[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fWVE-FcW3fu2t-yZWmrEm5noYeXyALnGZ6SXEa5dxrYQ":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":47,"crawl_stats":38,"alternatives":54,"analysis":117,"fingerprints":255},"gamipress-link","GamiPress – Link","1.1.5","Ruben Garcia","https:\u002F\u002Fprofiles.wordpress.org\u002Frubengc\u002F","\u003Cp>GamiPress – Link let’s you add activity triggers filtered by link clicks adding new activity events on \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgamipress\u002F\" title=\"GamiPress\" rel=\"ugc\">GamiPress\u003C\u002Fa>!\u003C\u002Fp>\n\u003Cp>Note: This add-on is designed to award users for link clicks, if you want to award them for button clicks, then you should check the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgamipress-button\u002F\" title=\"GamiPress - Button\" rel=\"ugc\">GamiPress – Button\u003C\u002Fa> add-on.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Fram4nUN9bHs?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch4>New Events\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Click any link: When an user clicks on any link.\u003C\u002Fli>\n\u003Cli>Click a link with a specific URL: When an user clicks on any link with a specific URL.\u003C\u002Fli>\n\u003Cli>Click a link with a specific ID: When an user clicks on any link with a specific identifier (link id attribute).\u003C\u002Fli>\n\u003Cli>Click a link with a specific Class: When an user clicks on any link with a specific class (link class attribute).\u003C\u002Fli>\n\u003Cli>Get a click on any link: When the post\u002Fcomment author gets clicks on any link.\u003C\u002Fli>\n\u003Cli>Get a click on a link with a specific URL: When the post\u002Fcomment author gets clicks on any link with a specific URL.\u003C\u002Fli>\n\u003Cli>Get a click on a link with a specific ID: When the post\u002Fcomment author gets clicks on any link with a specific identifier (link id attribute).\u003C\u002Fli>\n\u003Cli>Get a click on a link with a specific Class: When the post\u002Fcomment author gets clicks on any link with a specific class (link class attribute).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Important: The unique links that trigger this activities are the links generated by [gamipress_link] shortcode.\u003C\u002Fp>\n","Add activity events based on link clicks generated by [gamipress_link]",900,22584,100,2,"2025-12-01T16:00:00.000Z","6.9.4","4.4","",[20,21,22,23,24],"click","gamification","gamify","gamipress","link","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgamipress-link\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgamipress-link.1.1.5.zip",99,1,0,"2024-06-04 20:43:51","2026-03-15T15:16:48.613Z",[33],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":6,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":30,"updated_date":44,"references":45,"days_to_patch":28},"CVE-2024-5536","gamipress-link-authenticated-contributor-stored-cross-site-scripting","GamiPress – Link \u003C= 1.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting","The GamiPress – Link plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's gamipress_link shortcode in all versions up to, and including, 1.1.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",null,"\u003C=1.1.4","medium",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-06-05 09:32:47",[46],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F6c3954af-f7db-495c-b6f0-49f24d6f4b18?source=api-prod",{"slug":48,"display_name":7,"profile_url":8,"plugin_count":49,"total_installs":50,"avg_security_score":27,"avg_patch_time_days":51,"trust_score":52,"computed_at":53},"rubengc",30,24720,139,78,"2026-04-04T05:28:58.411Z",[55,70,84,95,106],{"slug":56,"name":57,"version":58,"author":7,"author_profile":8,"description":59,"short_description":60,"active_installs":61,"downloaded":62,"rating":63,"num_ratings":14,"last_updated":64,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":65,"homepage":67,"download_link":68,"security_score":27,"vuln_count":14,"unpatched_count":29,"last_vuln_date":69,"fetched_at":31},"gamipress-button","GamiPress – Button","1.0.9","\u003Cp>GamiPress – Button let’s you add activity triggers filtered by button clicks adding new activity events on \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgamipress\u002F\" title=\"GamiPress\" rel=\"ugc\">GamiPress\u003C\u002Fa>!\u003C\u002Fp>\n\u003Cp>Note: This add-on is designed to award users for button clicks, if you want to award them for link clicks, then you should check the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgamipress-link\u002F\" title=\"GamiPress - Link\" rel=\"ugc\">GamiPress – Link\u003C\u002Fa> add-on.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FIW9ZcGaWDBM?