[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fPFGgAzFqfDWVMuuLrriKeP3qSPCPUXGf1lf5UE-0s1Q":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":16,"requires_php":16,"tags":17,"homepage":21,"download_link":22,"security_score":23,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":36,"analysis":142,"fingerprints":268},"import-from-ning","Import from Ning","2.1","Boone Gorges","https:\u002F\u002Fprofiles.wordpress.org\u002Fboonebgorges\u002F","\u003Cp>This plugin imports the contents of your Ning Network Archive into BuddyPress.\u003C\u002Fp>\n","Imports the contents of a Ning Network Archive into BuddyPress",10,11062,66,4,"2013-05-21T13:20:00.000Z","",[18,19,20],"buddypress","import","ning","http:\u002F\u002Fgithub.com\u002Fboonebgorges\u002FImport-from-Ning","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fimport-from-ning.2.1.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":29,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":32,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"boonebgorges",27,11620,88,1864,71,"2026-04-04T15:32:30.280Z",[37,63,83,106,122],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":58,"download_link":59,"security_score":60,"vuln_count":61,"unpatched_count":24,"last_vuln_date":62,"fetched_at":26},"learnpress-import-export","LearnPress – Backup & Migration Tool","4.1.3","ThimPress","https:\u002F\u002Fprofiles.wordpress.org\u002Fthimpress\u002F","\u003Cp>\u003Cstrong>LearnPress\u003C\u002Fstrong> is a \u003Ca href=\"http:\u002F\u002Fthimpress.com\u002Flearnpress\" rel=\"nofollow ugc\">WordPress LMS Plugin\u003C\u002Fa> by ThimPress.\u003C\u002Fp>\n\u003Cp>The \u003Cstrong>LearnPress – Backup & Migration Tool\u003C\u002Fstrong> is a \u003Cstrong>crucial add-on (or extension)\u003C\u002Fstrong> for users of the LearnPress WordPress LMS plugin, designed to streamline the management of course content and data.\u003C\u002Fp>\n\u003Cp>It addresses the common need to back up, migrate, or duplicate LearnPress courses, \u003Cstrong>as well as providing a seamless one-click migration from other popular LMS platforms like TutorLMS and LearnDash into LearnPress.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>LearnPress Backup & Import\u002FExport Functionality\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Selective Export\u002FImport: Depending on the specific add-on version, there might be options to selectively export or import certain aspects of a course, rather than the entire course. This could mean exporting only quizzes, or lessons, for example.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>LearnPress Migration Functionality – Effortless LMS Migration Tool\u003C\u002Fh3>\n\u003Cp>The \u003Cstrong>most powerful\u003C\u002Fstrong> feature addition to \u003Cstrong>this add-on\u003C\u002Fstrong> is a streamlined, one-click migration tool for facilitating seamless transitions from other LMS systems to LearnPress. This feature helps users looking to switch LMS platforms while preserving their valuable course content, student data, and instructor information.\u003C\u002Fp>\n\u003Ch3>Currently, our migration tool supports converting data from the following platforms to LearnPress:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>TutorLMS\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>LearnDash\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>MasterStudy (Developing – Coming soon!)\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Here’s a detailed breakdown of the migration tool’s functions and benefits:\u003C\u002Fp>\n\u003Ch3>Main Functionality:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Automated Data Transfer\u003C\u002Fstrong>: The tool automates the complex process of transferring data from \u003Cstrong>supported LMS platforms (like TutorLMS or LearnDash)\u003C\u002Fstrong> to LearnPress. This eliminates the need for manual data entry or complex database manipulation, saving time and effort.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Data Mapping\u003C\u002Fstrong>: In cases where data structures are different between \u003Cstrong>other LMSs\u003C\u002Fstrong> and LearnPress, the tool intelligently maps data fields to ensure accurate transfer.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Benefits for Users:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Cost Effective\u003C\u002Fstrong>: By automating a complex process, this add-on saves the user from paying developers for the migration process. Moreover, this plugin is free to download as well!