[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fU8uNE5kpb9Kpt-4153p50cRVfVL4p5RiWNJo1Ri6vNc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":49,"crawl_stats":38,"alternatives":56,"analysis":160,"fingerprints":669},"indieweb-post-kinds","Post Kinds","3.7.3","David Shanske","https:\u002F\u002Fprofiles.wordpress.org\u002Fdshanske\u002F","\u003Cp>Post Kinds adds support to the Classic Editor for responding to and interacting with other sites using the standards\u003Cbr \u002F>\ndeveloped by the IndieWeb by implementing \u003Ca href=\"http:\u002F\u002Findieweb.org\u002Fpost_kinds\" rel=\"nofollow ugc\">kinds of posts\u003C\u002Fa>. It is not compatible with Gutenberg.\u003C\u002Fp>\n\u003Cp>It can also distinguish certain types of passive posts in a manner similar to \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FPost_Formats\" rel=\"nofollow ugc\">post formats\u003C\u002Fa>. While it can work alongside\u003Cbr \u002F>\npost formats, it is recommended as a replacement as it is designed as a replacement using IndieWeb Post Types.\u003C\u002Fp>\n\u003Cp>Many sites will not need all of the kinds set up. What kinds of posts you wish to publish are specific to your needs.\u003C\u002Fp>\n\u003Ch3>Privacy and Data Storage Notice\u003C\u002Fh3>\n\u003Cp>Post Kinds stores extra data in a post indicating what you are responding to. This data is either hand-added or can be parsed from the source URL if provided. This means you have additional\u003Cbr \u002F>\nresponsibilities to responsibly use this data, and to remove information on request.\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Kind Icons are currently provided by \u003Ca href=\"http:\u002F\u002Ffontawesome.io\" rel=\"nofollow ugc\">Font Awesome\u003C\u002Fa> and are licensed as \u003Ca href=\"https:\u002F\u002Fcreativecommons.org\u002Flicenses\u002Fby\u002F4.0\u002F\" rel=\"nofollow ugc\">CC BY 4.0\u003C\u002Fa>. A copy of the license notice is bundled.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fboffosocko.com\" rel=\"nofollow ugc\">Chris Aldrich\u003C\u002Fa> always receives a credit on my plugins due his regular feedback, input, and usage.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Theme Support\u003C\u002Fh3>\n\u003Cp>Post Kinds automatically adds information to \u003Ccode>the_content\u003C\u002Fcode> and \u003Ccode>the_excerpt\u003C\u002Fcode> filter. Being as this is inside the content block, which may or may not be desirable, you may remove these filters as noted\u003Cbr \u002F>\nbelow and call \u003Ccode>kind_display\u003C\u002Fcode> directly. This will allow it to appear outside the content block. To remove the automatic display, add the following to your theme.\u003Cbr \u002F>\n    * \u003Ccode>add_filter( 'kind_content_display', '__return_false' );\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>The functions \u003Ccode>has_post_kind\u003C\u002Fcode>, \u003Ccode>set_post_kind\u003C\u002Fcode>, and \u003Ccode>set_post_kind\u003C\u002Fcode> will allow you to manipulate the kind settings in a post. \u003Ccode>get_post_kind_string\u003C\u002Fcode> will return the display name of a kind.\u003C\u002Fp>\n\u003Cp>If you want to customize the look of the display, you can create a directory in your theme called \u003Ccode>kind_views\u003C\u002Fcode>, copy the file from the views directory of the plugin, and modify it. This will persist\u003Cbr \u002F>\nthrough future plugin updates.