[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f5nbIQa3a1KljUKF26gd59ldR0A2cobqd3b_0gu3E5_c":3,"$fFapMv3jyJG_dMwcWb7zKkcQ8PStAnQk5JLV_Af5vMcg":283,"$fZppjb9pT9Yjdq_lhJ6mv42IS-h_USaRiRSB8v34lRPQ":287},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"discovery_status":29,"vulnerabilities":30,"developer":31,"crawl_stats":27,"alternatives":36,"analysis":113,"fingerprints":250},"in-context-comments","In-Context Comment","0.8.2","InContext","https:\u002F\u002Fprofiles.wordpress.org\u002Fincontext\u002F","\u003Cp>Comments are extremely critical for the success of a blog. All existing blog platform and commenting plugins only let readers add comments all the way at the bottom of a post, out of the context of the content in the post. When you write a long blog post with, say, 10 paragraphs, and readers are commenting on a particular statement or expression in paragraph 3, they have to scroll back and forth to read the context to figure out what the comments are about. The “In-Context Comment” plugin changes that: Now you can add an “In-Context Comment” icon using \u003Cin-context-comment:here:tag> (where “tag” is any word or words connected by hyphen ) at any place you want readers to comment on and they will be able to click and open a window to add comments right there, next to the context so other readers can see both the context and the comments in one glance. The comment window automatically closes when a reader clicks the cursor anywhere outside the comment window so it does not interfere with the reading.\u003C\u002Fp>\n\u003Cp>This plugin can also help you grow your readership by posting the comments to the commenters’ Facebook and Twitter status updates to bring in new readers to your blog.\u003Cbr \u002F>\nYou can also configure the “In-Context Comment” plugin to automatically add a comment icon at the end of each paragraph that is longer than a certain number of characters. This auto feature is enabled by default with a minimum character count of 360. Please go to the plugin’s Settings page to change.\u003C\u002Fp>\n\u003Ch3>Documentation\u003C\u002Fh3>\n\u003Cp>Visit http:\u002F\u002Fwizag.com\u002Fincontext.php for example and documentation\u003C\u002Fp>\n","\"In-Context Comment\" lets readers leave comments right next to the content being commented, instead of only at the bottom of the blog post",10,3727,20,1,"2011-12-23T06:33:00.000Z","3.2.1","2.8","",[20,21,22],"blog","comments","context","http:\u002F\u002Fwizag.com\u002Fincontext.php","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fin-context-comments.zip",85,0,null,"2026-04-06T09:54:40.288Z","no_bundle",[],{"slug":32,"display_name":7,"profile_url":8,"plugin_count":14,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"incontext",30,84,"2026-05-20T01:26:29.875Z",[37,52,68,81,97],{"slug":38,"name":39,"version":40,"author":18,"author_profile":41,"description":18,"short_description":42,"active_installs":11,"downloaded":43,"rating":26,"num_ratings":26,"last_updated":44,"tested_up_to":45,"requires_at_least":46,"requires_php":18,"tags":47,"homepage":49,"download_link":50,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":51},"blogfollow","BlogFollow","1.1","https:\u002F\u002Fprofiles.wordpress.org\u002Fmattc78\u002F","BlogFollow is a WordPress pluggin that shows a snippet from a commenter's blog at the bottom on their comment.",2267,"2008-10-28T14:08:00.000Z","2.6","2.0.2",[20,21,48],"snippet","http:\u002F\u002Fwww.pseudocoder.com\u002Fblogfollow-show-a-snippet-from-a-commenters-blog-in-the-comment\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblogfollow.zip","2026-04-16T10:56:18.058Z",{"slug":53,"name":54,"version":55,"author":56,"author_profile":57,"description":58,"short_description":59,"active_installs":11,"downloaded":60,"rating":13,"num_ratings":14,"last_updated":61,"tested_up_to":18,"requires_at_least":18,"requires_php":18,"tags":62,"homepage":66,"download_link":67,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":51},"bp-import-blog-activity","BP Import Blog Activity","0.2","Boone Gorges","https:\u002F\u002Fprofiles.wordpress.org\u002Fboonebgorges\u002F","\u003Cp>If you install BuddyPress on an already thriving WordPress installation, you’ll notice that existing blog comments and posts are not inserted into the activity stream. This plugin fixes that.