[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fztmEGSiN8DYWbmO28ufnGKooGLRdRaNCdnQz7r8siUc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":17,"download_link":29,"security_score":30,"vuln_count":13,"unpatched_count":13,"last_vuln_date":31,"fetched_at":32,"vulnerabilities":33,"developer":34,"crawl_stats":31,"alternatives":41,"analysis":137,"fingerprints":364},"gp","GP – GeePress","1.0","Louy Alakkad","https:\u002F\u002Fprofiles.wordpress.org\u002Flouyx\u002F","\u003Cp>GeePress, gives you all the tools you need to integrate your WordPress and Google+, including “Login with Google+” and “Comment via Google+”… Highly customizable and easy to use.\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Allow your visitors to comment using their Google+ accounts\u003C\u002Fli>\n\u003Cli>Allow your blog users to sign in with their Google+ accounts. one click signin!\u003C\u002Fli>\n\u003Cli>Easily customizable by theme authors.\u003C\u002Fli>\n\u003C\u002Ful>\n","All the tools you need to integrate your WordPress and Google+.",40,1904,0,"2013-10-12T20:22:00.000Z","3.5.2","3.0","",[19,20,21,22,23,24,25,26,27,28],"admin","button","comment","comments","connect","google","google-plus","login","oauth","wpmu","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgp.1.0.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":35,"display_name":7,"profile_url":8,"plugin_count":36,"total_installs":37,"avg_security_score":30,"avg_patch_time_days":38,"trust_score":39,"computed_at":40},"louyx",7,8210,30,84,"2026-04-04T06:58:01.481Z",[42,64,85,104,118],{"slug":43,"name":44,"version":16,"author":45,"author_profile":46,"description":47,"short_description":48,"active_installs":49,"downloaded":50,"rating":51,"num_ratings":52,"last_updated":53,"tested_up_to":54,"requires_at_least":55,"requires_php":17,"tags":56,"homepage":59,"download_link":60,"security_score":61,"vuln_count":62,"unpatched_count":13,"last_vuln_date":63,"fetched_at":32},"one-click-close-comments","One Click Close Comments","Scott Reilly","https:\u002F\u002Fprofiles.wordpress.org\u002Fcoffee2code\u002F","\u003Cp>From the admin listing of posts (‘Edit Posts’) and pages (‘Edit Pages’), a user can close or open comments to any posts to which they have sufficient privileges to make such changes (essentially admins and post authors for their own posts). This is done via an AJAX-powered color-coded indicator. The color-coding gives instant feedback on the current status of the post for comments: green means the post\u002Fpage is open to comments, red means the post\u002Fpage is closed to comments. Being AJAX-powered means that the change is submitted in the background after being clicked without requiring a page reload.\u003C\u002Fp>\n\u003Cp>This plugin will only function for administrative users in the admin who have JavaScript enabled.\u003C\u002Fp>\n\u003Cp>Links: \u003Ca href=\"https:\u002F\u002Fcoffee2code.com\u002Fwp-plugins\u002Fone-click-close-comments\u002F\" rel=\"nofollow ugc\">Plugin Homepage\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fone-click-close-comments\u002F\" rel=\"ugc\">Plugin Directory Page\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcoffee2code\u002Fone-click-close-comments\u002F\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fcoffee2code.com\" rel=\"nofollow ugc\">Author Homepage\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Developer Documentation\u003C\u002Fh3>\n\u003Cp>Developer documentation can be found in \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcoffee2code\u002Fone-click-close-comments\u002Fblob\u002Fmaster\u002FDEVELOPER-DOCS.md\" rel=\"nofollow ugc\">DEVELOPER-DOCS.md\u003C\u002Fa>. That documentation covers the hooks provided by the plugin.\u003C\u002Fp>\n\u003Cp>As an overview, these are the hooks provided by the plugin:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>c2c_one_click_close_comments_click_char\u003C\u002Fcode> : Filter to customize the character, string, or markup used as the indicator used to toggle a post’s comment status.