[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f5gJyuu0fubYs79AxOc2Mul3QPWFU2drffXMUnmZ0gjg":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":103,"crawl_stats":38,"alternatives":111,"analysis":211,"fingerprints":483},"i-recommend-this","I Recommend This – Love\u002FLike Button for WordPress Posts","4.0.1","Harish Chouhan","https:\u002F\u002Fprofiles.wordpress.org\u002Fhchouhan\u002F","\u003Cp>“I Recommend This” allows your visitors to effortlessly like or recommend your posts with a single click, making it easier for them to show their appreciation without leaving a comment. Enhance your site’s engagement by providing a simple, user-friendly way for readers to interact with your content.\u003C\u002Fp>\n\u003Ch3>Features:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Display a counter for likes\u002Frecommendations.\u003C\u002Fli>\n\u003Cli>Widget and shortcode to display the most liked posts.\u003C\u002Fli>\n\u003Cli>Choose between a “Thumbs Up” or “Heart” icon.\u003C\u002Fli>\n\u003Cli>Prevents multiple votes from the same user via cookies and IP address tracking.\u003C\u002Fli>\n\u003Cli>View and sort posts by likes in the post edit page.\u003C\u002Fli>\n\u003Cli>Better GDPR compliance with anonymized IPs\u003C\u002Fli>\n\u003Cli>Built-in query block compatibility\u003C\u002Fli>\n\u003Cli>Extensive action and filter hooks for developers\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Advanced Options:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Hide the counter if the count is zero.\u003C\u002Fli>\n\u003Cli>Customize messages for zero, one, or multiple likes.\u003C\u002Fli>\n\u003Cli>Disable plugin CSS for custom styling.\u003C\u002Fli>\n\u003Cli>Option to disable IP address saving to comply with GDPR.\u003C\u002Fli>\n\u003Cli>Enhanced cookie management\u003C\u002Fli>\n\u003Cli>IP address anonymization for stronger GDPR compliance\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Shortcodes:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ccode>[irecommendthis]\u003C\u002Fcode> – Add the voting link to any page.\u003C\u002Fli>\n\u003Cli>\u003Ccode>[irecommendthis_top_posts post_type='post' container='div' number='10' year='2023' monthnum='7']\u003C\u002Fcode> – Display most recommended posts.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin is based exactly on Benoit “LeBen” Burgener’s “I Like This” Plugin and has been modified after getting requests for the changes I had made on my website.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>If you love the plugin, please consider rating it and clicking on “it works” button.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>Example Sites Using the Plugin:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fflattrendz.com\" rel=\"nofollow ugc\">Flat UI Design Gallery\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>For Developers:\u003C\u002Fh3>\n\u003Cp>This plugin is being developed on GitHub.. If you want to collaborate, please look at \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwebtions\u002FI-Recommend-This\" rel=\"nofollow ugc\">I Recommend This plugin on GitHub\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Translations\u003C\u002Fh3>\n\u003Cp>You can \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fi-recommend-this\u002Fstable\u002F\" rel=\"nofollow ugc\">help translate this plugin into your language\u003C\u002Fa> using your WordPress.org account.