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch4>New Events\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Click any button: When a user clicks on any button.\u003C\u002Fli>\n\u003Cli>Click a button with a specific ID: When a user clicks on any button with a specific identifier (button id attribute).\u003C\u002Fli>\n\u003Cli>Click a button with a specific Class: When a user clicks on any button with a specific class (button class attribute).\u003C\u002Fli>\n\u003Cli>Get a click on any button: When the post\u002Fcomment author gets clicks on any button.\u003C\u002Fli>\n\u003Cli>Get a click on a button with a specific ID: When the post\u002Fcomment author gets clicks on any button with a specific identifier (button id attribute).\u003C\u002Fli>\n\u003Cli>Get a click on a button with a specific Class: When the post\u002Fcomment author gets clicks on any button with a specific class (button class attribute).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Important: The unique buttons that trigger this activities are the buttons generated by [gamipress_button] shortcode.\u003C\u002Fp>\n","Add activity events based on button clicks generated by [gamipress_button]",1000,20300,60,"2025-12-01T15:58:00.000Z",[66,20,21,22,23],"button","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgamipress-button\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgamipress-button.1.0.9.zip","2024-03-19 00:00:00",{"slug":71,"name":72,"version":58,"author":7,"author_profile":8,"description":73,"short_description":74,"active_installs":75,"downloaded":76,"rating":29,"num_ratings":29,"last_updated":77,"tested_up_to":78,"requires_at_least":17,"requires_php":18,"tags":79,"homepage":82,"download_link":83,"security_score":13,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"gamipress-leaderboards-include-exclude-users","GamiPress – Leaderboards Include\u002FExclude Users","\u003Cp>GamiPress – Leaderboards Include\u002FExclude Users let’s you include and\u002For exclude users that will be ranked on a \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgamipress\u002F\" title=\"GamiPress\" rel=\"ugc\">GamiPress\u003C\u002Fa> leaderboard!\u003C\u002Fp>\n\u003Cp>In addition, plugin includes settings to include and\u002For exclude users by role.\u003C\u002Fp>\n\u003Cp>Important: This plugin requires \u003Ca href=\"https:\u002F\u002Fgamipress.com\u002Fadd-ons\u002Fgamipress-leaderboards\u002F\" title=\"GamiPress - Leaderboards\" rel=\"nofollow ugc\">GamiPress – Leaderboards\u003C\u002Fa> add-on.\u003C\u002Fp>\n","Include or exclude specific users or roles on any leaderboard.",500,14838,"2025-12-01T15:59:00.000Z","6.1.10",[80,21,22,23,81],"achievement","point","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgamipress-leaderboards-include-exclude-users","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgamipress-leaderboards-include-exclude-users.1.0.9.zip",{"slug":85,"name":86,"version":87,"author":7,"author_profile":8,"description":88,"short_description":89,"active_installs":90,"downloaded":91,"rating":13,"num_ratings":14,"last_updated":64,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":92,"homepage":93,"download_link":94,"security_score":13,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"gamipress-block-users","GamiPress – Block Users","1.0.2","\u003Cp>GamiPress – Block Users let’s you block users and roles from getting awarded through the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgamipress\u002F\" title=\"GamiPress\" rel=\"ugc\">GamiPress\u003C\u002Fa> awards engine!\u003C\u002Fp>\n\u003Cp>In addition, blocked users activity won’t be registered on logs what makes it ideal for stop registering and awarding undesired user roles like site administrators.\u003C\u002Fp>\n","Block users and roles from getting awarded through the GamiPress awards engine",400,10544,[80,21,22,23,81],"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgamipress-block-users\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgamipress-block-users.1.0.2.zip",{"slug":96,"name":97,"version":98,"author":7,"author_profile":8,"description":99,"short_description":100,"active_installs":101,"downloaded":102,"rating":29,"num_ratings":29,"last_updated":64,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":103,"homepage":104,"download_link":105,"security_score":13,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"gamipress-buddypress-group-leaderboard","GamiPress – BuddyPress Group Leaderboard","1.1.4","\u003Cp>GamiPress – BuddyPress Group Leaderboard let’s you add new tab on \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbuddypress\u002F\" title=\"BuddyPress\" rel=\"ugc\">BuddyPress\u003C\u002Fa> groups with a \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgamipress\u002F\" title=\"GamiPress\" rel=\"ugc\">GamiPress\u003C\u002Fa> leaderboard of group members!