\u003C\u002Fli>\n\u003C\u002Ful>\n","Conveniently close or open comments for a post or page with one click from the admin listing of posts.",6000,159941,98,10,"2025-04-17T20:29:00.000Z","6.8.5","4.7",[19,57,21,22,58],"coffee2code","status","https:\u002F\u002Fcoffee2code.com\u002Fwp-plugins\u002Fone-click-close-comments\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fone-click-close-comments.3.0.zip",99,1,"2024-07-26 13:12:00",{"slug":65,"name":65,"version":66,"author":67,"author_profile":68,"description":69,"short_description":70,"active_installs":71,"downloaded":72,"rating":73,"num_ratings":74,"last_updated":75,"tested_up_to":76,"requires_at_least":55,"requires_php":77,"tags":78,"homepage":83,"download_link":84,"security_score":30,"vuln_count":13,"unpatched_count":13,"last_vuln_date":31,"fetched_at":32},"chat-me-now","1.0.2","dfrankortiz","https:\u002F\u002Fprofiles.wordpress.org\u002Fdfrankortiz\u002F","\u003Cp>Integrate WhatsApp support dialog directly into your WordPress website and that will help you to increase leads\u002Fsales from your website. this is well design with lightwight code help to attract users for chat with active agent using WhatApp application.\u003C\u002Fp>\n\u003Ch4>Available fields\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>whatsapp1\u003C\u002Fli>\n\u003Cli>whatsapp2\u003C\u002Fli>\n\u003Cli>whatsapp_active_turn\u003C\u002Fli>\n\u003Cli>icon_color\u003C\u002Fli>\n\u003Cli>background_color\u003C\u002Fli>\n\u003Cli>schedule_turn\u003C\u002Fli>\n\u003Cli>start_message\u003C\u002Fli>\n\u003Cli>active\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Usage\u003C\u002Fh4>\n\u003Cp>Navigate to \u003Ca href=\"https:\u002F\u002Fboliviahub.com\u002Fchat-me-now\" rel=\"nofollow ugc\">the plugin documentation\u003C\u002Fa> if you need more information on how to use this plugin.\u003C\u002Fp>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cp>Find help in \u003Ca href=\"https:\u002F\u002Fboliviahub.com\u002Fchat-me-now\u002F\" rel=\"nofollow ugc\">our support plaftorm\u003C\u002Fa> for this plugin.\u003C\u002Fp>\n","Floating button that opens the WhatsApp chat to the technical support on turn. It allows asign the work schedule up to 2 employees.",5000,42823,100,2,"2021-05-22T11:44:00.000Z","5.7.15","7.0",[79,80,22,81,82],"action-button","chat","support","whatsapp","https:\u002F\u002Fboliviahub.com\u002Fchat-me-now","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fchat-me-now.zip",{"slug":86,"name":87,"version":88,"author":89,"author_profile":90,"description":91,"short_description":92,"active_installs":93,"downloaded":94,"rating":39,"num_ratings":95,"last_updated":96,"tested_up_to":97,"requires_at_least":98,"requires_php":17,"tags":99,"homepage":102,"download_link":103,"security_score":30,"vuln_count":13,"unpatched_count":13,"last_vuln_date":31,"fetched_at":32},"relative-url","Relative URL","0.1.8","Sparanoid","https:\u002F\u002Fprofiles.wordpress.org\u002Fsparanoid\u002F","\u003Cp>Relative URL applies the \u003Ccode>wp_make_link_relative\u003C\u002Fcode> function to links (posts, categories, pages, etc.) to convert them to relative URLs. Useful for developers when debugging local WordPress instance on a mobile device (iPad, iPhone, etc.).\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Notice\u003C\u002Fstrong>: This plugin SHOULD be used for local development only. I haven’t tested on a production environment; it \u003Cstrong>may\u003C\u002Fstrong> work with some issues, like unwanted URLs in RSS feed or sharing URLs are replaced with relative URLs, etc.\u003C\u002Fp>\n\u003Cp>More information please visit my \u003Ca href=\"https:\u002F\u002Fsparanoid.com\u002Fwork\u002Frelative-url\u002F\" rel=\"nofollow ugc\">site\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>For example:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>http:\u002F\u002Flocalhost:8080\u002Fwp\u002F\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Will be converted to:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u002Fwp\u002F\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>And..