and profile to menus\u003C\u002Fli>\n\u003Cli>Change forum role names or add role images\u003C\u002Fli>\n\u003Cli>Amend subscription email headings and text\u003C\u002Fli>\n\u003Cli>Amend the topic list order\u003C\u002Fli>\n\u003Cli>Add topic previews to make topic navigation easier\u003C\u002Fli>\n\u003Cli>Change how the topic and reply forms display – adding, removing or changing elements\u003C\u002Fli>\n\u003Cli>Amend how profiles display and configure who sees them\u003C\u002Fli>\n\u003Cli>Amend the search styling\u003C\u002Fli>\n\u003Cli>Use additional shortcodes to improve how you display your forums and topics\u003C\u002Fli>\n\u003Cli>Add an unread posts section so that users can easily see new topics and replies\u003C\u002Fli>\n\u003Cli>Add a quote button to topics and replies\u003C\u002Fli>\n\u003Cli>Add moderation tools to allow to to control \u003C\u002Fli>\n\u003Cli>Add an unread posts section so that users can easily see new topics and replies\u003C\u002Fli>\n\u003Cli>Use additional widgets to better display latest activity, or forum and topic information\u003C\u002Fli>\n\u003Cli>Find a list of other useful bbPress related plugins\u003C\u002Fli>\n\u003Cli>Let bbpress work with FSE themes\n\u003C\u002Fli>\n\u003C\u002Ful>\n","For bbPress - Lets you style bbPress, and add display features",6000,945792,98,99,"2025-12-07T17:24:00.000Z",[153,20,21,154],"bbp","style","http:\u002F\u002Fwww.rewweb.co.uk\u002Fbbp-style-pack\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbbp-style-pack.6.4.4.zip","2023-09-28 00:00:00",{"slug":159,"name":160,"version":161,"author":162,"author_profile":163,"description":164,"short_description":165,"active_installs":166,"downloaded":167,"rating":168,"num_ratings":169,"last_updated":170,"tested_up_to":126,"requires_at_least":171,"requires_php":172,"tags":173,"homepage":18,"download_link":178,"security_score":149,"vuln_count":27,"unpatched_count":137,"last_vuln_date":179,"fetched_at":29},"bbpress-notify-nospam","bbPress Notify (No-Spam)","3.0.3","useStrict","https:\u002F\u002Fprofiles.wordpress.org\u002Fusestrict\u002F","\u003Cp>\u003Cstrong>bbPress Notify (No-Spam)\u003C\u002Fstrong> is the ultimate notification plugin for \u003Cstrong>bbPress\u003C\u002Fstrong> and \u003Cstrong>BuddyBoss\u003C\u002Fstrong> forums.\u003Cbr \u002F>\nIt replaces the limited default subscription system with a flexible, no-spam solution that gives your users \u003Cstrong>personalized, reliable email updates\u003C\u002Fstrong> about new topics and replies.\u003C\u002Fp>\n\u003Cp>Stop flooding inboxes. With bbpnns you control exactly who gets notified, when, and how. Perfect for community managers, membership sites, and anyone who wants professional-grade forum notifications.\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>📧 \u003Cstrong>Send professional emails\u003C\u002Fstrong> — Choose HTML, plain text, or multipart with image support.\u003C\u002Fli>\n\u003Cli>🎯 \u003Cstrong>Target the right audience\u003C\u002Fstrong> — Notify by user roles (admins, moderators, members, etc.).\u003C\u002Fli>\n\u003Cli>🚀 \u003Cstrong>Faster performance\u003C\u002Fstrong> — Background notifications prevent post-submission timeouts.\u003C\u002Fli>\n\u003Cli>🧪 \u003Cstrong>Preview before sending\u003C\u002Fstrong> — Dry-run mode shows exactly who will receive notifications.\u003C\u002Fli>\n\u003Cli>🔌 \u003Cstrong>Developer-friendly\u003C\u002Fstrong> — Dozens of filters and actions for easy customization.\u003C\u002Fli>\n\u003Cli>✅ \u003Cstrong>BuddyBoss compatible\u003C\u002Fstrong> — Works out of the box with BuddyBoss forums.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fusestrict.net\u002Fbbpress-notify-no-spam-documentation\u002F\" rel=\"nofollow ugc\">📖 View the full documentation\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>💡 Looking for advanced features like digests, reply-by-email, and membership integrations? \u003Ca href=\"https:\u002F\u002Fusestrict.net\u002Fbbpress-notify-premium\u002F?utm_source=wporg-readme&utm_medium=plugin&utm_campaign=top\" rel=\"nofollow ugc\">See bbPress Notify Premium\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Premium Add-Ons\u003C\u002Fh3>\n\u003Cp>Take bbpnns to the next level with powerful extensions:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Reply by Email\u003C\u002Fstrong> – Post new topics or replies directly from your inbox.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Bulk Mailer\u003C\u002Fstrong> – Send notifications to thousands of users reliably — no timeouts, no dropped emails.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Digests\u003C\u002Fstrong> – Give users daily, weekly, or monthly summaries to reduce inbox noise.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Opt-Out\u003C\u002Fstrong> – One-click unsubscribe options for CAN-SPAM and CASL compliance.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Membership & LMS Bridges\u003C\u002Fstrong> – Running a membership or LMS site? Keep notifications in sync with your access control layer. Supports BuddyPress, MemberPress, LearnDash, AccessAlly, Private Groups, and more.