\u003C\u002Fp>\n","Ever want to reply to someone else's post with a post on your own site? Or to \"like\" someone else's post, but with your own site?",100,31852,86,6,"2024-04-09T03:12:00.000Z","6.5.8","4.9.9","7.0",[20,21,22,23,24],"indieweb","interaction","posts","share","webmention","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Findieweb-post-kinds\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Findieweb-post-kinds.3.7.3.zip",92,1,0,"2015-05-13 00:00:00","2026-03-15T15:16:48.613Z",[33],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"CVE-2015-9494","post-kinds-cross-site-scripting","Post Kinds \u003C 1.3.1.1 - Cross-Site Scripting","The indieweb-post-kinds plugin before 1.3.1.1 for WordPress has XSS via the genericons\u002Fexample.html anchor identifier.",null,"\u003C1.3.1.1","1.3.1.1","medium",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-01-22 19:56:02",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fd570009f-0011-485a-bd14-f511cb2b60d7?source=api-prod",3177,{"slug":50,"display_name":7,"profile_url":8,"plugin_count":51,"total_installs":52,"avg_security_score":53,"avg_patch_time_days":48,"trust_score":54,"computed_at":55},"dshanske",5,720,97,77,"2026-04-04T09:12:41.838Z",[57,80,98,123,142],{"slug":24,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":11,"num_ratings":66,"last_updated":67,"tested_up_to":68,"requires_at_least":69,"requires_php":70,"tags":71,"homepage":75,"download_link":76,"security_score":77,"vuln_count":78,"unpatched_count":29,"last_vuln_date":79,"fetched_at":31},"Webmention","5.6.2","Matthias Pfefferle","https:\u002F\u002Fprofiles.wordpress.org\u002Fpfefferle\u002F","\u003Cp>When you link to a website you can send it a Webmention to notify it and then that website may display your post as a comment, like, or other response, and presto, you’re having a conversation from one site to another!\u003C\u002Fp>\n\u003Cp>A \u003Ca href=\"https:\u002F\u002Fwww.w3.org\u002FTR\u002Fwebmention\u002F\" rel=\"nofollow ugc\">Webmention\u003C\u002Fa> is a notification that one URL links to another. Sending a Webmention is not limited to blog posts, and can be used for additional kinds of content and responses as well.\u003C\u002Fp>\n\u003Cp>For example, a response can be an RSVP to an event, an indication that someone “likes” another post, a “bookmark” of another post, and many others. Webmention enables these interactions to happen across different websites, enabling a distributed social web.\u003C\u002Fp>\n\u003Cp>The Webmention plugin supports the Webmention protocol, giving you support for sending and receiving Webmentions. It offers a simple built in presentation.\u003C\u002Fp>\n","Enable conversation across the web.",900,59493,8,"2026-01-01T12:43:00.000Z","6.9.4","6.2","7.2",[20,72,73,74,24],"linkback","pingback","trackback","https:\u002F\u002Fgithub.com\u002Fpfefferle\u002Fwordpress-webmention","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwebmention.5.6.2.zip",95,3,"2026-04-01 19:17:16",{"slug":20,"name":81,"version":82,"author":81,"author_profile":83,"description":84,"short_description":85,"active_installs":86,"downloaded":87,"rating":11,"num_ratings":14,"last_updated":88,"tested_up_to":68,"requires_at_least":89,"requires_php":90,"tags":91,"homepage":94,"download_link":95,"security_score":96,"vuln_count":28,"unpatched_count":29,"last_vuln_date":97,"fetched_at":31},"IndieWeb","5.0.0","https:\u002F\u002Fprofiles.wordpress.org\u002Findieweb\u002F","\u003Cp>The IndieWeb Plugin for WordPress helps you establish your IndieWeb identity by extending the user profile to provide \u003Ca href=\"https:\u002F\u002Findieweb.org\u002Frel-me\" rel=\"nofollow ugc\">rel-me\u003C\u002Fa> and\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Findieweb.org\u002Fh-card\" rel=\"nofollow ugc\">h-card\u003C\u002Fa> fields and optionally adding widgets to display this. It also includes a bundled installer for a core set of IndieWeb-related plugins. It’s\u003Cbr \u002F>\nmeant to be a one-stop shop to help WordPress users quickly and easily join the growing \u003Ca href=\"https:\u002F\u002Findieweb.org\" rel=\"nofollow ugc\">IndieWeb\u003C\u002Fa> movement (see below).