\u003C\u002Fp>\n\u003Cp>Requires WordPress Multisite\u003C\u002Fp>\n","Updates BuddyPress activity streams with missing blog comments and posts",4696,"2012-09-17T01:07:00.000Z",[63,20,64,21,65],"activity","buddypress","import","http:\u002F\u002Fteleogistic.net\u002Fcode\u002Fbuddypress\u002Fbp-import-blog-activity","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbp-import-blog-activity.0.2.zip",{"slug":69,"name":70,"version":71,"author":56,"author_profile":57,"description":72,"short_description":73,"active_installs":11,"downloaded":74,"rating":26,"num_ratings":26,"last_updated":75,"tested_up_to":18,"requires_at_least":18,"requires_php":18,"tags":76,"homepage":79,"download_link":80,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":51},"bp-include-non-member-comments","BP Include Non-member Comments","1.3","\u003Cp>By default, BuddyPress does not include comments from non-members (or non-logged-in users more generally) in the sitewide activity stream. This plugin records activity items for those comments.\u003C\u002Fp>\n\u003Cp>Please note: the latest version of this plugin (1.2) will NOT work with versions of BuddyPress between 1.2RC and 1.2.1. BP versions 1.2.2+ are supported. Please download an earlier version of this plugin for compatibility with older versions of BuddyPress\u003C\u002Fp>\n","Inserts blog comments from non-logged-in users into the activity stream",4833,"2013-03-26T16:03:00.000Z",[63,77,64,21,78],"blogs","non-members","http:\u002F\u002Fteleogistic.net\u002Fcode\u002Fbuddypress\u002Fbp-include-non-member-comments","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbp-include-non-member-comments.1.3.zip",{"slug":82,"name":83,"version":84,"author":85,"author_profile":86,"description":87,"short_description":88,"active_installs":11,"downloaded":89,"rating":90,"num_ratings":14,"last_updated":91,"tested_up_to":18,"requires_at_least":18,"requires_php":18,"tags":92,"homepage":95,"download_link":96,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":51},"buddypress-activity-as-blog-comments","BuddyPress Activity Stream as Blog Comments","0.1.1","rich! @ etiviti","https:\u002F\u002Fprofiles.wordpress.org\u002Fnuprn1\u002F","\u003Cp>This plugin will replace the main BuddyPress blog (for what BP is activated on) comments section with the activity stream reply system (threaded) and the (reply | favorite) links\u003C\u002Fp>\n\u003Cp>This will remove the WP Comments reply section – only the site admin will have access to make traditional comment replies (you may adjust this in the theme file)\u003C\u002Fp>\n\u003Cp>I consider this an experimental plugin showing how the activity stream can be more a main component across WordPress.\u003C\u002Fp>\n\u003Ch4>Requirements\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Activity stream enabled\u003C\u002Fli>\n\u003Cli>blog and forum activity stream enabled\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Important Notes\u003C\u002Fh4>\n\u003Cp>Please see the FAQ – if you have an existing BP install with blog postings and comments you MUST run an additional plugin to import blog postings and comments into the activity stream (this is untested)\u003C\u002Fp>\n\u003Cp>Currently no WPMU subblog support – looking for any brave souls to configure it properly. 🙂\u003C\u002Fp>\n\u003Ch4>Related Links:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fblog.etiviti.com\u002F2010\u002F04\u002Fbuddypress-activity-stream-as-blog-comments\u002F\" title=\"BuddyPress Activity Stream as Blog Comments - Blog About Page\" rel=\"nofollow ugc\">About Page\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fetivite.com\u002F2010\u002F04\u002Fwhat-does-it-mean\u002F\" title=\"Plugin Demo Site\" rel=\"nofollow ugc\">See it in action\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Please report any bugs, ideas, concerns, etc – detailed.\u003C\u002Fp>\n\u003Ch3>Extra Configuration\u003C\u002Fh3>\n\u003Ch4>Allow other members to use traditional blog comment reply\u003C\u002Fh4>\n\u003Cp>Edit the theme file theme\u002Factivitycomments\u002Fblogactivity-commments.php (you may want to copy this activitycomments\u002Ffile to your default theme to prevent future updates from overwriting)\u003C\u002Fp>\n\u003Cp>change the line\n    \u003C\u002Fp>\n\u003Cp>Where is_site_admin can be \u003Ccode>current_user_can()\u003C\u002Fcode> with the wp_cap level (lets say you want editors or authors to reply to comments in the traditional sense). Then additional blog_comments will show activity replies underneath as well. (a neat nested effect)\u003C\u002Fp>\n","This plugin will replace the blog comments section with the activity stream reply