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>👉 Browse all premium add-ons here: \u003Ca href=\"https:\u002F\u002Fusestrict.net\u002Fbbpress-notify-premium\u002F?utm_source=wporg-readme&utm_medium=plugin&utm_campaign=bbpnns\" rel=\"nofollow ugc\">bbPress Notify Premium\u003C\u002Fa>\u003C\u002Fp>\n","Powerful, customizable email notifications for bbPress and BuddyBoss forums — without the spam.",3000,291519,96,39,"2026-03-11T19:58:00.000Z","3.1","7.4",[20,174,175,176,177],"buddyboss","email-notification","forum-notifications","no-spam","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbbpress-notify-nospam.3.0.3.zip","2025-07-19 00:00:00",{"slug":181,"name":182,"version":183,"author":143,"author_profile":144,"description":184,"short_description":185,"active_installs":186,"downloaded":187,"rating":149,"num_ratings":188,"last_updated":189,"tested_up_to":126,"requires_at_least":18,"requires_php":18,"tags":190,"homepage":193,"download_link":194,"security_score":11,"vuln_count":137,"unpatched_count":137,"last_vuln_date":36,"fetched_at":29},"bbp-private-groups","Private groups","3.9.7","\u003Cp>An add-on to the bbPress forum plugin – creates private forum groups\u003C\u002Fp>\n\u003Cp>This Plugin creates unlimited private forum groups.\u003C\u002Fp>\n\u003Cp>Forums are then allocated to one or more groups, and users allocated to one or more groups.\u003C\u002Fp>\n\u003Cp>What this achieves\u003Cbr \u002F>\nunlimited private groups\u003Cbr \u002F>\nEach user is set to a group or groups, and each forum can have any or all the groups associated with it\u003Cbr \u002F>\nAny number of public forums combined with any number of group forums.  The group forums can be individually set to public or private.\u003Cbr \u002F>\nForum title and description (but not topics or replies) can be set to be visible to non-group users, allowing people to see that a forum exists but not access it\u003Cbr \u002F>\nSeparate pages can be set to allow redirection of non group users for sign-up or information\u003Cbr \u002F>\nTopic Permissions\u003Cbr \u002F>\nTopic Permissions is designed for sites where users need to have different permissions to different forums.\u003Cbr \u002F>\nFor instance the ability for users to contribute to one forum whilst only being able to view another, or only start topics in one forum, or only reply to topics in another.\u003C\u002Fp>\n\u003Cp>Example\u003C\u002Fp>\n\u003Cp>So if\u003Cbr \u002F>\nUser a belongs to group 1\u003Cbr \u002F>\nUser b belongs to group 2\u003Cbr \u002F>\nUser c belongs to group 3\u003C\u002Fp>\n\u003Cp>and\u003Cbr \u002F>\nForum x is set to allow group 2\u003Cbr \u002F>\nForum y is set to allow group 2 and group 3\u003Cbr \u002F>\nForum z is set to allow group 1 and group 3\u003C\u002Fp>\n\u003Cp>Then\u003Cbr \u002F>\nUser a can access only forum z\u003Cbr \u002F>\nUser b can access forum x and forum y\u003Cbr \u002F>\nUser c can access forum y and forum z\u003C\u002Fp>\n\u003Cp>Restrictions\u002Fwarnings\u003C\u002Fp>\n\u003Cp>The widgets (bbpress) forums list, (bbpress) recent replies, and (bbpress) recent topics SHOULD NOT BE USED, as they will show topics headings and author names for all forums.  Replacement widgets called (private groups) forums list, (private groups) recent replies, and (private groups) recent topics are available instead\u003C\u002Fp>\n\u003Cp>Works with bbpress 2.5.3 or higher\u003C\u002Fp>\n","For bbPress - Creates private forum groups",1000,152657,49,"2025-12-05T16:18:00.000Z",[153,20,21,191,192],"groups","private","http:\u002F\u002Fwww.rewweb.co.uk\u002Fbbp-private-groups\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbbp-private-groups.3.9.7.zip",{"slug":196,"name":197,"version":198,"author":199,"author_profile":200,"description":201,"short_description":202,"active_installs":186,"downloaded":203,"rating":204,"num_ratings":205,"last_updated":206,"tested_up_to":126,"requires_at_least":207,"requires_php":18,"tags":208,"homepage":212,"download_link":213,"security_score":11,"vuln_count":137,"unpatched_count":137,"last_vuln_date":36,"fetched_at":29},"bbpress-wp-tweaks","bbPress WP Tweaks","1.5.1","veppa","https:\u002F\u002Fprofiles.wordpress.org\u002Fveppa\u002F","\u003Cp>bbPress WP Tweaks replaces regular sidebar with forum specific “bbPress sidebar”.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F7LVt41oLscs?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fyoutu.be\u002F7LVt41oLscs\" rel=\"nofollow ugc\">Watch plugin overview on YouTube\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>To setup forum specific sidebar you should first select correct forum wrapper file which has sidebar. Then select what action perform with existing sidebar: replace, prepend or append. Then select which sidebar to target with this action. You can also choose “none” option for target sidebar, in that case no bbPress sidebar will not be added to wordpress.\u003C\u002Fp>\n\u003Cp>If nothing in forum sidebar then regular sidebar will be shown.\u003C\u002Fp>\n\u003Cp>You can choose which forum wrapper template to use in plugin settings page or specify other custom wrapper file that exists in your theme.\u003C\u002Fp>\n\u003Cp>Plugin tested with PHP version 5.6, 7.x and up to 8.4.\u003C\u002Fp>\n\u003Ch4>Features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>bbPress specific sidebar instead of default blog sidebar.