\u003C\u002Fp>\n\u003Cp>Some of these plugins allow you to:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>send and receive comments, likes, reposts, and other kinds of post responses using your own site\u003C\u002Fli>\n\u003Cli>allow comments on others’ sites to show up as comments on your posts\u003C\u002Fli>\n\u003Cli>help make IndieWeb comments and mentions look better on your site\u003C\u002Fli>\n\u003Cli>allow support for webmentions\u003C\u002Fli>\n\u003Cli>add location support to your posts\u003C\u002Fli>\n\u003Cli>more easily syndicate your content to other sites to take advantage of network effects and other communities while still owning all of your original content\u003C\u002Fli>\n\u003Cli>link to syndicated versions of a post so that comments on your content in silos like Facebook, Twitter, Instagram can come back to your original post as comments there\u003C\u002Fli>\n\u003Cli>set up a MicroPub Server to use other posting interfaces. (You could potentially use services like Instagram, Foursquare, and others to post to your WordPress site.)\u003C\u002Fli>\n\u003Cli>Use your site to log into other services with \u003Ca href=\"https:\u002F\u002Findieweb.org\u002Findieauth\" rel=\"nofollow ugc\">IndieAuth\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>The IndieWeb\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>The \u003Ca href=\"https:\u002F\u002Findieweb.org\u002F\" rel=\"nofollow ugc\">IndieWeb\u003C\u002Fa> is a people-focused alternative to the ‘corporate web’ that allows you to be the hub of your own web presence.\u003C\u002Fstrong> It’s been written about in \u003Ca href=\"http:\u002F\u002Fwww.wired.com\u002F2013\u002F08\u002Findie-web\u002F\" rel=\"nofollow ugc\">Wired\u003C\u002Fa>, \u003Ca href=\"http:\u002F\u002Fwww.theatlantic.com\u002Ftechnology\u002Farchive\u002F2014\u002F08\u002Fthe-new-editors-of-the-internet\u002F378983\u002F\" rel=\"nofollow ugc\">The Atlantic\u003C\u002Fa>, \u003Ca href=\"http:\u002F\u002Fwww.slate.com\u002Fblogs\u002Ffuture_tense\u002F2014\u002F04\u002F25\u002Findiewebcamps_create_tools_for_a_new_internet.html\" rel=\"nofollow ugc\">Slate\u003C\u002Fa>, and \u003Ca href=\"https:\u002F\u002Fgigaom.com\u002F2014\u002F09\u002F03\u002Fdont-like-facebook-owning-and-controlling-your-content-use-tools-that-support-the-open-web\u002F\" rel=\"nofollow ugc\">Gigaom\u003C\u002Fa> amongst others.\u003C\u002Fp>\n\u003Ch3>The IndieWeb, like WordPress, feels that your content is yours\u003C\u002Fh3>\n\u003Cp>When you post something on the web, it should belong to you, not a corporation. Too many companies have gone out of business and lost all of their users’ data. By joining the IndieWeb, your content stays yours and in your control.\u003C\u002Fp>\n\u003Ch3>The IndieWeb is here to help you be better connected\u003C\u002Fh3>\n\u003Cp>Your articles and status messages can be syndicated to all services, not just one, allowing you to engage with everyone in your social network\u002Fsocial graph. Even replies and likes on other services can come back to your site so they’re all in one place.\u003C\u002Fp>\n\u003Cp>Interested in connecting your WordPress site to the \u003Ca href=\"https:\u002F\u002Findieweb.org\u002F\" rel=\"nofollow ugc\">IndieWeb\u003C\u002Fa>? Let us help you get started.