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Technical considerations\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>The \u003Cstrong>add-on\u003C\u002Fstrong> requires both LearnPress and \u003Cstrong>the other LMS system you are migrating from\u003C\u002Fstrong> to be installed and activated on your WordPress site.\u003Cbr \u002F>\nIt is \u003Cstrong>highly\u003C\u002Fstrong> recommended to back up the website before starting the migration process.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Other free add-ons for LearnPress are available in WordPress:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Flearnpress-wishlist\u002F\" rel=\"ugc\">LearnPress Wishlist\u003C\u002Fa> – add courses to a wishlist for students.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Flearnpress-course-review\u002F\" rel=\"ugc\">LearnPress Course Review\u003C\u002Fa> – review course for enrolled students.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Flearnpress-prerequisites-courses\u002F\" rel=\"ugc\">LearnPress Prerequisites Courses\u003C\u002Fa> – require student to pass some courses in order to enroll other course.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Flearnpress-bbpress\" rel=\"ugc\">LearnPress bbPress\u003C\u002Fa> – add bbPress Forum support for LearnPress.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Flearnpress-buddypress\" rel=\"ugc\">LearnPress BuddyPress\u003C\u002Fa> – add BuddyPress support for LearnPress.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Premium Plugins (add-ons) for LearnPress WordPress LMS Plugin\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fthimpress.com\u002Fproduct\u002Fcertificates-add-on-for-learnpress\u002F\" rel=\"nofollow ugc\">Certificates add-on for LearnPress\u003C\u002Fa> – adding drag & drop certificates builder as well as selecting designed certificate for each LMS course, your student will get particular certificate when they finished a course.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fthimpress.com\u002Fproduct\u002Fco-instructors-add-on-for-learnpress\u002F\" rel=\"nofollow ugc\">Co-instructors add-on for LearnPress\u003C\u002Fa> – multiple instructors support for each LMS course.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fthimpress.com\u002Fproduct\u002Fcollections-add-on-for-learnpress\u002F\" rel=\"nofollow ugc\">Collections add-on for LearnPress\u003C\u002Fa> – making LMS courses collection by selecting number of courses, this is helpful if you want to combine multiple LMS courses into a collection for a group of skills.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fthimpress.com\u002Fproduct\u002Fstripe-add-on-for-learnpress\u002F\" rel=\"nofollow ugc\">Stripe Payment method for LearnPress\u003C\u002Fa> – Stripe payment method for LearnPress WordPress LMS Plugin.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fthimpress.com\u002Fproduct\u002Fwoocommerce-add-on-for-learnpress\u002F\" rel=\"nofollow ugc\">WooCommerce add-on for LearnPress\u003C\u002Fa> – using WooCommerce as payment gateway for LearnPress WordPress LMS Plugin.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Other note\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fdocs.thimpress.com\u002Flearnpress\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa> is available in ThimPress site.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FLearnPress\u002FLearnPress\u002F\" rel=\"nofollow ugc\">LearnPress github repo.\u003C\u002Fa>\u003C\u002Fp>\n","LearnPress Export\u002FImport bring you feature to export course, lesson, quiz, question from a LearnPress site to back up or bring to another LearnPress s &hellip;",5000,219868,62,15,"2026-03-12T07:09:00.000Z","6.9.4","6.0","7.4",[54,55,56,57],"e-learning","import-export","learning-management-system","learnpress","https:\u002F\u002Fthimpress.com\u002Fproduct\u002Flearnpress-export-import\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flearnpress-import-export.4.1.3.zip",86,7,"2026-02-11 00:00:00",{"slug":64,"name":65,"version":66,"author":67,"author_profile":68,"description":69,"short_description":70,"active_installs":71,"downloaded":72,"rating":13,"num_ratings":73,"last_updated":74,"tested_up_to":75,"requires_at_least":76,"requires_php":16,"tags":77,"homepage":81,"download_link":82,"security_score":23,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":26},"buddypress-learndash","BuddyPress for LearnDash","1.3.0","Syed Balkhi","https:\u002F\u002Fprofiles.wordpress.org\u002Fsmub\u002F","\u003Cp>Want your learners to interact with each other? \u003Cstrong>BuddyPress for LearnDash\u003C\u002Fstrong> turns your course driven website into a social education platform, creating a seamless bridge between BuddyPress and \u003Ca href=\"http:\u002F\u002Fwww.learndash.com\u002F\" rel=\"nofollow ugc\">LearnDash\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>BuddyPress Groups\u003C\u002Fh4>\n\u003Cp>Easily tie any LearnDash Course to a BuddyPress Group.