\u003C\u002Fli>\n\u003Cli>Change default wrapper for forum pages\u003C\u002Fli>\n\u003Cli>bbPress login links widget\u003C\u002Fli>\n\u003Cli>bbPress users widget \u003C\u002Fli>\n\u003Cli>Login and register links under forum\u003C\u002Fli>\n\u003Cli>Show forum description \u003C\u002Fli>\n\u003Cli>Forum related columns for users view in admin area\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>bbPress specific sidebar\u003C\u002Fstrong> (works only on Classic themes) — you can use different sidebar on forum pages. You can choose which sidebar to replace, append or prepend to. Appending or prepending is useful if you only need to add couple forum related widgets. Custom sidebar will be used in all forum related pages including forum, topic, reply,and user profile pages.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Default wrapper for forum pages\u003C\u002Fstrong> (works only on Classic themes) — bbPRess uses wrapper file in your theme in this order: ‘bbpress.php’,  ‘forum.php’, ‘page.php’, ‘single.php’, ‘index.php’. First existing template file will be used. You can choose which template file to check first. Most themes don’t have sidebar in ‘page.php’, ‘single.php’ files, if you choose them then no sidebar will be shown in forums. On the other hand most themes ‘index.php’ file always has sidebar. If you cannot see forum sidebar then change this value to index.php in plugin settings (settings -> bbPress WP Tweaks ) page. If your theme has other non standard template files like “page-fullwidth.php” for example then you can use it by selecting “custom” option and writing page-fullwidth.php in text input field. If that file exists then it will be used as forum wrapper.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Font size\u003C\u002Fstrong> — Simple switch to fix forum font size. Available sizes: XL, L, M, S, XS.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>bbPress login links widget\u003C\u002Fstrong> — if you want to display login and register links instead of login form in your sidebar then use this widget. By default bbPress will not show login links to visitors if they want to post in forum. Use this widget instead of login form in your bbPress sidebar.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>bbPress users widget\u003C\u002Fstrong> — used to display users linking to their profile pages ordered by:\u003Cbr \u002F>\n* most topics with count\u003Cbr \u002F>\n* most replies with count\u003Cbr \u002F>\n* recently active with time\u003Cbr \u002F>\n* online users with time\u003Cbr \u002F>\n* new users with registration time\u003Cbr \u002F>\n* old users with registration time\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Login and register links under forum\u003C\u002Fstrong> — will add login and register links where “You must be logged in to create new topics.” and “You must be logged in to reply to this topic.” messages shown. By default you will see above mentioned messages with no login or register links. With this options selected you will see under those messages login links and will be redirected back to that topic or forum after logging in using those links. Login and register links can be customized with custom HTML code to match your website design.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Show forum description\u003C\u002Fstrong> — By default forum description is shown only on where forums are listed, not in forum page. With this options enabled you will show forum description on Forum page, on sub forums, on topics, on replies. So user will know what this forum about. If it is a product forum then you can add product image, links or buttons to product page, pricing\u002Fpurchase page etc. This will make navigation between product and forum a lot easier.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Forum related columns for users view in admin area\u003C\u002Fstrong> — is must have feature to have for any forum administrator. With this option enabled you will have forum related sortable columns “number of topics”, “number of replies”, “registration date”, “last active date” in “Users” admin page. Topic and reply counts are linked to user profile pages. You can sort by those columns and see latest registered users or users with most topics. Each column seperately can be switched off using “Screen Options” inside users page.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Disable not used features of plugin\u003C\u002Fstrong> — you can disable sidebar by selecting “none” as target sidebar. Disable widgets by unchecking relaed checkboxes in plugin options page. All other features also can be individually enabled or disabled in plugin options page.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Attention:\u003C\u002Fstrong> Sidebar and Wrapper options do not work in FSE (Full Site Editing) themes.