\u003C\u002Fp>\n","IndieWeb for WordPress!",600,30949,"2025-12-19T21:31:00.000Z","4.7","7.4",[92,20,93,24],"indieauth","posse","https:\u002F\u002Fgithub.com\u002Findieweb\u002Fwordpress-indieweb","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Findieweb.5.0.0.zip",99,"2026-01-08 17:50:29",{"slug":99,"name":100,"version":101,"author":102,"author_profile":103,"description":104,"short_description":105,"active_installs":106,"downloaded":107,"rating":11,"num_ratings":108,"last_updated":109,"tested_up_to":110,"requires_at_least":111,"requires_php":112,"tags":113,"homepage":119,"download_link":120,"security_score":121,"vuln_count":28,"unpatched_count":29,"last_vuln_date":122,"fetched_at":31},"swifty-bar","Swifty Bar, sticky bar by WPGens","1.2.11","Goran87","https:\u002F\u002Fprofiles.wordpress.org\u002Fgoran87\u002F","\u003Cp>\u003Cstrong>Boost your user engagement!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>As featured on \u003Ca href=\"http:\u002F\u002Fwww.wpbeginner.com\u002Fplugins\u002Fhow-to-boost-user-engagement-with-swifty-bar-for-wordpress\u002F\" rel=\"nofollow ugc\">wpbegginer\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fwww.elegantthemes.com\u002Fblog\u002Fresources\u002F10-awesome-new-and-free-plugins-released-on-wordpress-org-in-2015\" rel=\"nofollow ugc\">elegantthemes\u003C\u002Fa> as top10 plugins of 2015, and on product hunt as product of the day.\u003C\u002Fp>\n\u003Cp>Swifty bar will adds sticky bar at the bottom of post that shows category, post title, author, time needed to read article, share buttons together with share count, and previous\u002Fnext post links. This plugin can easily replace your social share buttons while giving readers better experience with much more options. Its fast, coded with best practice, super light and will not slow down your site.\u003C\u002Fp>\n\u003Cp>Check out demo \u003Ca href=\"http:\u002F\u002Fitsgoran.com\u002Fwp\u002Fteaching-civil-rights-without-a-textbook\u002F\" rel=\"nofollow ugc\">here\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Major features in Swifty Bar include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Shows current post category, post title and authors first and last name.\u003C\u002Fli>\n\u003Cli>Shows estimated time that is needed for visitor to read your article.\u003C\u002Fli>\n\u003Cli>Share buttons for most popular social networks (new ones comming soon).\u003C\u002Fli>\n\u003Cli>Number of Comments and click to scroll to comment form.\u003C\u002Fli>\n\u003Cli>Previous\u002FNext Post Links with nice preview on hover.\u003C\u002Fli>\n\u003Cli>Super light, clean code that will not slow down your site.\u003C\u002Fli>\n\u003Cli>Admin Panel to customize each module.\u003C\u002Fli>\n\u003Cli>Supports custom post types.\u003C\u002Fli>\n\u003Cli>Multiple colors and two type of icons\u003C\u002Fli>\n\u003Cli>Share counter\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Share Count in 1.2!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>We introduced share count in latest version of swifty bar. We are saving share counts inside WP Transients to keep things fast and fetching new shares once user clicks on any of the share icons, if no clicks have been made, share will refresh once daily, that way site is doing minimal requests to the share APIs which boosts its speed by ALOT.