\u003C\u002Fp>\n\u003Cpre>\u003Ccode>http:\u002F\u002Flocalhost:8080\u002Fwp\u002F2012\u002F09\u002F01\u002Fhello-world\u002F\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Will be converted to:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u002Fwp\u002F2012\u002F09\u002F01\u002Fhello-world\u002F\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>And..\u003C\u002Fp>\n\u003Cpre>\u003Ccode>http:\u002F\u002Flocalhost:8080\u002Fwp\u002Fwp-content\u002Fthemes\u002Ftwentyeleven\u002Fstyle.css\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Will be converted to:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u002Fwp\u002Fwp-content\u002Fthemes\u002Ftwentyeleven\u002Fstyle.css\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Then after activating this plugin, you can simply access your local instance using \u003Ccode>http:\u002F\u002F10.0.1.5:8888\u002Fwp\u002F\u003C\u002Fcode> on your iPad or other mobile devices without having styles and navigation issue.\u003C\u002Fp>\n","Relative URL applies wp_make_link_relative function to links to convert them to relative URLs.",3000,108283,26,"2021-08-11T18:45:00.000Z","5.8.13","2.1.0",[19,100,21,22,101],"administration","content","https:\u002F\u002Fsparanoid.com\u002Fwork\u002Frelative-url\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frelative-url.0.1.8.zip",{"slug":105,"name":106,"version":107,"author":89,"author_profile":90,"description":108,"short_description":109,"active_installs":110,"downloaded":111,"rating":73,"num_ratings":112,"last_updated":113,"tested_up_to":97,"requires_at_least":114,"requires_php":17,"tags":115,"homepage":116,"download_link":117,"security_score":30,"vuln_count":13,"unpatched_count":13,"last_vuln_date":31,"fetched_at":32},"quotmarks-replacer","Quotmarks Replacer","2.6.21","\u003Cp>Quotmarks Replacer disables \u003Ccode>wptexturize\u003C\u002Fcode> function that keeps all quotation marks and suspension points in half-width form. This plugin also works fine with multisite enabled WordPress (aka. WordPress Mu).\u003C\u002Fp>\n\u003Cp>More information please visit my \u003Ca href=\"https:\u002F\u002Fsparanoid.com\u002Fwork\u002Fquotmarks-replacer\u002F\" rel=\"nofollow ugc\">site\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Quotmarks Replacer 通過禁用 \u003Ccode>wptexturize\u003C\u002Fcode> 函數，解決 WordPress 自動將半形的單引號、雙引號和省略號轉換爲全形標點的問題。使後台輸入的標點格式與前台讀者瀏覽的標點格式保持一致。並且對 multisite 多站點（WordPress Mu）有良好的支持\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Reviews（用戶評價）\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>我──一個網絡民工──當然有人會覺得這是謙虛，終於擁有了強悍的標點符號插件──也可能是世界上最棒的！我可以這樣雙引號“”，也可以這樣””，還可以這樣”──無論是哪一樣，都是最自由的表達！ ── 和菜頭\u003C\u002Fp>\n\u003Cp>It’s absolutely amazing. One of my all-time favorites. ── Steve Jobs\u003C\u002Fp>\n\u003Cp>Shut up, Matt. ──  WordPress\u003C\u002Fp>\n\u003C\u002Fblockquote>\n","Quotmarks Replacer disables wptexturize function that keeps all quotation marks and suspension points in half-width form.",300,24249,3,"2021-08-11T17:08:00.000Z","1.5",[19,100,21,22,101],"https:\u002F\u002Fsparanoid.com\u002Fwork\u002Fquotmarks-replacer\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fquotmarks-replacer.2.6.21.zip",{"slug":119,"name":120,"version":121,"author":122,"author_profile":123,"description":124,"short_description":125,"active_installs":126,"downloaded":127,"rating":73,"num_ratings":74,"last_updated":128,"tested_up_to":129,"requires_at_least":130,"requires_php":17,"tags":131,"homepage":135,"download_link":136,"security_score":30,"vuln_count":13,"unpatched_count":13,"last_vuln_date":31,"fetched_at":32},"nofollow-case-by-case","Nofollow Case by Case","1.5.6","fob","https:\u002F\u002Fprofiles.wordpress.org\u002Ffob\u002F","\u003Cp>For unmodified links Nofollow Case by Case works like a (do)follow plugin for WordPress. It simply removes rel=”nofollow” from your comment links.\u003C\u002Fp>\n\u003Cp>Whenever you get the feeling that one of your comment links might be able to harm your own website reputation, if you think about SEO and found a link that looks a bit like spam but should not be deleted, you can replace nofollow to every single comment link at any time. If you want to replace nofollow for a link like that you simply add \u002Fdontfollow at the end of the link. You can do this for author links in comments as well as for the links you find in the text.