\u003C\u002Fp>\n\u003Ch4>Demo\u003C\u002Fh4>\n\u003Cp>Check out one of my sites’ \u003Ca href=\"https:\u002F\u002Fveppa.com\u002Fforums\u002F\" rel=\"nofollow ugc\">bbPress forum page\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Plugin home page\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fveppa.com\u002Fbbpress-wp-tweaks\u002F\" rel=\"nofollow ugc\">bbPress wp tweaks plugin page & Documentation\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>What is next\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fveppa.com\u002Fhttp-requests-manager\u002F\" rel=\"nofollow ugc\">WP_HTTP Requests Manager plugin\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fveppa.com\u002Fshare-button\u002F\" rel=\"nofollow ugc\">Native Share Button – without plugin\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fveppa.com\u002Fimprove-pagespeed\u002F\" rel=\"nofollow ugc\">Improve PageSpeed\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Adds bbPress forum specific sidebar, wrapper, widgets, user columns, login links and other tweaks.",77198,84,11,"2025-12-10T03:48:00.000Z","4.7",[20,21,209,210,211],"forum-sidebar","login-links","sidebar","https:\u002F\u002Fveppa.com\u002Fbbpress-wp-tweaks\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbbpress-wp-tweaks.1.5.1.zip",{"attackSurface":215,"codeSignals":276,"taintFlows":790,"riskAssessment":997,"analyzedAt":1020},{"hooks":216,"ajaxHandlers":272,"restRoutes":273,"shortcodes":274,"cronEvents":275,"entryPointCount":137,"unprotectedCount":137},[217,223,227,231,235,240,245,249,253,256,258,262,265,269],{"type":218,"name":219,"callback":220,"file":221,"line":222},"action","the_content","go","wpf-main.php",18,{"type":218,"name":224,"callback":225,"file":221,"line":226},"admin_head-forum-server\u002Ffs-admin\u002Ffs-admin.php","jquery_init",27,{"type":218,"name":228,"callback":229,"file":221,"line":230},"init","set_cookie",28,{"type":218,"name":232,"callback":233,"file":221,"line":234},"wp_logout","unset_cookie",29,{"type":236,"name":237,"callback":238,"file":221,"line":239},"filter","wp_title","set_pagetitle",30,{"type":218,"name":241,"callback":242,"file":243,"line":244},"admin_menu","add_admin_pages","wpf.class.php",17,{"type":218,"name":246,"callback":247,"file":243,"line":248},"admin_head","admin_header",20,{"type":218,"name":250,"callback":251,"file":243,"line":252},"wp_head","setup_header",23,{"type":218,"name":254,"callback":255,"file":243,"line":110},"plugins_loaded","load_wpf_posts_widget",{"type":218,"name":254,"callback":257,"file":243,"line":234},"load_wpf_topics_widget",{"type":218,"name":259,"callback":260,"file":243,"line":261},"wp_footer","wpf_footer",32,{"type":236,"name":263,"callback":264,"file":243,"line":136},"rewrite_rules_array","set_rewrite_rules",{"type":236,"name":266,"callback":267,"file":243,"line":268},"query_vars","set_rewrite_qvars",38,{"type":236,"name":228,"callback":270,"file":243,"line":271},"do_flush_rules",41,[],[],[],[],{"dangerousFunctions":277,"sqlUsage":282,"outputEscaping":581,"fileOperations":108,"externalRequests":137,"nonceChecks":137,"capabilityChecks":137,"bundledLibraries":789},[278],{"fn":279,"file":243,"line":280,"context":281},"unserialize",2833,"$p = unserialize($u->meta_value);",{"prepared":248,"raw":283,"locations":284},143,[285,289,291,295,297,300,302,304,306,308,310,312,314,316,318,320,322,324,326,328,330,332,334,336,338,341,343,345,347,349,351,353,355,357,359,361,363,365,367,369,371,373,375,377,380,382,384,386,389,391,394,396,398,400,402,404,406,408,410,412,414,416,418,420,422,424,426,428,430,432,434,436,438,440,442,444,446,448,450,452,454,456,458,460,462,464,466,468,470,472,474,476,478,480,482,484,486,488,490,492,494,496,498,500,502,504,506,508,510,512,514,516,518,520,522,524,526,528,530,532,534,536,538,540,542,544,546,548,550,552,554,556,558,560,562,564,566,568,571,573,575,577,579],{"file":286,"line":287,"context":288},"feed.php",21,"$wpdb->get_results() with variable interpolation",{"file":286,"line":290,"context":288},31,{"file":292,"line":293,"context":294},"fs-admin\\fs-admin.php",55,"$wpdb->query() with variable interpolation",{"file":292,"line":296,"context":294},56,{"file":292,"line":298,"context":299},75,"$wpdb->get_var() with variable interpolation",{"file":292,"line":301,"context":294},77,{"file":292,"line":303,"context":294},148,{"file":292,"line":305,"context":299},352,{"file":292,"line":307,"context":288},608,{"file":292,"line":309,"context":288},612,{"file":292,"line":311,"context":294},614,{"file":292,"line":313,"context":294},618,{"file":292,"line":315,"context":294},621,{"file":292,"line":317,"context":294},624,{"file":292,"line":319,"context":288},632,{"file":292,"line":321,"context":294},635,{"file":292,"line":323,"context":294},638,{"file":292,"line":325,"context":294},639,{"file":292,"line":327,"context":299},670,{"file":292,"line":329,"context":299},673,{"file":292,"line":331,"context":294},675,{"file":292,"line":333,"context":299},695,{"file":292,"line":335,"context":299},698,{"file":292,"line":337,"context":294},700,{"file":292,"line":339,"context":340},817,"$wpdb->get_row() with variable