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Check out my other plugins on \u003Ca href=\"http:\u002F\u002Fwpgens.com\" rel=\"nofollow ugc\">wpgens.com\u003C\u002Fa> and subscribe to get notified once new cool plugins are out – one email per plugin\u002Fmonth\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>If you have any suggestions\u002Ffeedback to improve Swifty Bar, please get in touch with me via email goranefbl@gmail.com .\u003C\u002Fp>\n","Adds sticky bar at the bottom of post that shows category,post title, author, time needed to read article, share buttons and previous\u002Fnext post links",400,34027,48,"2023-09-10T12:23:00.000Z","6.3.8","3.0","",[114,115,116,117,118],"footer-bar","previous-next-posts","share-buttons","sticky-bar","time-to-read","http:\u002F\u002Fwpgens.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fswifty-bar.1.2.11.zip",85,"2023-09-05 00:00:00",{"slug":124,"name":125,"version":126,"author":127,"author_profile":128,"description":129,"short_description":130,"active_installs":11,"downloaded":131,"rating":11,"num_ratings":78,"last_updated":132,"tested_up_to":133,"requires_at_least":69,"requires_php":112,"tags":134,"homepage":138,"download_link":139,"security_score":53,"vuln_count":140,"unpatched_count":29,"last_vuln_date":141,"fetched_at":31},"indieblocks","IndieBlocks","0.13.3","Jan Boddez","https:\u002F\u002Fprofiles.wordpress.org\u002Fjanboddez\u002F","\u003Cp>Use blocks, and, optionally, “short-form” post types to easily “IndieWebify” your WordPress site.\u003C\u002Fp>\n\u003Cp>IndieBlocks registers several blocks (Bookmark, Like, Reply, and Repost, as well as the older Context block) that take a URL and output corresponding \u003Cem>microformatted\u003C\u002Fem> HTML.\u003C\u002Fp>\n\u003Cp>In combination with a microformats-compatible theme, these help ensure microformats clients are able to determine a post’s type.\u003C\u002Fp>\n\u003Cp>It also comes with “short-form” (Note and Like) custom post types, and a (somewhat experimental) option to add microformats to (all!) \u003Cem>block-based\u003C\u002Fem> themes.\u003C\u002Fp>\n\u003Cp>These microformats, in combination with the Webmention protocol, allow for rich \u003Cem>cross-site\u003C\u002Fem> conversations. IndieBlocks comes with its own Webmention implementation, but a separate plugin can be used, too.\u003C\u002Fp>\n\u003Cp>IndieBlocks also registers several “theme” blocks (Facepile, Location, Syndication, and Link Preview), to be used in “block theme” templates.\u003C\u002Fp>\n","Use blocks, and, optionally, \"short-form\" post types to easily \"IndieWebify\" your WordPress site.",6440,"2025-06-14T07:34:00.000Z","6.8.5",[135,20,136,137,24],"blocks","microblog","notes","https:\u002F\u002Findieblocks.xyz\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Findieblocks.0.13.3.zip",2,"2025-06-12 13:09:56",{"slug":143,"name":144,"version":145,"author":146,"author_profile":147,"description":148,"short_description":149,"active_installs":11,"downloaded":150,"rating":151,"num_ratings":152,"last_updated":153,"tested_up_to":154,"requires_at_least":112,"requires_php":112,"tags":155,"homepage":158,"download_link":159,"security_score":121,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"wp-mastodon-share","Mastodon Auto Share","1.4","Alexis Gilard","https:\u002F\u002Fprofiles.wordpress.org\u002Fkernox\u002F","\u003Cp>Publish your posts on your Mastodon’s instance.