system",7387,100,"2011-01-24T16:50:00.000Z",[93,94,64],"activity-stream","blog-comments","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fbuddypress-activity-as-blog-comments\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddypress-activity-as-blog-comments.zip",{"slug":98,"name":99,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":11,"downloaded":105,"rating":90,"num_ratings":106,"last_updated":107,"tested_up_to":108,"requires_at_least":109,"requires_php":18,"tags":110,"homepage":111,"download_link":112,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"kittens-for-comments","Kittens for Comments","3.0.2","Will Brubaker","https:\u002F\u002Fprofiles.wordpress.org\u002Fwillthewebmechanic\u002F","\u003Cp>You’ve poured your heart and soul in to writing fascinating blog posts.  You know you have a lot of readership, but nobody except your mom is leaving comments.  That’s a bit discouraging right?  Entice your readers to leave comments by giving them a picture of a cute kitten in return.\u003C\u002Fp>\n\u003Cp>Just prior to the comment form coming in to view, an unobtrusive panel will be displayed with a short message that says: “Your comments make us happy.  Leave a comment, get a kitten!”\u003C\u002Fp>\n\u003Cp> \u003C\u002Fp>\n\u003Cp>When a comment is submitted, a picture of an adorable kitten is displayed in a modal window.\u003C\u002Fp>\n\u003Cp>Caveats:\u003C\u002Fp>\n\u003Cp>This plugin assumes that your comment form is A) built with the ‘comment_form’ WordPress function and B) that your comment form has an id of “commentform” (This is the WordPress default, but your theme developer may have changed the behavior for whatever reason.\u003Cbr \u002F>\nThis plugin assumes that comment forms only appear on single posts and only loads the code when a single post (or page) is loaded.\u003Cbr \u002F>\n \u003C\u002Fp>\n\u003Ch3>Other Information\u003C\u002Fh3>\n\u003Cp>I created this plugin for my own amusement and am offering it for you to use as you wish.  If you find it useful but would like more features, please do ask.\u003C\u002Fp>\n","Encourages your readers to leave comments with the promise of a kitten picture.  Who doesn't love kittens?",2284,3,"2015-11-28T14:56:00.000Z","4.4.34","3.9",[20,21],"http:\u002F\u002Fwww.willthewebmechanic.com\u002Fkittens-for-comments.html","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkittens-for-comments.3.0.2.zip",{"attackSurface":114,"codeSignals":148,"taintFlows":177,"riskAssessment":237,"analyzedAt":249},{"hooks":115,"ajaxHandlers":136,"restRoutes":144,"shortcodes":145,"cronEvents":146,"entryPointCount":147,"unprotectedCount":147},[116,122,127,132],{"type":117,"name":118,"callback":119,"priority":11,"file":120,"line":121},"filter","plugin_action_links","ICC_plugin_action_links","icc_config.php",105,{"type":123,"name":124,"callback":125,"file":120,"line":126},"action","admin_menu","ICC_config_page",106,{"type":123,"name":128,"callback":129,"file":130,"line":131},"wp_head","zxy_add_js","in-context_comments.php",41,{"type":117,"name":133,"callback":134,"priority":14,"file":130,"line":135},"the_content","change_body_content",257,[137,142],{"action":138,"nopriv":139,"callback":138,"hasNonce":140,"hasCapCheck":140,"file":130,"line":141},"refreshNum",true,false,42,{"action":138,"nopriv":140,"callback":138,"hasNonce":140,"hasCapCheck":140,"file":130,"line":143},43,[],[],[],2,{"dangerousFunctions":149,"sqlUsage":150,"outputEscaping":153,"fileOperations":147,"externalRequests":26,"nonceChecks":26,"capabilityChecks":14,"bundledLibraries":176},[],{"prepared":151,"raw":26,"locations":152},7,[],{"escaped":26,"rawEcho":11,"locations":154},[155,159,161,163,165,167,169,171,172,174],{"file":156,"line":157,"context":158},"ajax\\in-context_comments_ajax.php",19,"raw output",{"file":120,"line":160,"context":158},53,{"file":120,"line":162,"context":158},64,{"file":130,"line":164,"context":158},18,{"file":130,"line":166,"context":158},21,{"file":130,"line":168,"context":158},24,{"file":130,"line":170,"context":158},27,{"file":130,"line":33,"context":158},{"file":130,"line":173,"context":158},33,{"file":130,"line":175,"context":158},36,[],[178,195,203,225],{"entryPoint":179,"graph":180,"unsanitizedCount":14,"severity":194},"ICC_conf (icc_config.php:8)",{"nodes":181,"edges":192},[182,187],{"id":183,"type":184,"label":185,"file":120,"line":186},"n0","source","$_POST['ICC_Star_H']",13,{"id":188,"type":189,"label":190,"file":120,"line":186,"wp_function":191},"n1","sink","update_option() [Settings