interpolation",{"file":292,"line":342,"context":340},818,{"file":292,"line":344,"context":294},820,{"file":292,"line":346,"context":294},821,{"file":292,"line":348,"context":340},827,{"file":292,"line":350,"context":340},828,{"file":292,"line":352,"context":294},830,{"file":292,"line":354,"context":294},831,{"file":292,"line":356,"context":340},837,{"file":292,"line":358,"context":340},838,{"file":292,"line":360,"context":294},840,{"file":292,"line":362,"context":294},841,{"file":292,"line":364,"context":340},847,{"file":292,"line":366,"context":340},848,{"file":292,"line":368,"context":294},850,{"file":292,"line":370,"context":294},851,{"file":292,"line":372,"context":294},865,{"file":292,"line":374,"context":299},869,{"file":292,"line":376,"context":288},1006,{"file":378,"line":379,"context":294},"fs-admin\\wpf-edit-forum-group.php",19,{"file":378,"line":381,"context":294},34,{"file":383,"line":205,"context":299},"fs-admin\\wpf-usergroup-edit.php",{"file":383,"line":385,"context":294},15,{"file":387,"line":388,"context":294},"wpf-insert.php",78,{"file":387,"line":390,"context":299},86,{"file":392,"line":393,"context":340},"wpf-post.php",13,{"file":392,"line":395,"context":340},71,{"file":243,"line":397,"context":288},270,{"file":243,"line":399,"context":288},285,{"file":243,"line":401,"context":299},428,{"file":243,"line":403,"context":288},435,{"file":243,"line":405,"context":288},440,{"file":243,"line":407,"context":288},444,{"file":243,"line":409,"context":288},454,{"file":243,"line":411,"context":288},458,{"file":243,"line":413,"context":288},465,{"file":243,"line":415,"context":288},479,{"file":243,"line":417,"context":299},489,{"file":243,"line":419,"context":299},493,{"file":243,"line":421,"context":299},497,{"file":243,"line":423,"context":299},501,{"file":243,"line":425,"context":299},507,{"file":243,"line":427,"context":299},511,{"file":243,"line":429,"context":340},703,{"file":243,"line":431,"context":340},709,{"file":243,"line":433,"context":299},866,{"file":243,"line":435,"context":294},913,{"file":243,"line":437,"context":299},1046,{"file":243,"line":439,"context":299},1056,{"file":243,"line":441,"context":299},1224,{"file":243,"line":443,"context":299},1229,{"file":243,"line":445,"context":299},1234,{"file":243,"line":447,"context":299},1240,{"file":243,"line":449,"context":299},1246,{"file":243,"line":451,"context":299},1251,{"file":243,"line":453,"context":299},1256,{"file":243,"line":455,"context":340},1262,{"file":243,"line":457,"context":299},1278,{"file":243,"line":459,"context":299},1285,{"file":243,"line":461,"context":288},1300,{"file":243,"line":463,"context":288},1306,{"file":243,"line":465,"context":299},1313,{"file":243,"line":467,"context":299},1399,{"file":243,"line":469,"context":299},1404,{"file":243,"line":471,"context":288},1427,{"file":243,"line":473,"context":288},1433,{"file":243,"line":475,"context":288},1447,{"file":243,"line":477,"context":294},1608,{"file":243,"line":479,"context":294},1609,{"file":243,"line":481,"context":294},1611,{"file":243,"line":483,"context":294},1612,{"file":243,"line":485,"context":294},1614,{"file":243,"line":487,"context":294},1615,{"file":243,"line":489,"context":294},1617,{"file":243,"line":491,"context":294},1618,{"file":243,"line":493,"context":294},1620,{"file":243,"line":495,"context":294},1621,{"file":243,"line":497,"context":294},1623,{"file":243,"line":499,"context":294},1624,{"file":243,"line":501,"context":294},1626,{"file":243,"line":503,"context":294},1627,{"file":243,"line":505,"context":299},1650,{"file":243,"line":507,"context":299},1660,{"file":243,"line":509,"context":299},1673,{"file":243,"line":511,"context":299},1686,{"file":243,"line":513,"context":299},1700,{"file":243,"line":515,"context":288},1871,{"file":243,"line":517,"context":299},1917,{"file":243,"line":519,"context":299},1920,{"file":243,"line":521,"context":299},1942,{"file":243,"line":523,"context":299},1946,{"file":243,"line":525,"context":299},1950,{"file":243,"line":527,"context":288},2122,{"file":243,"line":529,"context":299},2143,{"file":243,"line":531,"context":299},2164,{"file":243,"line":533,"context":294},2185,{"file":243,"line":535,"context":294},2186,{"file":243,"line":537,"context":299},2247,{"file":243,"line":539,"context":299},2259,{"file":243,"line":541,"context":294},2264,{"file":243,"line":543,"context":294},2265,{"file":243,"line":545,"context":294},2270,{"file":243,"line":547,"context":299},2290,{"file":243,"line":549,"context":294},2294,{"file":243,"line":551,"context":294},2297,{"file":243,"line":553,"context":299},2347,{"file":243,"line":555,"context":299},2375,{"file":243,"line":557,"context":299},2456,{"file":243,"line":559,"context":288},2474,{"file":243,"line":561,"context":299},2491,{"file":243,"line":563,"context":299},2512,{"file":243,"line":565,"context":299},2718,{"file":243,"line":567,"context":288},2816,{"file":569,"line":570,"context":288},"wpf_pro.php",72,{"file":569,"line":572,"context":299},164,{"file":569,"line":574,"context":299},165,{"file":569,"line":576,"context":299},173,{"file":569,"line":578,"context":299},175,{"file":569,"line":580,"context":294},178,{"escaped":108,"rawEcho":582,"locations":583},117,[584,587,589,591,593,594,596,598,599,600,602,603,605,607,609,611,613,615,617,619,621,623,625,626,628,630,632,633,635,637,639,641,643,645,647,648,650,652,654,656,658,660,662,664,666,668,670,672,674,676,678,680,682,684,686,688,690,693,694,695,698,701,703,705,706,708,710,711,712,714,716,717,718,719,720,722,724,726,728,730,732,733,734,735,737,739,740,741,742,743,744,745,746,748,749,750,752,754,756,758,760,762,764,766,768,770,772,773,775,777,779,780,781,783,784,785,787],{"file":286,"line":585,"context":586},40,"raw