\u003C\u002Fp>\n","Publish your posts on your Mastodon's instance.",7933,82,9,"2022-05-29T22:17:00.000Z","4.9.29",[156,22,157,23],"mastodon","schedule","https:\u002F\u002Fgithub.com\u002Fkernox\u002Fmastoshare-wp","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-mastodon-share.zip",{"attackSurface":161,"codeSignals":401,"taintFlows":658,"riskAssessment":659,"analyzedAt":668},{"hooks":162,"ajaxHandlers":390,"restRoutes":391,"shortcodes":399,"cronEvents":400,"entryPointCount":28,"unprotectedCount":28},[163,168,172,177,180,184,189,194,198,202,205,208,211,215,217,219,221,224,227,230,233,237,241,243,246,248,251,254,257,261,265,266,269,272,274,277,280,281,285,288,291,294,298,301,304,307,310,312,315,318,321,324,328,331,334,337,342,346,349,352,354,357,360,363,366,369,371,374,377,380,383,386],{"type":164,"name":165,"callback":165,"file":166,"line":167},"action","admin_init","includes\\class-kind-config.php",22,{"type":164,"name":169,"callback":169,"priority":170,"file":166,"line":171},"admin_menu",11,23,{"type":164,"name":173,"callback":174,"priority":175,"file":166,"line":176},"load-post.php","add_post_help_tab",20,25,{"type":164,"name":178,"callback":179,"priority":175,"file":166,"line":27},"admin_bar_menu","dashbar_links",{"type":164,"name":178,"callback":181,"priority":182,"file":166,"line":183},"remove_dashbar_post",200,93,{"type":185,"name":186,"callback":187,"file":166,"line":188},"filter","query_vars","query_var",192,{"type":185,"name":190,"callback":190,"priority":191,"file":192,"line":193},"wp_generate_attachment_metadata",33,"includes\\class-kind-media-metadata.php",15,{"type":185,"name":195,"callback":196,"priority":152,"file":192,"line":197},"wp_update_attachment_metadata","wp_sanitize_media_metadata",17,{"type":164,"name":199,"callback":200,"file":192,"line":201},"wp_enqueue_scripts","enqueue",19,{"type":164,"name":203,"callback":203,"priority":175,"file":192,"line":204},"save_post",21,{"type":185,"name":206,"callback":206,"priority":207,"file":192,"line":171},"attachment_fields_to_edit",10,{"type":185,"name":209,"callback":209,"priority":207,"file":192,"line":210},"attachment_fields_to_save",24,{"type":164,"name":212,"callback":213,"file":214,"line":167},"edit_form_after_title","after_title_metabox","includes\\class-kind-metabox.php",{"type":164,"name":173,"callback":216,"file":214,"line":210},"kindbox_setup",{"type":164,"name":218,"callback":216,"file":214,"line":176},"load-post-new.php",{"type":164,"name":203,"callback":203,"priority":66,"file":214,"line":220},26,{"type":164,"name":222,"callback":222,"priority":51,"file":214,"line":223},"transition_post_status",27,{"type":185,"name":225,"callback":225,"priority":170,"file":214,"line":226},"wp_insert_post_empty_content",28,{"type":164,"name":228,"callback":228,"priority":207,"file":214,"line":229},"change_kind",29,{"type":164,"name":231,"callback":231,"file":214,"line":232},"add_meta_boxes",125,{"type":164,"name":234,"callback":235,"file":214,"line":236},"admin_enqueue_scripts","enqueue_admin_scripts",126,{"type":164,"name":238,"callback":239,"priority":152,"file":240,"line":201},"after_micropub","micropub_set_kind","includes\\class-kind-plugins.php",{"type":164,"name":238,"callback":242,"priority":170,"file":240,"line":175},"post_formats",{"type":185,"name":244,"callback":245,"priority":170,"file":240,"line":204},"before_micropub","micropub_parse",{"type":185,"name":247,"callback":247,"priority":207,"file":240,"line":167},"tempus_widget_post_title",{"type":185,"name":249,"callback":250,"priority":170,"file":240,"line":210},"semantic_linkbacks_post_type","semantic_post_type",{"type":164,"name":252,"callback":252,"priority":170,"file":240,"line":253},"hum_local_types",38,{"type":164,"name":255,"callback":255,"priority":170,"file":240,"line":256},"hum_type_prefix",39,{"type":185,"name":258,"callback":258,"priority":259,"file":240,"line":260},"activitypub_post",12,42,{"type":185,"name":262,"callback":263,"priority":207,"file":264,"line":201},"get_the_archive_title","kind_archive_title","includes\\