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Course participants automatically get added as members to the group\u003C\u002Fli>\n\u003Cli>Group becomes private to course participants and invited members\u003C\u002Fli>\n\u003Cli>Course Lessons become visible at the group\u003C\u002Fli>\n\u003Cli>Course activity gets streamed into the group feed (optional)\u003C\u002Fli>\n\u003Cli>Forum gets added to the group (if bbPress is enabled)\u003C\u002Fli>\n\u003Cli>Course featured image becomes group avatar (if no group avatar has been set)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>BuddyPress Activity\u003C\u002Fh4>\n\u003Cp>Activity is one of the core features of BuddyPress, allowing users to interact with each other in real-time. When a course is tied to a group, course actions are optionally added to the group’s activity stream. Group admins can determine which actions to allow in their group, including:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>User starts a course\u003C\u002Fli>\n\u003Cli>User completes a course\u003C\u002Fli>\n\u003Cli>User creates a lesson\u003C\u002Fli>\n\u003Cli>User completes a lesson\u003C\u002Fli>\n\u003Cli>User passes a quiz\u003C\u002Fli>\n\u003Cli>User comments on single lesson page\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>BuddyPress Members\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Your members can view their Active and Completed courses in their profiles.\u003C\u002Fli>\n\u003Cli>Leaders and Students get added as filterable tabs in your Members directory.\u003C\u002Fli>\n\u003Cli>All LearnDash user links redirect to member profiles (instead of author pages).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>bbPress Forums\u003C\u002Fh4>\n\u003Cp>If bbPress is enabled, a forum will be tied to every “course group” automatically, using the same name as the course for the forum title. Group members can then discuss the course in one central location.\u003C\u002Fp>\n\u003Ch4>Extend LearnDash with ‘Social Learner’\u003C\u002Fh4>\n\u003Cp>BuddyPress for LearnDash is built by the experienced developers at BuddyBoss who also offer a premium social learning solution called \u003Ca href=\"https:\u002F\u002Fwww.buddyboss.com\u002Fproduct\u002Fsocial-learner-learndash\" title=\"Social Learner for LearnDash\" rel=\"nofollow ugc\">Social Learner\u003C\u002Fa>.\u003C\u002Fp>\n","BuddyPress for LearnDash integrates the LearnDash LMS plugin with BuddyPress, so you can add groups, activity, members, and forums to your courses.",2000,97469,18,"2020-06-19T09:37:00.000Z","5.4.19","3.8",[18,78,79,56,80],"learndash","learning","lms","http:\u002F\u002Fbuddyboss.com\u002Fproduct\u002Fbuddypress-learndash\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddypress-learndash.1.3.0.zip",{"slug":84,"name":85,"version":86,"author":87,"author_profile":88,"description":89,"short_description":90,"active_installs":91,"downloaded":92,"rating":93,"num_ratings":94,"last_updated":95,"tested_up_to":96,"requires_at_least":97,"requires_php":98,"tags":99,"homepage":103,"download_link":104,"security_score":105,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":26},"bp-default-data","BuddyPress Default Data","1.4.0","Slava Abakumov","https:\u002F\u002Fprofiles.wordpress.org\u002Fslaffik\u002F","\u003Cp>Plugin will create lots of users, messages, friends connections, groups, topics, activity items, profile data – useful for testing purpose.\u003C\u002Fp>\n\u003Cp>All imported users will have avatars, generated by 8biticon.com and displayed by Gravatar.\u003C\u002Fp>\n\u003Cp>Please use this plugin with caution and not on a live site! Again, USE FOR TESTING THEMES AND PLUGINGS, NOT ON A STAGING SITE WITH LIVE DATA. Plugin should not mess with your live data, but not guaranteed.