\u003C\u002Fp>\n\u003Cp>Through the GamiPress settings you will be able to configure the metrics by which group members should be ranked and the columns to show.\u003C\u002Fp>\n\u003Cp>Important: This plugin requires \u003Ca href=\"https:\u002F\u002Fgamipress.com\u002Fadd-ons\u002Fgamipress-leaderboards\u002F\" title=\"GamiPress - Leaderboards\" rel=\"nofollow ugc\">GamiPress – Leaderboards\u003C\u002Fa> add-on.\u003C\u002Fp>\n","Add a completely configurable tab on BuddyPress groups with a GamiPress leaderboard of group members",300,16413,[80,21,22,23,81],"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgamipress-buddypress-group-leaderboard\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgamipress-buddypress-group-leaderboard.1.1.4.zip",{"slug":107,"name":108,"version":109,"author":7,"author_profile":8,"description":110,"short_description":111,"active_installs":112,"downloaded":113,"rating":13,"num_ratings":28,"last_updated":77,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":114,"homepage":115,"download_link":116,"security_score":13,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"gamipress-emails-by-type","GamiPress – Emails By Type","1.0.3","\u003Cp>GamiPress – Emails By Type let’s you set different emails settings by type for \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgamipress\u002F\" title=\"GamiPress\" rel=\"ugc\">GamiPress\u003C\u002Fa>!\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Ability to set achievement and step emails by achievement type.\u003C\u002Fli>\n\u003Cli>Ability to set achievement and step emails by single achievement.\u003C\u002Fli>\n\u003Cli>Ability to set points awards and deductions emails by points type.\u003C\u002Fli>\n\u003Cli>Ability to set rank and rank requirements emails by rank type.\u003C\u002Fli>\n\u003Cli>Ability to set rank and rank requirements emails by single rank.\u003C\u002Fli>\n\u003Cli>Ability to disable any email by achievement type, single achievement, by points type, by rank type or by single rank.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Settings hierarchy\u003C\u002Fh4>\n\u003Cp>On achievements and ranks, you have the ability to set custom settings by a single item or to the whole type, the settings will be applied in following order:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Single item (achievement or rank) settings -> Type settings (achievement or rank type) -> Emails settings\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you leave empty the emails settings of a single item then type settings will be applied.\u003Cbr \u002F>\nIf type settings are empty, then will be applied emails setting.\u003C\u002Fp>\n","Set different emails settings by type",200,8188,[80,21,22,23,81],"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgamipress-emails-by-type\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgamipress-emails-by-type.1.0.3.zip",{"attackSurface":118,"codeSignals":221,"taintFlows":245,"riskAssessment":246,"analyzedAt":254},{"hooks":119,"ajaxHandlers":208,"restRoutes":218,"shortcodes":219,"cronEvents":220,"entryPointCount":14,"unprotectedCount":29},[120,124,128,134,140,144,148,153,157,161,165,171,175,179,183,187,191,195,200,204],{"type":121,"name":122,"callback":122,"file":123,"line":13},"action","admin_notices","gamipress-link.php",{"type":121,"name":125,"callback":126,"file":123,"line":127},"plugins_loaded","GamiPress_Link",205,{"type":129,"name":130,"callback":131,"file":132,"line":133},"filter","gamipress_automatic_updates_plugins","gamipress_link_automatic_updates","includes\\admin.php",26,{"type":129,"name":135,"callback":136,"priority":137,"file":138,"line":139},"gamipress_log_event_trigger_meta_data","gamipress_link_log_event_trigger_meta_data",10,"includes\\logs.php",51,{"type":129,"name":141,"callback":142,"priority":137,"file":138,"line":143},"gamipress_get_user_trigger_count_log_meta","gamipress_link_get_user_trigger_count_log_meta",124,{"type":129,"name":145,"callback":146,"priority":137,"file":138,"line":147},"gamipress_log_extra_data_fields","gamipress_link_log_extra_data_fields",226,{"type":129,"name":149,"callback":150,"priority":137,"file":151,"line":152},"gamipress_requirement_object","gamipress_link_requirement_object","includes\\requirements.php",50,{"type":121,"name":154,"callback":155,"priority":137,"file":151,"line":156},"gamipress_requirement_ui_html_after_achievement_post","gamipress_link_requirement_ui_fields",70,{"type":121,"name":158,"callback":159,"priority":137,"file":151,"line":160},"gamipress_ajax_update_requirement","gamipress_link_ajax_update_requirement",106,{"type":121,"name":162,"callback":163,"priority":137,"file":151,"line":164},"gamipress_requirement_ui_html_after_requirement_title","gamipress_link_shortcode_preview",