\u003C\u002Fp>\n\u003Ch4>This is what the plugin will do automatically:\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>1. Clean up some code:\u003C\u002Fstrong>\u003Cbr \u002F>\nIt tries to remove all variants of rel=”nofollow”, target=”blank” and rel=”external” from comment author links and other links in comments first. A link will become a “real link” no matter if it is a pingback, a trackback or a “real comment”.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>2. Fix semantical incorrectness:\u003C\u002Fstrong>\u003Cbr \u002F>\nThe plugin now applies rel=”external” – but ONLY for external links!\u003C\u002Fp>\n\u003Cp>\u003Cstrong>3. jQuery functions of Nofollow Case by Case:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>a) The plugin detects rel=”external” in comments and opens those links in a new window.\u003Cbr \u002F>\nNo need for target=”_blank” which would not validate in XMTML. jQuery replacement does.\u003C\u002Fp>\n\u003Cp>b) The plugin tries to correct author urls that could not be fully replaced before.\u003Cbr \u002F>\nThis has something to do with template development. Find more information on this within the FAQ.\u003C\u002Fp>\n\u003Ch4>Add on\u003C\u002Fh4>\n\u003Cp>You can try this \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fnfcbc-seo-plugin-add-on\u002F\" title=\"NFCBC SEO Plugin Add-on\" rel=\"ugc\">NFCBC SEO Plugin ADD-on\u003C\u002Fa> for easier comment management. The plugin is an old one using javascript but still works. I currently do not have the time to rebuild it. A new version should later support Ajax and nonces and on the other hand will not support old versions of WordPress anymore.\u003C\u002Fp>\n\u003Ch4>Alternative Tool\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fnfcbc-seo-light\u002F\" title=\"NFCBC SEO Light\" rel=\"ugc\">NFCBC SEO Light\u003C\u002Fa> could be used alternatively. It suggests “follow” or “nofollow” or “no link” automatically, depending on comments length. This plugin might be updated soon. I personally prefer Nofollow Case by Case.\u003C\u002Fp>\n\u003Ch4>Need more information?\u003C\u002Fh4>\n\u003Cp>I have updated the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fnofollow-case-by-case\u002Ffaq\u002F\" title=\"FAQ for Nofollow Case by Case\" rel=\"ugc\">FAQ for Nofollow Case by Case\u003C\u002Fa> and the German description can be found at the old place as well:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwww.fob-marketing.de\u002Fmarketing-seo-blog\u002Fwordpress-nofollow-seo-plugin-nofollow-case-by-case.html\" title=\"Nofollow Case by Case SEO Plugin\" rel=\"nofollow ugc\">Deutsche Plugin-Beschreibung auf fob-marketing.de\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwww.fob-marketing.de\u002Fmarketing-seo-blog\u002Fantworten-zu-nofollow-case-by-case-und-relexternal-nofollow.html\" title=\"FAQ bei fob marketing\" rel=\"nofollow ugc\">Deutsche FAQ auf fob-marketing.de\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Contact\u003C\u002Fh3>\n\u003Cp>For further information please send me an \u003Ca href=\"http:\u002F\u002Fwww.fob-marketing.de\u002Ffob\u002Fueber-fob-marketing\u002Ffob-marketing-kontakt\u002F\" title=\"Send an email to Oliver Bockelmann\" rel=\"nofollow ugc\">email\u003C\u002Fa>.\u003C\u002Fp>\n","\"Dofollow\" but Nofollow Case by Case allows you to selectively apply nofollow to your comments as