\u003C\u002Fp>\n","Enable your visitors to easily like or recommend your posts with a single click, enhancing engagement without the need for comments.",5000,390544,94,37,"2025-07-25T12:44:00.000Z","6.8.5","6.1","7.4",[20,21,22,23,24],"like","love","post","rate","recommend","https:\u002F\u002Fthemeist.com\u002Fplugins\u002Fwordpress\u002Fi-recommend-this\u002F#utm_source=wp-plugin&utm_medium=i-recommend-this&utm_campaign=plugins-page","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fi-recommend-this.4.0.1.zip",96,5,0,"2023-04-19 00:00:00","2026-03-15T15:16:48.613Z",[33,49,64,78,93],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"CVE-2023-23673","i-recommend-this-authenticated-admin-stored-cross-site-scripting","I Recommend This \u003C= 3.8.3 - Authenticated (Admin+) Stored Cross-Site Scripting","The I Recommend This plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 3.8.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.",null,"\u003C=3.8.3","3.9.0","medium",4.4,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-01-22 19:56:02",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fcc74e973-90ab-4678-a035-82b4b2b85604?source=api-prod",279,{"id":50,"url_slug":51,"title":52,"description":53,"plugin_slug":4,"theme_slug":38,"affected_versions":54,"patched_in_version":55,"severity":41,"cvss_score":56,"cvss_vector":57,"vuln_type":58,"published_date":59,"updated_date":60,"references":61,"days_to_patch":63},"CVE-2023-28696","i-recommend-this-cross-site-request-forgery","I Recommend This \u003C= 3.9.0 - Cross-Site Request Forgery","The I Recommend This plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.9.0. This is due to missing nonce validation on the ajax_callback function. This makes it possible for unauthenticated attackers to modify the plugins settings granted they can trick a site administrator into performing an action such as clicking on a link. The impact of this vulnerability is unknown.","\u003C=3.9.0","3.9.1",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Cross-Site Request Forgery (CSRF)","2023-03-22 00:00:00","2024-07-08 20:12:44",[62],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fa0ee9b26-4e7f-475f-b42b-5af40b78cbca?source=api-prod",475,{"id":65,"url_slug":66,"title":67,"description":68,"plugin_slug":4,"theme_slug":38,"affected_versions":69,"patched_in_version":70,"severity":71,"cvss_score":72,"cvss_vector":73,"vuln_type":44,"published_date":74,"updated_date":45,"references":75,"days_to_patch":77},"WF-ef888b2e-1fc7-442b-8b67-ebfdcbc76696-i-recommend-this","i-recommend-this-cross-site-scripting","I Recommend This \u003C 3.8.2 - Cross-Site Scripting","The I Recommend This plugin for WordPress is vulnerable to Cross-Site Scripting in versions up to, and including, 3.8.1 due to insufficient input sanitization and output escaping. This makes it possible for attackers to inject arbitrary web scripts that execute in a victim's browser.","\u003C3.8.2","3.8.2","high",7.2,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","2018-09-11 00:00:00",[76],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fef888b2e-1fc7-442b-8b67-ebfdcbc76696?source=api-prod",1960,{"id":79,"url_slug":80,"title":81,"description":82,"plugin_slug":4,"theme_slug":38,"affected_versions":83,"patched_in_version":84,"severity":85,"cvss_score":86,"cvss_vector":87,"vuln_type":88,"published_date":89,"updated_date":45,"references":90,"days_to_patch":92},"CVE-2014-10376","i-recommend-this-sql-injection","I Recommend This \u003C 3.7.3 - SQL Injection","The i-recommend-this plugin before 3.7.3 for WordPress has SQL injection.","\u003C3.7.3","3.7.3","critical",9.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')","2014-09-24 00:00:00",[91],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F20df30e2-7e59-479c-946d-e0128b7d8401?source=api-prod",3408,{"id":94,"url_slug":95,"title":96,"description":97,"plugin_slug":4,"theme_slug":38,"affected_versions":98,"patched_in_version":84,"severity":71,"cvss_score":99,"cvss_vector":100,"vuln_type":88,"published_date":89,"updated_date":45,"references":101,"days_to_patch":92},"CVE-2014-125099","i-recommend-this-authenticated-subscriber-sql-injection-via-shortcode","I Recommend This \u003C= 3.7.2 - Authenticated (Subscriber+) SQL Injection via Shortcode","The I Recommend This plugin for WordPress is vulnerable to SQL Injection via the 'post_type' attribute called via the plugin's shortcode in versions up to, and including, 3.7.