\u003C\u002Fp>\n\u003Cp>Clear BuddyPress button will delete all data, that was generated by this plugin: messages, groups, notifications, friends, forum posts, xprofile. Plugin won’t reimport data if clicked twice.\u003C\u002Fp>\n\u003Cp>And turn off email notifications in profile (friendship accepted and messages received) – or you will spam yourself 🙂 Imported users have these settings already turned off.\u003C\u002Fp>\n","Plugin will create lots of users, messages, friends connections, groups, topics, activity items, profile data - useful for testing purpose.",400,72981,78,22,"2024-11-30T22:53:00.000Z","6.7.5","4.4","5.3",[18,100,19,101,102],"groups","messages","users","https:\u002F\u002Fovirium.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbp-default-data.1.4.0.zip",92,{"slug":107,"name":108,"version":109,"author":7,"author_profile":8,"description":110,"short_description":111,"active_installs":11,"downloaded":112,"rating":113,"num_ratings":114,"last_updated":115,"tested_up_to":16,"requires_at_least":16,"requires_php":16,"tags":116,"homepage":120,"download_link":121,"security_score":23,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":26},"bp-import-blog-activity","BP Import Blog Activity","0.2","\u003Cp>If you install BuddyPress on an already thriving WordPress installation, you’ll notice that existing blog comments and posts are not inserted into the activity stream. This plugin fixes that.\u003C\u002Fp>\n\u003Cp>Requires WordPress Multisite\u003C\u002Fp>\n","Updates BuddyPress activity streams with missing blog comments and posts",4652,20,1,"2012-09-17T01:07:00.000Z",[117,118,18,119,19],"activity","blog","comments","http:\u002F\u002Fteleogistic.net\u002Fcode\u002Fbuddypress\u002Fbp-import-blog-activity","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbp-import-blog-activity.0.2.zip",{"slug":123,"name":124,"version":125,"author":126,"author_profile":127,"description":128,"short_description":129,"active_installs":11,"downloaded":130,"rating":131,"num_ratings":132,"last_updated":133,"tested_up_to":134,"requires_at_least":135,"requires_php":16,"tags":136,"homepage":140,"download_link":141,"security_score":23,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":26},"buddypress-groups-import","BuddyPress Groups Import","0.3","Turker YILDIRIM","https:\u002F\u002Fprofiles.wordpress.org\u002Ftrkr\u002F","\u003Cp>This plugin imports BuddyPress groups with their settings from a CSV file. It also supports \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbp-group-hierarchy\u002F\" rel=\"ugc\">BP Group Hierarchy\u003C\u002Fa> plugin.\u003Cbr \u002F>\nPreapare CSV file, select bulk settings if needed and then click import. That’s all, enjoy.\u003C\u002Fp>\n\u003Cp>Features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Possible to enable group forum\u003C\u002Fli>\n\u003Cli>Possible to select group status\u003C\u002Fli>\n\u003Cli>Possible to select group invite status\u003C\u002Fli>\n\u003Cli>Possible to override CSV settings from admin page\u003C\u002Fli>\n\u003Cli>BP Group Hierarchy plugin support\u003C\u002Fli>\n\u003Cli>Possible to select parent group\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>Released under the terms of the GNU General Public License.\u003C\u002Fp>\n","Import groups from CSV file into BuddyPress.",3675,100,2,"2016-05-12T11:01:00.000Z","4.5.33","4.3",[18,137,138,19,139],"csv","group","settings","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbuddypress-groups-import\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddypress-groups-import.0.3.zip",{"attackSurface":143,"codeSignals":154,"taintFlows":217,"riskAssessment":254,"analyzedAt":267},{"hooks":144,"ajaxHandlers":150,"restRoutes":151,"shortcodes":152,"cronEvents":153,"entryPointCount":24,"unprotectedCount":24},[145],{"type":146,"name":147,"callback":148,"file":149,"line":48},"action","bp_include","bp_ning_import_bp_init","import-from-ning.php",[],[],[],[],{"dangerousFunctions":155,"sqlUsage":156,"outputEscaping":159,"fileOperations":14,"externalRequests":24,"nonceChecks":24,"capabilityChecks":24,"bundledLibraries":216},[],{"prepared":157,"raw":24,"locations":158},12,[],{"escaped":160,"rawEcho":161,"locations":162},16,26,[163,167,169,171,173,175,177,179,181,183,185,187,189,191,193,195,197,199,201,203,205,207,209,211,213,215],{"file":164,"line":165,"context":166},"bp-functions.php",627,"raw