129,{"type":129,"name":166,"callback":167,"priority":168,"file":169,"line":170},"gamipress_get_triggered_requirements","gamipress_link_filter_triggered_requirements",20,"includes\\rules-engine.php",121,{"type":129,"name":172,"callback":173,"priority":137,"file":169,"line":174},"user_has_access_to_achievement","gamipress_link_user_has_access_to_achievement",152,{"type":121,"name":176,"callback":177,"file":178,"line":133},"init","gamipress_link_register_scripts","includes\\scripts.php",{"type":121,"name":180,"callback":181,"priority":13,"file":178,"line":182},"wp_enqueue_scripts","gamipress_link_enqueue_scripts",48,{"type":121,"name":184,"callback":185,"file":178,"line":186},"admin_init","gamipress_link_admin_register_scripts",64,{"type":121,"name":188,"callback":189,"priority":13,"file":178,"line":190},"admin_enqueue_scripts","gamipress_link_admin_enqueue_scripts",84,{"type":121,"name":176,"callback":192,"file":193,"line":194},"gamipress_register_link_shortcode","includes\\shortcodes\\gamipress_link.php",62,{"type":129,"name":196,"callback":197,"file":198,"line":199},"gamipress_activity_triggers","gamipress_link_activity_triggers","includes\\triggers.php",40,{"type":129,"name":201,"callback":202,"priority":137,"file":198,"line":203},"gamipress_activity_trigger_label","gamipress_link_activity_trigger_label",85,{"type":129,"name":205,"callback":206,"priority":137,"file":198,"line":207},"gamipress_trigger_get_user_id","gamipress_link_trigger_get_user_id",119,[209,216],{"action":210,"nopriv":211,"callback":212,"hasNonce":213,"hasCapCheck":211,"file":214,"line":215},"gamipress_link_click",false,"gamipress_ajax_link_click",true,"includes\\ajax-functions.php",95,{"action":210,"nopriv":213,"callback":212,"hasNonce":213,"hasCapCheck":211,"file":214,"line":217},96,[],[],[],{"dangerousFunctions":222,"sqlUsage":223,"outputEscaping":225,"fileOperations":29,"externalRequests":29,"nonceChecks":28,"capabilityChecks":29,"bundledLibraries":244},[],{"prepared":29,"raw":29,"locations":224},[],{"escaped":226,"rawEcho":137,"locations":227},23,[228,230,232,233,235,236,238,239,240,242],{"file":151,"line":186,"context":229},"raw output",{"file":151,"line":231,"context":229},65,{"file":151,"line":231,"context":229},{"file":151,"line":234,"context":229},66,{"file":151,"line":234,"context":229},{"file":151,"line":237,"context":229},120,{"file":151,"line":170,"context":229},{"file":151,"line":143,"context":229},{"file":193,"line":241,"context":229},97,{"file":193,"line":243,"context":229},98,[],[],{"summary":247,"deductions":248},"The gamipress-link plugin v1.1.5 demonstrates a generally good security posture based on the static analysis. The absence of unauthenticated AJAX handlers, REST API routes, shortcodes, and cron events significantly limits the potential attack surface.  Furthermore, the code strictly uses prepared statements for all SQL queries and includes nonce checks, which are strong indicators of secure coding practices. The lack of file operations and external HTTP requests further reduces common attack vectors.\n\nHowever, there are some areas for improvement.  While the majority of output is properly escaped, a notable percentage (30%) is not. This could potentially lead to Cross-Site Scripting (XSS) vulnerabilities if malicious input is not handled carefully. The vulnerability history shows a recent medium-severity XSS vulnerability, which aligns with the concern about unescaped output. Although this vulnerability is currently patched, it highlights a recurring pattern that requires ongoing attention.\n\nIn conclusion, gamipress-link v1.1.5 is relatively secure due to its limited attack surface and robust handling of database operations and nonces. The primary concern stems from the unescaped output, which has historically led to XSS vulnerabilities. Continued vigilance in ensuring all output is properly escaped will be crucial for maintaining a strong security profile.",[249,252],{"reason":250,"points":251},"Unescaped output percentage is high",8,{"reason":253,"points":137},"Recent medium vulnerability (XSS)","2026-03-16T19:16:03.508Z",{"wat":256,"direct":265},{"assetPaths":257,"generatorPatterns":260,"scriptPaths":261,"versionParams":262},[258,259],"\u002Fwp-content\u002Fplugins\u002Fgamipress-link\u002Fassets\u002Fjs\u002Fgamipress-link-admin.js","\u002Fwp-content\u002Fplugins\u002Fgamipress-link\u002Fassets\u002Fjs\u002Fgamipress-link.js",[],[259,258],[263,264],"\u002Fwp-content\u002Fplugins\u002Fgamipress-link\u002Fassets\u002Fjs\u002Fgamipress-link.js?ver=","\u002Fwp-content\u002Fplugins\u002Fgamipress-link\u002Fassets\u002Fjs\u002Fgamipress-link-admin.js?ver=",{"cssClasses":266,"htmlComments":267,"htmlAttributes":268,"restEndpoints":269,"jsGlobals":270,"shortcodeOutput":272},[],[],[],[],[271],"gamipress_link",[]]