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with subscriber-level permissions and above to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.","\u003C=3.7.2",8.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H",[102],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fca9c10b6-6d32-45c9-beb1-7a5c84d0863d?source=api-prod",{"slug":104,"display_name":7,"profile_url":8,"plugin_count":105,"total_installs":106,"avg_security_score":107,"avg_patch_time_days":108,"trust_score":109,"computed_at":110},"hchouhan",7,12630,99,1906,78,"2026-04-03T18:44:00.677Z",[112,134,153,172,191],{"slug":113,"name":114,"version":115,"author":116,"author_profile":117,"description":118,"short_description":119,"active_installs":120,"downloaded":121,"rating":122,"num_ratings":123,"last_updated":124,"tested_up_to":125,"requires_at_least":126,"requires_php":127,"tags":128,"homepage":131,"download_link":132,"security_score":133,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"buddypress-like","BuddyPress Like","0.3.0","darrenmeehan","https:\u002F\u002Fprofiles.wordpress.org\u002Fdarrenmeehan\u002F","\u003Cp>Gives users the ability to ‘like’ content across your BuddyPress enabled site.\u003C\u002Fp>\n","Gives users the ability to 'like' content across your BuddyPress enabled site.",100,76443,70,26,"2015-12-06T20:41:00.000Z","4.4.34","3.8","",[129,20,22,23,130],"buddypress","thumbs","http:\u002F\u002Fdarrenmeehan.me\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddypress-like.zip",85,{"slug":135,"name":136,"version":137,"author":138,"author_profile":139,"description":140,"short_description":141,"active_installs":142,"downloaded":143,"rating":29,"num_ratings":29,"last_updated":144,"tested_up_to":145,"requires_at_least":146,"requires_php":147,"tags":148,"homepage":127,"download_link":152,"security_score":120,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"post-reaction","Post Reaction – Add Like or Emoji Reactions to Posts","1.0.0","bPlugins","https:\u002F\u002Fprofiles.wordpress.org\u002Fbplugins\u002F","\u003Cp>👉 \u003Ca href=\"https:\u002F\u002Fbplugins.com\u002Fproducts\u002Fpost-reaction\u002F#demos\" rel=\"nofollow ugc\">Plugin Demo\u003C\u002Fa> | \u003Ca href=\"#\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fbplugins.com\u002Fsupport\" rel=\"nofollow ugc\">Request a new features \u002F  Feedback\u003C\u002Fa> 👈\u003C\u002Fp>\n\u003Cp>“Count Post Reactions” is a robust plugin designed to enhance engagement on your WordPress site by providing valuable insights into user interactions with your content. With this plugin, you can effortlessly track and display various types of reactions, including likes, loves, cares, and even custom reactions.\u003C\u002Fp>\n\u003Cp>By implementing this plugin, you gain the ability to measure the impact of your posts in real-time, allowing you to tailor your content strategy to better resonate with your audience. The detailed reaction counts provide invaluable feedback on which posts are generating the most engagement, helping you optimize your content creation efforts for maximum impact.\u003C\u002Fp>\n\u003Cp>One of the standout features of “Count Post Reactions” is its ability to enforce one-time reactions per user. This functionality ensures that each user can only react to a post once, maintaining the integrity of your reaction data and preventing spammy or repetitive reactions.