output",{"file":164,"line":168,"context":166},629,{"file":164,"line":170,"context":166},710,{"file":164,"line":172,"context":166},717,{"file":164,"line":174,"context":166},796,{"file":164,"line":176,"context":166},812,{"file":164,"line":178,"context":166},869,{"file":164,"line":180,"context":166},962,{"file":164,"line":182,"context":166},965,{"file":164,"line":184,"context":166},1034,{"file":164,"line":186,"context":166},1037,{"file":164,"line":188,"context":166},1068,{"file":164,"line":190,"context":166},1129,{"file":164,"line":192,"context":166},1139,{"file":164,"line":194,"context":166},1295,{"file":164,"line":196,"context":166},1431,{"file":164,"line":198,"context":166},1433,{"file":164,"line":200,"context":166},1434,{"file":164,"line":202,"context":166},1472,{"file":164,"line":204,"context":166},1473,{"file":164,"line":206,"context":166},1738,{"file":164,"line":208,"context":166},1743,{"file":164,"line":210,"context":166},1748,{"file":164,"line":212,"context":166},1758,{"file":164,"line":214,"context":166},1797,{"file":164,"line":214,"context":166},[],[218,243],{"entryPoint":219,"graph":220,"unsanitizedCount":132,"severity":242},"bp_ning_import_sent_email_markup (bp-functions.php:1771)",{"nodes":221,"edges":238},[222,227,232,236],{"id":223,"type":224,"label":225,"file":164,"line":226},"n0","source","$_POST['email-subject']",1779,{"id":228,"type":229,"label":230,"file":164,"line":226,"wp_function":231},"n1","sink","update_option() [Settings Manipulation]","update_option",{"id":233,"type":224,"label":234,"file":164,"line":235},"n2","$_POST['email-text']",1781,{"id":237,"type":229,"label":230,"file":164,"line":235,"wp_function":231},"n3",[239,241],{"from":223,"to":228,"sanitized":240},false,{"from":233,"to":237,"sanitized":240},"low",{"entryPoint":244,"graph":245,"unsanitizedCount":132,"severity":242},"\u003Cbp-functions> (bp-functions.php:0)",{"nodes":246,"edges":251},[247,248,249,250],{"id":223,"type":224,"label":225,"file":164,"line":226},{"id":228,"type":229,"label":230,"file":164,"line":226,"wp_function":231},{"id":233,"type":224,"label":234,"file":164,"line":235},{"id":237,"type":229,"label":230,"file":164,"line":235,"wp_function":231},[252,253],{"from":223,"to":228,"sanitized":240},{"from":233,"to":237,"sanitized":240},{"summary":255,"deductions":256},"The \"import-from-ning\" v2.1 plugin exhibits a mixed security posture. On the positive side, it demonstrates good practices in its database interactions, with 100% of SQL queries utilizing prepared statements, significantly mitigating the risk of SQL injection. Furthermore, there are no known CVEs associated with this plugin, and its attack surface is reported as zero entry points, suggesting a well-contained design in terms of common web vulnerabilities like AJAX handlers, REST API routes, shortcodes, and cron events.\n\nHowever, several concerns emerge from the static analysis. The low percentage of properly escaped output (38%) is a significant weakness, creating a high risk of Cross-Site Scripting (XSS) vulnerabilities. Taint analysis also reveals two flows with unsanitized paths, and while no critical or high severity issues were flagged, these unsanitized paths represent potential vectors for malicious code execution or data manipulation if an attacker can control the input leading to these paths. The absence of nonce checks and capability checks across all entry points (which are reported as zero, but the analysis suggests a lack of checks where they might be expected if entry points existed) is concerning, as it implies a lack of authorization and validation on any potential, albeit currently undiscovered, entry points.\n\nGiven the lack of vulnerability history and the minimal reported attack surface, the plugin may be relatively safe in its current state. However, the prevalent output escaping issues and unsanitized taint flows are substantial risks that should be addressed to improve its overall security. The developer should prioritize fixing these identified code-level weaknesses.",[257,260,262,265],{"reason":258,"points":259},"Insufficient output escaping",8,{"reason":261,"points":259},"Unsanitized paths in taint flows",{"reason":263,"points":264},"Missing nonce checks",5,{"reason":266,"points":264},"Missing capability checks","2026-03-16T23:43:33.812Z",{"wat":269,"direct":275},{"assetPaths":270,"generatorPatterns":272,"scriptPaths":273,"versionParams":274},[271],"\u002Fwp-content\u002Fplugins\u002Fimport-from-ning\u002Fstyle.css",[],[],[],{"cssClasses":276,"htmlComments":277,"htmlAttributes":278,"restEndpoints":279,"jsGlobals":280,"shortcodeOutput":283},[],[],[],[],[281,282],"WP_CONTENT_DIR","BP_AVATAR_UPLOAD_PATH",[]]