Manipulation]","update_option",[193],{"from":183,"to":188,"sanitized":140},"low",{"entryPoint":196,"graph":197,"unsanitizedCount":14,"severity":194},"\u003Cicc_config> (icc_config.php:0)",{"nodes":198,"edges":201},[199,200],{"id":183,"type":184,"label":185,"file":120,"line":186},{"id":188,"type":189,"label":190,"file":120,"line":186,"wp_function":191},[202],{"from":183,"to":188,"sanitized":140},{"entryPoint":204,"graph":205,"unsanitizedCount":26,"severity":194},"\u003Cin-context_comments> (in-context_comments.php:0)",{"nodes":206,"edges":222},[207,210,214,217],{"id":183,"type":184,"label":208,"file":130,"line":209},"$_POST",261,{"id":188,"type":189,"label":211,"file":130,"line":212,"wp_function":213},"get_results() [SQLi]",291,"get_results",{"id":215,"type":184,"label":216,"file":130,"line":209},"n2","$_POST (x2)",{"id":218,"type":189,"label":219,"file":130,"line":220,"wp_function":221},"n3","query() [SQLi]",296,"query",[223,224],{"from":183,"to":188,"sanitized":139},{"from":215,"to":218,"sanitized":139},{"entryPoint":226,"graph":227,"unsanitizedCount":106,"severity":236},"refreshNum (in-context_comments.php:258)",{"nodes":228,"edges":233},[229,230,231,232],{"id":183,"type":184,"label":208,"file":130,"line":209},{"id":188,"type":189,"label":211,"file":130,"line":212,"wp_function":213},{"id":215,"type":184,"label":216,"file":130,"line":209},{"id":218,"type":189,"label":219,"file":130,"line":220,"wp_function":221},[234,235],{"from":183,"to":188,"sanitized":140},{"from":215,"to":218,"sanitized":140},"high",{"summary":238,"deductions":239},"The \"in-context-comments\" v0.8.2 plugin presents a mixed security posture. On the positive side, it utilizes prepared statements for all SQL queries and has no recorded vulnerability history, suggesting a generally cautious approach to some aspects of development. However, significant concerns arise from the static analysis.  The presence of two AJAX handlers without authentication checks is a major risk, creating an open attack surface. Furthermore, the complete lack of output escaping across all identified outputs is highly problematic, potentially leading to cross-site scripting (XSS) vulnerabilities.  The taint analysis also revealed one high-severity flow with unsanitized paths, which, combined with the unescaped output, points to a significant risk of XSS or similar injection attacks.\n\nWhile the plugin's clean vulnerability history is a good sign, it does not mitigate the immediate risks identified in the current code. The absence of nonce checks on the unprotected AJAX endpoints further exacerbates the security concerns.  In conclusion, the plugin has some strengths, but the critical vulnerabilities found in its attack surface and output handling require immediate attention. The high-severity taint flow, coupled with the complete lack of output escaping, makes this plugin a high-risk component in its current state.",[240,242,245,247],{"reason":241,"points":11},"Unprotected AJAX handlers",{"reason":243,"points":244},"No output escaping",8,{"reason":246,"points":11},"High severity taint flow",{"reason":248,"points":244},"No nonce checks on AJAX","2026-03-17T00:49:09.892Z",{"wat":251,"direct":263},{"assetPaths":252,"generatorPatterns":260,"scriptPaths":261,"versionParams":262},[253,254,255,256,257,258,259],"\u002Fwp-content\u002Fplugins\u002Fin-context-comments\u002Fjs\u002Fprototype.js","\u002Fwp-content\u002Fplugins\u002Fin-context-comments\u002Fjs\u002Feffects.js","\u002Fwp-content\u002Fplugins\u002Fin-context-comments\u002Fjs\u002Fwindow.js","\u002Fwp-content\u002Fplugins\u002Fin-context-comments\u002Fjs\u002Fself_window.js","\u002Fwp-content\u002Fplugins\u002Fin-context-comments\u002Fcss\u002Fdefault.css","\u002Fwp-content\u002Fplugins\u002Fin-context-comments\u002Fcss\u002Falphacube.css","\u002Fwp-content\u002Fplugins\u002Fin-context-comments\u002Fcss\u002Fself_window.css",[],[253,254,255,256],[],{"cssClasses":264,"htmlComments":268,"htmlAttributes":269,"restEndpoints":271,"jsGlobals":272,"shortcodeOutput":276},[265,266,267],"InContext_HaveComments","InContext_HaveComments_Up","InContext_NoComments",[],[270],"onclick",[],[273,274,275],"window.ICC_Star_Add","window.ICC_Star_H","window.ICC_table_db",[277,278,279,280,281,282],"\u003Cin-context-comment:auto-on>","\u003Cin-context-comment:auto-off>","\u003Cicc-first-publish>","\u003Cin-context-comment:block-size:","\u003Cin-context-comment:here:","\u003Cicc_update_wp_post>",{"error":139,"url":284,"statusCode":285,"statusMessage":286,"message":286},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fin-context-comments\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":26,"versions":288},[]]