\u003C\u002Fp>\n\u003Cp>The plugin offers seamless integration with your WordPress site, allowing you to easily customize the appearance and behavior of the reaction counters to suit your branding and design preferences. Whether you’re running a personal blog, a news site, or an online community, “Count Post Reactions” empowers you to better understand and leverage user sentiment to drive engagement and foster a vibrant online community.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Add Post Reaction in any post types\u003C\u002Fli>\n\u003Cli>Enable\u002FDisable any reaction\u003C\u002Fli>\n\u003Cli>Add Custom Reaction\u003C\u002Fli>\n\u003Cli>Place content after\u002Fbefore the Reactions\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>How to use?\u003C\u002Fh4>\n\u003Cp>Install the plugin, go to Tools -> Post Reaction -> Enable\u003C\u002Fp>\n\u003Ch3>Developer Notes\u003C\u002Fh3>\n\u003Cp>Public source code GitHub link for review, study, and contribute.\u003C\u002Fp>\n\u003Cp>https:\u002F\u002Fgithub.com\u002FbPlugins-LLC\u002Fcount-post-reaction\u003C\u002Fp>\n\u003Cp>For more information on how to contribute to this plugin, please visit our GitHub repository.\u003C\u002Fp>\n","Add Facebook Reaction interface in WordPress Posts and Count them (likes, loves, cares, custom react)",60,2050,"2026-03-12T05:00:00.000Z","6.9.4","5.7","7.1",[149,20,21,150,151],"care","post-reactions","reaction","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpost-reaction.1.0.0.zip",{"slug":154,"name":155,"version":156,"author":157,"author_profile":158,"description":159,"short_description":160,"active_installs":161,"downloaded":162,"rating":163,"num_ratings":28,"last_updated":127,"tested_up_to":164,"requires_at_least":165,"requires_php":127,"tags":166,"homepage":127,"download_link":170,"security_score":120,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":171},"zaki-like-dislike-comments","Zaki Like Dislike Comments","1.2","Riccardo Conte","https:\u002F\u002Fprofiles.wordpress.org\u002Frconte-1\u002F","\u003Cp>This plugin implements a “like\u002Fdislike” rating system for comments. In the setting page you can choose a “compact \u002F splitted” mode that show ratings like sum or separately.\u003C\u002Fp>\n","This plugin implements a \"like\u002Fdislike\" rating system for comments",40,5565,80,"4.1.42","3.3",[167,20,168,23,169],"comments","posts","vote","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fzaki-like-dislike-comments.zip","2026-03-15T10:48:56.248Z",{"slug":173,"name":174,"version":175,"author":176,"author_profile":177,"description":178,"short_description":179,"active_installs":180,"downloaded":181,"rating":120,"num_ratings":182,"last_updated":183,"tested_up_to":184,"requires_at_least":185,"requires_php":127,"tags":186,"homepage":189,"download_link":190,"security_score":133,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"love-it","Love It","1.0.5","Syed Balkhi","https:\u002F\u002Fprofiles.wordpress.org\u002Fsmub\u002F","\u003Cp>Love It is a simple plugin that adds a “Love It” link to your posts, pages, and custom post types. It works similar to Facebook’s Like button, but is exclusive to your website. It provides a great way for users to show their appreciation, and for you to gain a good idea of which posts are your most popular.\u003C\u002Fp>\n\u003Cp>The plugin includes a simple widget to show your “Most Loved” items.\u003C\u002Fp>\n\u003Cp>This plugin is based of the tutorial I published on \u003Ca href=\"http:\u002F\u002Fpippinsplugins.com\u002Fwrite-a-love-it-plugin-with-ajax\u002F\" rel=\"nofollow ugc\">creating a simple Love It plugin\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>The demonstration video for the tutorial and the plugin is below:\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FDskc-BUjKxg?