output",{"file":286,"line":588,"context":586},43,{"file":286,"line":590,"context":586},44,{"file":286,"line":592,"context":586},45,{"file":286,"line":570,"context":586},{"file":286,"line":595,"context":586},73,{"file":286,"line":597,"context":586},74,{"file":286,"line":298,"context":586},{"file":286,"line":135,"context":586},{"file":292,"line":601,"context":586},141,{"file":292,"line":283,"context":586},{"file":292,"line":604,"context":586},146,{"file":292,"line":606,"context":586},149,{"file":292,"line":608,"context":586},162,{"file":292,"line":610,"context":586},167,{"file":292,"line":612,"context":586},176,{"file":292,"line":614,"context":586},193,{"file":292,"line":616,"context":586},203,{"file":292,"line":618,"context":586},208,{"file":292,"line":620,"context":586},214,{"file":292,"line":622,"context":586},215,{"file":292,"line":624,"context":586},257,{"file":292,"line":397,"context":586},{"file":292,"line":627,"context":586},287,{"file":292,"line":629,"context":586},295,{"file":292,"line":631,"context":586},329,{"file":292,"line":124,"context":586},{"file":292,"line":634,"context":586},401,{"file":292,"line":636,"context":586},437,{"file":292,"line":638,"context":586},443,{"file":292,"line":640,"context":586},482,{"file":292,"line":642,"context":586},483,{"file":292,"line":644,"context":586},499,{"file":292,"line":646,"context":586},503,{"file":292,"line":427,"context":586},{"file":292,"line":649,"context":586},517,{"file":292,"line":651,"context":586},524,{"file":292,"line":653,"context":586},529,{"file":292,"line":655,"context":586},533,{"file":292,"line":657,"context":586},711,{"file":292,"line":659,"context":586},713,{"file":292,"line":661,"context":586},715,{"file":292,"line":663,"context":586},717,{"file":292,"line":665,"context":586},737,{"file":292,"line":667,"context":586},743,{"file":292,"line":669,"context":586},757,{"file":292,"line":671,"context":586},784,{"file":292,"line":673,"context":586},796,{"file":292,"line":675,"context":586},934,{"file":292,"line":677,"context":586},937,{"file":292,"line":679,"context":586},952,{"file":292,"line":681,"context":586},957,{"file":292,"line":683,"context":586},975,{"file":292,"line":685,"context":586},979,{"file":292,"line":687,"context":586},986,{"file":292,"line":689,"context":586},997,{"file":691,"line":692,"context":586},"fs-admin\\wpf-add-forum.php",3,{"file":691,"line":26,"context":586},{"file":691,"line":110,"context":586},{"file":696,"line":697,"context":586},"fs-admin\\wpf-add-group.php",4,{"file":699,"line":700,"context":586},"fs-admin\\wpf-add-usergroup.php",5,{"file":699,"line":702,"context":586},9,{"file":704,"line":26,"context":586},"fs-admin\\wpf-addusers.php",{"file":704,"line":248,"context":586},{"file":704,"line":707,"context":586},22,{"file":704,"line":709,"context":586},25,{"file":704,"line":234,"context":586},{"file":704,"line":381,"context":586},{"file":704,"line":713,"context":586},37,{"file":378,"line":715,"context":586},10,{"file":378,"line":385,"context":586},{"file":378,"line":707,"context":586},{"file":378,"line":261,"context":586},{"file":378,"line":136,"context":586},{"file":378,"line":721,"context":586},47,{"file":378,"line":723,"context":586},51,{"file":378,"line":725,"context":586},64,{"file":378,"line":727,"context":586},79,{"file":378,"line":729,"context":586},83,{"file":378,"line":731,"context":586},87,{"file":378,"line":168,"context":586},{"file":378,"line":150,"context":586},{"file":378,"line":582,"context":586},{"file":378,"line":736,"context":586},121,{"file":738,"line":205,"context":586},"fs-admin\\wpf-moderator.php",{"file":738,"line":226,"context":586},{"file":738,"line":261,"context":586},{"file":738,"line":136,"context":586},{"file":738,"line":713,"context":586},{"file":738,"line":588,"context":586},{"file":383,"line":702,"context":586},{"file":383,"line":14,"context":586},{"file":383,"line":747,"context":586},16,{"file":383,"line":252,"context":586},{"file":383,"line":110,"context":586},{"file":243,"line":751,"context":586},245,{"file":243,"line":753,"context":586},271,{"file":243,"line":755,"context":586},272,{"file":243,"line":757,"context":586},277,{"file":243,"line":759,"context":586},280,{"file":243,"line":761,"context":586},289,{"file":243,"line":763,"context":586},306,{"file":243,"line":765,"context":586},310,{"file":243,"line":767,"context":586},317,{"file":243,"line":769,"context":586},330,{"file":243,"line":771,"context":586},1327,{"file":243,"line":771,"context":586},{"file":243,"line":774,"context":586},1328,{"file":243,"line":776,"context":586},1335,{"file":243,"line":778,"context":586},1337,{"file":569,"line":597,"context":586},{"file":569,"line":298,"context":586},{"file":569,"line":782,"context":586},80,{"file":569,"line":729,"context":586},{"file":569,"line":149,"context":586},{"file":569,"line":786,"context":586},102,{"file":569,"line":788,"context":586},109,[],[791,809,819,830,842,854,864,874,899,929,942,955,964,974],{"entryPoint":792,"graph":793,"unsanitizedCount":108,"severity":38},"go (wpf.class.php:537)",{"nodes":794,"edges":806},[795,800],{"id":796,"type":797,"label":798,"file":243,"line":799},"n0","source","$_GET",586,{"id":801,"type":802,"label":803,"file":243,"line":804,"wp_function":805},"n1","sink","header() [Header Injection]",591,"header",[807],{"from":796,"to":801,"sanitized":808},false,{"entryPoint":810,"graph":811,"unsanitizedCount":108,"severity":38},"remove_topic (wpf.class.php:2181)",{"nodes":812,"edges":817},[813,816],{"id":796,"type":797,"label":814,"file":243,"line":815},"$_GET['f']",2187,{"id":801,"type":802,"label":803,"file":243,"line":815,"wp_function":805},[818],{"from":796,"to":801,"sanitized":808},{"entryPoint":820,"graph":821,"unsanitizedCount":108,"severity":38},"move_topic (wpf.class.php:2224)",{"nodes":822,"edges":828},[823,826],{"id":796,"type":797,"label":824,"file":243,"line":825},"$_POST",2229,{"id":801,"type":802,"label":803,"file":243,"line":827,"wp_function":805},2235,[829],{"from":796,"to":801,"sanitized":808},{"entryPoint":831,"graph":832,"unsanitizedCount":692,"severity":841},"\u003Cfeed> (feed.php:0)",{"nodes":833,"edges":839},[834,836],{"id":796,"type":797,"label":835,"file":286,"line":226},"$_GET (x3)",{"id":801,"type":802,"label":837,"file":286,"line":588,"wp_function":838},"echo() [XSS]","echo",[840],{"from":796,"to":801,"sanitized":808},"low",{"entryPoint":843,"graph":844,"unsanitizedCount":108,"severity":841},"activate_skin (fs-admin\\fs-admin.php:228)",{"nodes":845,"edges":852},[846,848],{"id":796,"type":797,"label":798,"file":292,"line":847},237,{"id":801,"type":802,"label":849,"file":292,"line":850,"wp_function":851},"update_option() [Settings Manipulation]",247,"update_option",[853],{"from":796,"to":801,"sanitized":808},{"entryPoint":855,"graph":856,"unsanitizedCount":108,"severity":841},"option_save (fs-admin\\fs-admin.php:555)",{"nodes":857,"edges":862},[858,860],{"id":796,"type":797,"label":824,"file":292,"line":859},573,{"id":801,"type":802,"label":849,"file":292,"line":861,"wp_function":851},576,[863],{"from":796,"to":801,"sanitized":808},{"entryPoint":865,"graph":866,"unsanitizedCount":108,"severity":841},"\u003Cwpf-usergroup-edit> (fs-admin\\wpf-usergroup-edit.php:0)",{"nodes":867,"edges":872},[868,871],{"id":796,"type":797,"label":869,"file":383,"line":870},"$_GET['usergroup_id']",33,{"id":801,"type":802,"label":837,"file":383,"line":110,"wp_function":838},[873],{"from":796,"to":801,"sanitized":808},{"entryPoint":875,"graph":876,"unsanitizedCount":747,"severity":78},"move_up_down (fs-admin\\fs-admin.php:809)",{"nodes":877,"edges":895},[878,880,883,886,888,891],{"id":796,"type":797,"label":879,"file":292,"line":339},"$_GET['id'] (x4)",{"id":801,"type":802,"label":881,"file":292,"line":339,"wp_function":882},"get_row() [SQLi]","get_row",{"id":884,"type":797,"label":885,"file":292,"line":339},"n2","$_GET (x4)",{"id":887,"type":802,"label":881,"file":292,"line":342,"wp_function":882},"n3",{"id":889,"type":797,"label":890,"file":292,"line":339},"n4","$_GET (x8)",{"id":892,"type":802,"label":893,"file":292,"line":344,"wp_function":894},"n5","query() [SQLi]","query",[896,897,898],{"from":796,"to":801,"sanitized":808},{"from":884,"to":887,"sanitized":808},{"from":889,"to":892,"sanitized":808},{"entryPoint":900,"graph":901,"unsanitizedCount":248,"severity":78},"\u003Cfs-admin> (fs-admin\\fs-admin.php:0)",{"nodes":902,"edges":922},[903,904,905,906,907,909,910,912,914,916,918,920],{"id":796,"type":797,"label":798,"file":292,"line":847},{"id":801,"type":802,"label":849,"file":292,"line":850,"wp_function":851},{"id":884,"type":797,"label":824,"file":292,"line":859},{"id":887,"type":802,"label":849,"file":292,"line":861,"wp_function":851},{"id":889,"type":797,"label":908,"file":292,"line":11},"$_POST (x2)",{"id":892,"type":802,"label":837,"file":292,"line":669,"wp_function":838},{"id":911,"type":797,"label":879,"file":292,"line":339},"n6",{"id":913,"type":802,"label":881,"file":292,"line":339,"wp_function":882},"n7",{"id":915,"type":797,"label":885,"file":292,"line":339},"n8",{"id":917,"type":802,"label":881,"file":292,"line":342,"wp_function":882},"n9",{"id":919,"type":797,"label":890,"file":292,"line":339},"n10",{"id":921,"type":802,"label":893,"file":292,"line":344,"wp_function":894},"n11",[923,924,925,926,927,928],{"from":796,"to":801,"sanitized":808},{"from":884,"to":887,"sanitized":808},{"from":889,"to":892,"sanitized":808},{"from":911,"to":913,"sanitized":808},{"from":915,"to":917,"sanitized":808},{"from":919,"to":921,"sanitized":808},{"entryPoint":930,"graph":931,"unsanitizedCount":715,"severity":78},"\u003Cwpf-insert> (wpf-insert.php:0)",{"nodes":932,"edges":939},[933,935,936,938],{"id":796,"type":797,"label":934,"file":387,"line":230},"$_POST (x4)",{"id":801,"type":802,"label":893,"file":387,"line":590,"wp_function":894},{"id":884,"type":797,"label":937,"file":387,"line":239},"$_POST (x6)",{"id":887,"type":802,"label":803,"file":387,"line":723,"wp_function":805},[940,941],{"from":796,"to":801,"sanitized":808},{"from":884,"to":887,"sanitized":808},{"entryPoint":943,"graph":944,"unsanitizedCount":108,"severity":78},"showthread (wpf.class.php:869)",{"nodes":945,"edges":952},[946,948,951],{"id":796,"type":797,"label":798,"file":243,"line":947},889,{"id":801,"type":949,"label":950,"file":243,"line":947},"transform","→ set_post_reputation()",{"id":884,"type":802,"label":893,"file":569,"line":580,"wp_function":894},[953,954],{"from":796,"to":801,"sanitized":808},{"from":801,"to":884,"sanitized":808},{"entryPoint":956,"graph":957,"unsanitizedCount":108,"severity":78},"remove_post (wpf.class.php:2244)",{"nodes":958,"edges":962},[959,961],{"id":796,"type":797,"label":798,"file":243,"line":960},2246,{"id":801,"type":802,"label":893,"file":243,"line":541,"wp_function":894},[963],{"from":796,"to":801,"sanitized":808},{"entryPoint":965,"graph":966,"unsanitizedCount":108,"severity":78},"closed_post (wpf.class.php:2354)",{"nodes":967,"edges":972},[968,970],{"id":796,"type":797,"label":798,"file":243,"line":969},2363,{"id":801,"type":802,"label":893,"file":243,"line":971,"wp_function":894},2366,[973],{"from":796,"to":801,"sanitized":808},{"entryPoint":975,"graph":976,"unsanitizedCount":26,"severity":78},"\u003Cwpf.class> (wpf.class.php:0)",{"nodes":977,"edges":990},[978,979,980,981,982,983,984,986,987,988,989],{"id":796,"type":797,"label":798,"file":243,"line":799},{"id":801,"type":802,"label":803,"file":243,"line":804,"wp_function":805},{"id":884,"type":797,"label":814,"file":243,"line":815},{"id":887,"type":802,"label":803,"file":243,"line":815,"wp_function":805},{"id":889,"type":797,"label":824,"file":243,"line":825},{"id":892,"type":802,"label":803,"file":243,"line":827,"wp_function":805},{"id":911,"type":797,"label":985,"file":243,"line":960},"$_GET (x2)",{"id":913,"type":802,"label":893,"file":243,"line":541,"wp_function":894},{"id":915,"type":797,"label":798,"file":243,"line":947},{"id":917,"type":949,"label":950,"file":243,"line":947},{"id":919,"type":802,"label":893,"file":569,"line":580,"wp_function":894},[991,992,993,994,995,996],{"from":796,"to":801,"sanitized":808},{"from":884,"to":887,"sanitized":808},{"from":889,"to":892,"sanitized":808},{"from":911,"to":913,"sanitized":808},{"from":915,"to":917,"sanitized":808},{"from":917,"to":919,"sanitized":808},{"summary":998,"deductions":999},"The 'forum-server' plugin v1.8.2 exhibits a concerning security posture, heavily outweighed by significant risks despite a seemingly limited attack surface. The static analysis reveals a critical flaw in the use of `unserialize`, which is a known vector for remote code execution if used with untrusted input. Furthermore, the taint analysis indicates a high prevalence of unsanitized paths (100% of analyzed flows), with 7 flows marked as high severity, suggesting potential data leakage or manipulation vulnerabilities. The complete lack of nonce checks and capability checks on any entry points, combined with a very low percentage of properly escaped output (1%), amplifies these risks, making it highly susceptible to various injection attacks.\n\nThe vulnerability history is also alarming. Six known CVEs, with two still unpatched, including one critical and two high-severity vulnerabilities, demonstrate a recurring pattern of security weaknesses. The common vulnerability types (CSRF, SQL Injection, XSS) align with the observed code signals (lack of sanitization, raw SQL, unescaped output). The recent nature of the last vulnerability further suggests ongoing security issues. While the plugin reports no external HTTP requests, this offers minimal mitigation against the severe internal code and historical vulnerabilities. In conclusion, this plugin presents a high risk due to its exploitable code patterns, extensive unsanitized data flows, and a history of critical and unpatched vulnerabilities, indicating a lack of robust security development practices.",[1000,1002,1004,1006,1008,1010,1013,1015,1017],{"reason":1001,"points":248},"Unpatched Critical CVE (x1)",{"reason":1003,"points":248},"Unpatched High CVE (x2)",{"reason":1005,"points":248},"High severity taint flows (x7)",{"reason":1007,"points":385},"Dangerous function: unserialize",{"reason":1009,"points":715},"Low percentage of prepared statements (12%)",{"reason":1011,"points":1012},"Very low percentage of properly escaped output (1%)",8,{"reason":1014,"points":715},"No nonce checks",{"reason":1016,"points":715},"No capability checks",{"reason":1018,"points":1019},"14 flows with unsanitized paths",14,"2026-03-16T20:46:21.451Z",{"wat":1022,"direct":1033},{"assetPaths":1023,"generatorPatterns":1028,"scriptPaths":1029,"versionParams":1030},[1024,1025,1026,1027],"\u002Fwp-content\u002Fplugins\u002Fforum-server\u002Fcss\u002Fwpf-style.css","\u002Fwp-content\u002Fplugins\u002Fforum-server\u002Fjs\u002Fwpf.js","\u002Fwp-content\u002Fplugins\u002Fforum-server\u002Fimages\u002Fforum-server-logo.png","\u002Fwp-content\u002Fplugins\u002Fforum-server\u002Fimages\u002Fuser.png",[],[1025],[1031,1032],"forum-server\u002Fcss\u002Fwpf-style.css?ver=","forum-server\u002Fjs\u002Fwpf.js?ver=",{"cssClasses":1034,"htmlComments":1048,"htmlAttributes":1051,"restEndpoints":1055,"jsGlobals":1058,"shortcodeOutput":1061},[1035,1036,1037,1038,1039,1040,1041,1042,1043,1044,1045,1046,1047],"wpf-wrap","wpf-content","wpf-post","wpf-reply","wpf-avatar","wpf-author","wpf-meta","wpf-subject","wpf-date","wpf-message","wpf-forum","wpf-category","wpf-moderator",[1049,1050],"\u003C!-- START WP FORUM SERVER -->","\u003C!-- END WP FORUM SERVER -->",[1052,1053,1054],"data-wpf-forum-id","data-wpf-post-id","data-wpf-user-id",[1056,1057],"\u002Fwp-json\u002Fforum-server\u002Fv1\u002Fposts","\u002Fwp-json\u002Fforum-server\u002Fv1\u002Fusers",[1059,1060],"wpf_ajax_url","wpf_settings",[1062,1063,1064,1065],"[wpf-list-forums]","[wpf-recent-posts]","[wpf-user-profile]","[wpf-search]"]