well.",200,38477,"2013-12-10T17:07:00.000Z","3.7.41","2.0",[100,22,132,133,134],"dofollow","links","nofollow","http:\u002F\u002Fwww.fob-marketing.de\u002Fmarketing-blog-184-wordpress-nofollow-seo-plugin-nofollow-case-by-case.html","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnofollow-case-by-case.1.5.6.zip",{"attackSurface":138,"codeSignals":273,"taintFlows":326,"riskAssessment":353,"analyzedAt":363},{"hooks":139,"ajaxHandlers":260,"restRoutes":270,"shortcodes":271,"cronEvents":272,"entryPointCount":74,"unprotectedCount":74},[140,146,150,153,157,162,166,169,173,177,181,184,187,191,195,199,202,206,208,212,215,219,223,227,231,234,238,241,244,248,252,256],{"type":141,"name":142,"callback":143,"file":144,"line":145},"action","admin_init","gp_comm_error_check","gp-comments.php",9,{"type":141,"name":147,"callback":148,"file":144,"line":149},"admin_notices","gp_comment_admin_notice",12,{"type":141,"name":142,"callback":151,"file":144,"line":152},"gp_comm_admin_init",20,{"type":141,"name":154,"callback":155,"file":144,"line":156},"gp_validate_options","gp_comm_validate_options",47,{"type":158,"name":159,"callback":160,"priority":52,"file":144,"line":161},"filter","get_avatar","gp_comm_avatar",183,{"type":141,"name":163,"callback":164,"file":144,"line":165},"comment_form","gp_comm_comments_enable",222,{"type":141,"name":163,"callback":167,"file":144,"line":168},"gp_comm_send_place",223,{"type":141,"name":170,"callback":171,"priority":38,"file":144,"line":172},"wp_footer","gp_comm_footer_script",224,{"type":141,"name":174,"callback":175,"file":144,"line":176},"init","gp_comm_logout",226,{"type":141,"name":178,"callback":179,"priority":62,"file":144,"line":180},"comment_form_before_fields","alt_comment_login",227,{"type":141,"name":179,"callback":182,"file":144,"line":183},"gp_comm_login_button",228,{"type":141,"name":178,"callback":185,"priority":74,"file":144,"line":186},"comment_user_details_begin",229,{"type":141,"name":188,"callback":189,"priority":152,"file":144,"line":190},"comment_form_after_fields","comment_user_details_end",230,{"type":141,"name":192,"callback":193,"priority":52,"file":144,"line":194},"comment_post","gp_comm_add_meta",231,{"type":158,"name":196,"callback":197,"file":144,"line":198},"pre_comment_on_post","gp_comm_fill_in_fields",232,{"type":141,"name":192,"callback":200,"priority":52,"file":144,"line":201},"gp_comm_send_to_google",234,{"type":141,"name":142,"callback":203,"file":204,"line":205},"gp_login_admin_init","gp-login.php",13,{"type":141,"name":154,"callback":207,"file":204,"line":38},"gp_login_validate_options",{"type":141,"name":209,"callback":210,"file":204,"line":211},"profile_personal_options","gp_login_profile_page",44,{"type":141,"name":213,"callback":213,"file":204,"line":214},"gp_login_connect",104,{"type":141,"name":216,"callback":217,"file":204,"line":218},"login_form","gp_login_add_login_button",119,{"type":158,"name":220,"callback":221,"file":204,"line":222},"authenticate","gp_login_check",128,{"type":141,"name":224,"callback":225,"file":204,"line":226},"wp_logout","gp_logout",152,{"type":141,"name":174,"callback":228,"file":229,"line":230},"gp_init","gp.php",48,{"type":141,"name":232,"callback":233,"file":229,"line":218},"admin_menu","gp_admin_add_page",{"type":141,"name":235,"callback":236,"file":229,"line":237},"network_admin_menu","gp_network_admin_add_page",127,{"type":141,"name":142,"callback":239,"priority":145,"file":229,"line":240},"gp_admin_init",135,{"type":141,"name":147,"callback":242,"file":229,"line":243},"anonymous",141,{"type":158,"name":245,"callback":246,"priority":52,"file":229,"line":247},"pre_update_option_gp_app_options","gp_update_app_options",148,{"type":141,"name":249,"callback":250,"file":229,"line":251},"oauth_start_google","gp_oauth_start",311,{"type":141,"name":174,"callback":253,"file":254,"line":255},"oauth_init","wp-oauth.php",16,{"type":141,"name":257,"callback":258,"file":254,"line":259},"template_redirect","oauth_template_redirect",27,[261,266],{"action":262,"nopriv":263,"callback":262,"hasNonce":264,"hasCapCheck":264,"file":144,"line":265},"gp_comm_get_display",true,false,225,{"action":267,"nopriv":264,"callback":268,"hasNonce":264,"hasCapCheck":264,"file":204,"line":269},"disconnect_guid","gp_login_disconnect_guid",91,[],[],[],{"dangerousFunctions":274,"sqlUsage":286,"outputEscaping":288,"fileOperations":36,"externalRequests":74,"nonceChecks":62,"capabilityChecks":62,"bundledLibraries":325},[275,280,283],{"fn":276,"file":277,"line":278,"context":279},"unserialize","google-api\\cache\\Google_ApcCache.php",79,"return unserialize($ret['data']);",{"fn":276,"file":281,"line":73,"context":282},"google-api\\cache\\Google_FileCache.php","$data = unserialize($data);",{"fn":284,"file":229,"line":243,"context":285},"create_function","add_action('admin_notices', create_function( '', \"echo '\u003Cdiv class=\\\"error\\\">\u003Cp>\".sprintf(__('GeePre",{"prepared":74,"raw":13,"locations":287},[],{"escaped":62,"rawEcho":289,"locations":290},18,[291,294,296,298,299,300,302,304,306,307,309,311,313,315,317,319,321,323],{"file":144,"line":292,"context":293},17,"raw output",{"file":144,"line":295,"context":293},32,{"file":144,"line":297,"context":293},36,{"file":144,"line":11,"context":293},{"file":144,"line":211,"context":293},{"file":144,"line":301,"context":293},80,{"file":144,"line":303,"context":293},105,{"file":144,"line":305,"context":293},169,{"file":204,"line":259,"context":293},{"file":204,"line":308,"context":293},56,{"file":204,"line":310,"context":293},62,{"file":204,"line":312,"context":293},64,{"file":204,"line":314,"context":293},71,{"file":204,"line":316,"context":293},74,{"file":204,"line":318,"context":293},125,{"file":229,"line":320,"context":293},188,{"file":229,"line":322,"context":293},241,{"file":229,"line":324,"context":293},247,[],[327,345],{"entryPoint":328,"graph":329,"unsanitizedCount":13,"severity":344},"gp_app_options_page (gp.php:176)",{"nodes":330,"edges":342},[331,336],{"id":332,"type":333,"label":334,"file":229,"line":335},"n0","source","$_POST",181,{"id":337,"type":338,"label":339,"file":229,"line":340,"wp_function":341},"n1","sink","update_option() [Settings Manipulation]",182,"update_option",[343],{"from":332,"to":337,"sanitized":263},"low",{"entryPoint":346,"graph":347,"unsanitizedCount":13,"severity":344},"\u003Cgp> (gp.php:0)",{"nodes":348,"edges":351},[349,350],{"id":332,"type":333,"label":334,"file":229,"line":335},{"id":337,"type":338,"label":339,"file":229,"line":340,"wp_function":341},[352],{"from":332,"to":337,"sanitized":263},{"summary":354,"deductions":355},"The \"gp\" v1.0 plugin exhibits a mixed security posture.  While it demonstrates good practices in handling SQL queries with prepared statements and avoids critical taint flows, several significant security concerns are present. The plugin has a small but concerning attack surface, with two AJAX handlers, both of which lack authentication checks. This directly exposes potentially sensitive functionality to unauthenticated users. Additionally, the code signals indicate the use of dangerous functions like 'unserialize' and 'create_function', which can be exploited if user-controlled data is passed to them.  The low percentage of properly escaped output further exacerbates these risks, as it opens the door for Cross-Site Scripting (XSS) vulnerabilities.  The absence of any recorded vulnerability history is a positive sign, suggesting it has not been a target or has not had publicly disclosed vulnerabilities. However, this cannot compensate for the immediate risks identified in the code analysis, particularly the unprotected AJAX endpoints and the use of dangerous functions.",[356,358,360],{"reason":357,"points":52},"AJAX handlers without auth checks",{"reason":359,"points":52},"Use of dangerous functions (unserialize, create_function)",{"reason":361,"points":362},"Low output escaping percentage",8,"2026-03-16T22:05:58.412Z",{"wat":365,"direct":375},{"assetPaths":366,"generatorPatterns":371,"scriptPaths":372,"versionParams":373},[367,368,369,370],"\u002Fwp-content\u002Fplugins\u002Fgp\u002Fgoogle-api\u002FGoogle_Client.php","\u002Fwp-content\u002Fplugins\u002Fgp\u002Fgoogle-api\u002Fcontrib\u002FGoogle_PlusService.php","\u002Fwp-content\u002Fplugins\u002Fgp\u002Fgoogle-api\u002Fcontrib\u002FGoogle_Oauth2Service.php","\u002Fwp-content\u002Fplugins\u002Fgp\u002Fwp-oauth.php",[],[],[374],"gp\u002Fstyle.css?ver=",{"cssClasses":376,"htmlComments":377,"htmlAttributes":379,"restEndpoints":382,"jsGlobals":383,"shortcodeOutput":386},[],[378],"\u003C!--\nif you want to force the plugin to use a client id and secret,\nadd your keys and copy the following 2 lines to your wp-config.php\n-->",[380,381],"data-gp-google-client-id","data-gp-google-client-secret",[],[384,385],"window.gp_client_id","window.gp_client_secret",[]]