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>An improved Pro version of the plugin is \u003Ca href=\"https:\u002F\u002Fpippinsplugins.com\u002Flove-it-pro\u002F\" rel=\"nofollow ugc\">available\u003C\u002Fa>. Features of the pro version include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Show Love It links automatically\u003C\u002Fli>\n\u003Cli>Track your most popular posts, pages, and custom post types\u003C\u002Fli>\n\u003Cli>Setup in less than 5 minutes\u003C\u002Fli>\n\u003Cli>Enabled \u002F disable for every registered post type\u003C\u002Fli>\n\u003Cli>Customize the text displayed for links and “already loved” messages\u003C\u002Fli>\n\u003Cli>Users can only love posts\u002Fpages once\u003C\u002Fli>\n\u003Cli>Works for logged-in and logged-out users\u003C\u002Fli>\n\u003Cli>Most Loved widget included\u003C\u002Fli>\n\u003Cli>No coding necessary\u003C\u002Fli>\n\u003Cli>Custom CSS option for advanced users\u003C\u002Fli>\n\u003Cli>Embed help documentation in plugin settings\u003C\u002Fli>\n\u003Cli>Easy to use template tags for developers\u003C\u002Fli>\n\u003C\u002Ful>\n","Love It is a simple plugin that adds a \"Love It\" link to your posts, pages, and custom post types. Show your most popular items in a widget.",20,13287,1,"2015-08-20T21:10:00.000Z","4.3.34","3.4",[20,21,173,187,188],"love-post","plus-one","http:\u002F\u002Fpippinsplugins.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flove-it.1.0.5.zip",{"slug":192,"name":193,"version":194,"author":195,"author_profile":196,"description":197,"short_description":198,"active_installs":199,"downloaded":200,"rating":29,"num_ratings":29,"last_updated":201,"tested_up_to":145,"requires_at_least":202,"requires_php":203,"tags":204,"homepage":127,"download_link":210,"security_score":120,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"managed-posts-rating-like-button","Managed posts rating ★ Like button","2.0.2","Daria Levchenko","https:\u002F\u002Fprofiles.wordpress.org\u002Flevenyatko\u002F","\u003Cp>The Managed posts rating ★ Like button plugin is a rating system for your WordPress site with a simple “like” button and advanced admin panel.\u003Cbr \u002F>\nThis lightweight plugin empowers you to enhance user engagement by enabling rating functionality for your posts, pages, or any custom post type. You can automatically integrate the like button or use shortcodes to customize its placement.\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Lightweight.\u003C\u002Fli>\n\u003Cli>Integrate the like button automatically or use shortcodes for custom placement.\u003C\u002Fli>\n\u003Cli>Access a detailed logs page to track user interactions and ratings.\u003C\u002Fli>\n\u003Cli>The chart page displays users’ voting activity.\u003C\u002Fli>\n\u003Cli>Ability to allow only logged-in users to vote.\u003C\u002Fli>\n\u003Cli>Ability to customize the maximum number of votes per post from one user.\u003C\u002Fli>\n\u003Cli>Easy voting management.\u003C\u002Fli>\n\u003Cli>Ability to rewrite the voting button template in your theme.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cp>To automatically add the “like” button to your posts in the admin panel\u003Cbr \u002F>\n– Go to the “MPRating” -> “Settings” page\u003Cbr \u002F>\n– Change the “Display” select value to “Before Content” or “After Content”\u003Cbr \u002F>\n– Save settings\u003C\u002Fp>\n\u003Cp>For more advanced control, select the “Manually” value for the “Display” select and use the provided shortcodes in your post content or templates:\u003Cbr \u002F>\n– \u003Ccode>[mpr-button]\u003C\u002Fcode> – Display the like button.\u003Cbr \u002F>\n– \u003Ccode>[mpr-button id=\"XX\" disabled=\"false\"]\u003C\u002Fcode> – Display the like button for a specific post (replace “XX” with the post ID). Use the “disabled” attribute if you want to show the “like” button but disallow voting.\u003C\u002Fp>\n\u003Cp>You can also display the voting button using the mpr_button function. The function parameters are similar to the shortcode.\u003Cbr \u002F>\n    mpr_button([‘id’ => 1, ‘disabled’ => false, ‘return’ => false ]);\u003C\u002Fp>\n\u003Ch3>Admin Panel\u003C\u002Fh3>\n\u003Cp>Visit the “MPRating” section in your WordPress admin dashboard to access the admin panel. From here, you can:\u003Cbr \u002F>\n– View and manage user ratings.\u003Cbr \u002F>\n– Customize the plugin settings to match your preferences.\u003C\u002Fp>\n","Rating system for your WordPress site with a simple \"like\" button and advanced admin panel.",10,980,"2026-01-02T15:35:00.000Z","4.9","8.2",[205,206,207,208,209],"like-button","rate-post","rating","rating-system","voting","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmanaged-posts-rating-like-button.2.0.2.zip",{"attackSurface":212,"codeSignals":338,"taintFlows":388,"riskAssessment":466,"analyzedAt":482},{"hooks":213,"ajaxHandlers":313,"restRoutes":322,"shortcodes":323,"cronEvents":336,"entryPointCount":337,"unprotectedCount":29},[214,220,225,229,233,237,241,245,249,253,258,262,267,271,272,277,280,284,287,290,294,298,303,308],{"type":215,"name":216,"callback":217,"file":218,"line":219},"action","admin_init","handle_database_update_request","admin\\class-themeist-irecommendthis-admin-db-tools.php",41,{"type":221,"name":222,"callback":223,"priority":199,"file":224,"line":219},"filter","plugin_action_links","add_settings_link","admin\\class-themeist-irecommendthis-admin-plugin-links.php",{"type":221,"name":226,"callback":227,"priority":199,"file":224,"line":228},"plugin_row_meta","add_meta_links",42,{"type":221,"name":230,"callback":231,"file":232,"line":123},"manage_posts_columns","add_column","admin\\class-themeist-irecommendthis-admin-post-columns.php",{"type":215,"name":234,"callback":235,"priority":199,"file":232,"line":236},"manage_posts_custom_column","display_column_content",27,{"type":221,"name":238,"callback":239,"file":232,"line":240},"manage_edit-post_sortable_columns","make_column_sortable",28,{"type":221,"name":242,"callback":243,"file":232,"line":244},"request","handle_column_sorting",29,{"type":215,"name":216,"callback":246,"file":247,"line":248},"register_settings","admin\\class-themeist-irecommendthis-admin-settings.php",25,{"type":215,"name":250,"callback":251,"file":252,"line":142},"admin_enqueue_scripts","enqueue_admin_scripts","admin\\class-themeist-irecommendthis-admin-ui.php",{"type":215,"name":254,"callback":255,"file":256,"line":257},"admin_menu","add_settings_menu","admin\\class-themeist-irecommendthis-admin.php",128,{"type":215,"name":259,"callback":260,"file":256,"line":261},"publish_post","setup_recommends",131,{"type":215,"name":263,"callback":264,"file":265,"line":266},"init","irecommendthis_register_blocks","blocks\\blocks.php",74,{"type":215,"name":268,"callback":269,"priority":180,"file":265,"line":270},"enqueue_block_editor_assets","irecommendthis_enqueue_editor_assets",77,{"type":215,"name":250,"callback":269,"file":265,"line":163},{"type":221,"name":273,"callback":274,"priority":199,"file":275,"line":276},"get_post_metadata","irecommendthis_force_zero_count_in_editor","blocks\\recommend\\block.php",234,{"type":215,"name":263,"callback":278,"priority":28,"file":279,"line":142},"check_for_updates","core\\class-themeist-irecommendthis-db-upgrader.php",{"type":215,"name":281,"callback":282,"file":279,"line":283},"wpmu_new_blog","new_site_created",63,{"type":215,"name":263,"callback":285,"priority":29,"file":286,"line":283},"load_localisation","core\\class-themeist-irecommendthis.php",{"type":215,"name":263,"callback":288,"file":286,"line":289},"migrate_plugin_settings",66,{"type":215,"name":291,"callback":292,"file":286,"line":293},"admin_notices","check_db_table",69,{"type":215,"name":263,"callback":295,"file":296,"line":297},"themeist_register_shortcodes","i-recommend-this.php",61,{"type":215,"name":299,"callback":300,"file":301,"line":302},"wp_enqueue_scripts","enqueue_scripts","public\\class-themeist-irecommendthis-public-assets.php",38,{"type":221,"name":304,"callback":305,"file":306,"line":307},"the_content","modify_content","public\\class-themeist-irecommendthis-public-display.php",23,{"type":215,"name":309,"callback":310,"file":311,"line":312},"widgets_init","register_widget","public\\class-themeist-irecommendthis-widget-most-recommended.php",416,[314,320],{"action":315,"nopriv":316,"callback":317,"hasNonce":318,"hasCapCheck":316,"file":319,"line":307},"irecommendthis",false,"ajax_callback",true,"core\\class-themeist-irecommendthis-ajax.php",{"action":315,"nopriv":318,"callback":317,"hasNonce":318,"hasCapCheck":316,"file":319,"line":321},24,[],[324,328,329,333],{"tag":325,"callback":326,"file":327,"line":321},"dot_recommends","shortcode_recommends","core\\class-themeist-irecommendthis-shortcodes.php",{"tag":315,"callback":326,"file":327,"line":236},{"tag":330,"callback":331,"file":327,"line":332},"dot_recommended_top_posts","shortcode_recommended_top_posts",31,{"tag":334,"callback":331,"file":327,"line":335},"irecommendthis_top_posts",34,[],6,{"dangerousFunctions":339,"sqlUsage":340,"outputEscaping":342,"fileOperations":29,"externalRequests":29,"nonceChecks":386,"capabilityChecks":182,"bundledLibraries":387},[],{"prepared":335,"raw":29,"locations":341},[],{"escaped":343,"rawEcho":344,"locations":345},134,21,[346,348,350,351,353,355,357,359,361,363,365,367,369,371,373,375,377,379,381,383,385],{"file":218,"line":13,"context":347},"raw output",{"file":218,"line":349,"context":347},125,{"file":218,"line":257,"context":347},{"file":218,"line":352,"context":347},130,{"file":218,"line":354,"context":347},147,{"file":218,"line":356,"context":347},149,{"file":218,"line":358,"context":347},162,{"file":232,"line":360,"context":347},53,{"file":247,"line":362,"context":347},156,{"file":247,"line":364,"context":347},189,{"file":247,"line":366,"context":347},219,{"file":247,"line":368,"context":347},250,{"file":247,"line":370,"context":347},280,{"file":247,"line":372,"context":347},309,{"file":247,"line":374,"context":347},338,{"file":247,"line":376,"context":347},367,{"file":247,"line":378,"context":347},396,{"file":247,"line":380,"context":347},425,{"file":286,"line":382,"context":347},185,{"file":384,"line":332,"context":347},"core\\functions.php",{"file":311,"line":48,"context":347},4,[],[389,407,417,425,437,445],{"entryPoint":390,"graph":391,"unsanitizedCount":29,"severity":406},"\u003Cclass-themeist-irecommendthis-admin-ui> (admin\\class-themeist-irecommendthis-admin-ui.php:0)",{"nodes":392,"edges":404},[393,398],{"id":394,"type":395,"label":396,"file":252,"line":397},"n0","source","$_GET",73,{"id":399,"type":400,"label":401,"file":252,"line":402,"wp_function":403},"n1","sink","echo() [XSS]",124,"echo",[405],{"from":394,"to":399,"sanitized":318},"low",{"entryPoint":408,"graph":409,"unsanitizedCount":29,"severity":406},"ajax_callback (core\\class-themeist-irecommendthis-ajax.php:37)",{"nodes":410,"edges":415},[411,413],{"id":394,"type":395,"label":412,"file":319,"line":142},"$_POST",{"id":399,"type":400,"label":401,"file":319,"line":414,"wp_function":403},108,[416],{"from":394,"to":399,"sanitized":318},{"entryPoint":418,"graph":419,"unsanitizedCount":29,"severity":406},"\u003Cclass-themeist-irecommendthis-ajax> (core\\class-themeist-irecommendthis-ajax.php:0)",{"nodes":420,"edges":423},[421,422],{"id":394,"type":395,"label":412,"file":319,"line":142},{"id":399,"type":400,"label":401,"file":319,"line":414,"wp_function":403},[424],{"from":394,"to":399,"sanitized":318},{"entryPoint":426,"graph":427,"unsanitizedCount":182,"severity":71},"recommend (core\\class-themeist-irecommendthis-shortcodes.php:102)",{"nodes":428,"edges":435},[429,432],{"id":394,"type":395,"label":430,"file":327,"line":431},"$_SERVER",126,{"id":399,"type":400,"label":433,"file":327,"line":356,"wp_function":434},"get_var() [SQLi]","get_var",[436],{"from":394,"to":399,"sanitized":316},{"entryPoint":438,"graph":439,"unsanitizedCount":182,"severity":71},"\u003Cclass-themeist-irecommendthis-shortcodes> (core\\class-themeist-irecommendthis-shortcodes.php:0)",{"nodes":440,"edges":443},[441,442],{"id":394,"type":395,"label":430,"file":327,"line":431},{"id":399,"type":400,"label":433,"file":327,"line":356,"wp_function":434},[444],{"from":394,"to":399,"sanitized":316},{"entryPoint":446,"graph":447,"unsanitizedCount":465,"severity":71},"\u003Cclass-themeist-irecommendthis-public-processor> (public\\class-themeist-irecommendthis-public-processor.php:0)",{"nodes":448,"edges":462},[449,453,457,459],{"id":394,"type":395,"label":450,"file":451,"line":452},"$_SERVER (x2)","public\\class-themeist-irecommendthis-public-processor.php",235,{"id":399,"type":400,"label":454,"file":451,"line":455,"wp_function":456},"query() [SQLi]",240,"query",{"id":458,"type":395,"label":430,"file":451,"line":452},"n2",{"id":460,"type":400,"label":433,"file":451,"line":461,"wp_function":434},"n3",260,[463,464],{"from":394,"to":399,"sanitized":316},{"from":458,"to":460,"sanitized":316},3,{"summary":467,"deductions":468},"The i-recommend-this plugin v4.0.1 demonstrates some good security practices, notably the complete absence of raw SQL queries and a high percentage of properly escaped output.  The plugin also employs nonce and capability checks on some entry points. However, the analysis reveals significant concerns. The presence of unsanitized paths in taint analysis is particularly worrying, with three identified flows flagged as high severity. This indicates potential pathways for attackers to inject malicious code or data. Furthermore, the plugin has a history of 5 known CVEs, including one critical, two high, and two medium severity vulnerabilities. While none are currently unpatched, this pattern of past vulnerabilities, especially critical and high severity ones related to XSS, CSRF, and SQL Injection, suggests a recurring tendency for security flaws to be introduced. The lack of explicit permission callbacks on all REST API routes (though none exist currently) and the fact that not all AJAX handlers have authentication checks also represent potential future attack vectors if new endpoints are added without proper security considerations.",[469,471,473,476,478,480],{"reason":470,"points":180},"High severity unsanitized taint flows (3)",{"reason":472,"points":180},"Past critical severity CVEs (1)",{"reason":474,"points":475},"Past high severity CVEs (2)",15,{"reason":477,"points":199},"Past medium severity CVEs (2)",{"reason":479,"points":199},"AJAX handlers without auth checks (implied 0 out of 2)",{"reason":481,"points":28},"Potential for future unpatched REST API vulnerabilities","2026-03-16T18:08:20.741Z",{"wat":484,"direct":493},{"assetPaths":485,"generatorPatterns":488,"scriptPaths":489,"versionParams":490},[486,487],"\u002Fwp-content\u002Fplugins\u002Fi-recommend-this\u002Fassets\u002Fcss\u002Fadmin-settings.css","\u002Fwp-content\u002Fplugins\u002Fi-recommend-this\u002Fassets\u002Fjs\u002Fadmin-tabs.js",[],[],[491,492],"i-recommend-this\u002Fassets\u002Fcss\u002Fadmin-settings.css?ver=","i-recommend-this\u002Fassets\u002Fjs\u002Fadmin-tabs.js?ver=",{"cssClasses":494,"htmlComments":500,"htmlAttributes":501,"restEndpoints":503,"jsGlobals":504,"shortcodeOutput":505},[495,496,497,498,499],"irecommendthis-settings","irecommendthis-settings-form","nav-tab-active","notice-success","card",[],[502],"data-tab",[],[],[506,507,508],"[recommend_this]","[irecommend_this_counter]","[irecommend_this_list]"]