class-kind-taxonomy.php",{"type":185,"name":262,"callback":263,"priority":207,"file":264,"line":204},{"type":185,"name":267,"callback":268,"priority":207,"file":264,"line":210},"get_the_archive_title_prefix","kind_archive_prefix",{"type":185,"name":270,"callback":271,"priority":207,"file":264,"line":176},"get_the_archive_description","kind_archive_description",{"type":185,"name":273,"callback":273,"priority":207,"file":264,"line":220},"document_title_parts",{"type":185,"name":275,"callback":276,"priority":207,"file":264,"line":229},"post_link","kind_permalink",{"type":185,"name":278,"callback":276,"priority":207,"file":264,"line":279},"post_type_link",30,{"type":185,"name":186,"callback":186,"file":264,"line":191},{"type":164,"name":282,"callback":283,"file":264,"line":284},"pre_get_posts","kind_filter_query",34,{"type":164,"name":282,"callback":286,"file":264,"line":287},"kind_photo_filter",35,{"type":164,"name":282,"callback":289,"file":264,"line":290},"kind_alias_filter",36,{"type":164,"name":282,"callback":292,"priority":96,"file":264,"line":293},"kind_firehose_query",37,{"type":164,"name":295,"callback":296,"priority":207,"file":264,"line":297},"restrict_manage_posts","kind_dropdown",40,{"type":185,"name":299,"callback":299,"priority":170,"file":264,"line":300},"webmention_links",43,{"type":185,"name":302,"callback":302,"priority":170,"file":264,"line":303},"enclosure_links",46,{"type":185,"name":305,"callback":305,"file":264,"line":306},"post_class",49,{"type":185,"name":222,"callback":308,"priority":207,"file":264,"line":309},"transition",52,{"type":164,"name":203,"callback":242,"priority":96,"file":264,"line":311},54,{"type":164,"name":313,"callback":313,"priority":207,"file":264,"line":314},"set_object_terms",57,{"type":185,"name":316,"callback":316,"priority":152,"file":264,"line":317},"single_post_title",59,{"type":185,"name":319,"callback":319,"priority":152,"file":264,"line":320},"the_title",60,{"type":185,"name":322,"callback":322,"priority":259,"file":264,"line":323},"get_sample_permalink",61,{"type":164,"name":325,"callback":326,"file":264,"line":327},"rest_api_init","rest_kind",63,{"type":185,"name":329,"callback":329,"file":264,"line":330},"embed_template_hierarchy",65,{"type":185,"name":332,"callback":332,"file":264,"line":333},"template_include",66,{"type":164,"name":325,"callback":335,"file":264,"line":336},"register_routes",68,{"type":185,"name":338,"callback":339,"priority":152,"file":340,"line":341},"the_content","content_response","includes\\class-kind-view.php",13,{"type":185,"name":343,"callback":344,"priority":152,"file":340,"line":345},"the_content_feed","content_feed_response",14,{"type":185,"name":347,"callback":348,"priority":152,"file":340,"line":193},"the_excerpt","excerpt_response",{"type":185,"name":350,"callback":350,"priority":207,"file":340,"line":351},"json_feed_item",18,{"type":185,"name":353,"callback":353,"priority":207,"file":340,"line":201},"wp_get_attachment_image_attributes",{"type":164,"name":355,"callback":355,"priority":207,"file":356,"line":297},"upgrader_process_complete","indieweb-post-kinds.php",{"type":164,"name":358,"callback":359,"file":356,"line":300},"admin_notices","parse_this_error",{"type":164,"name":358,"callback":361,"file":356,"line":362},"classic_editor_error",47,{"type":164,"name":364,"callback":364,"priority":170,"file":356,"line":365},"plugins_loaded",50,{"type":164,"name":367,"callback":367,"file":356,"line":368},"init",51,{"type":164,"name":367,"callback":367,"file":356,"line":370},153,{"type":164,"name":199,"callback":372,"file":356,"line":373},"style_load",161,{"type":164,"name":234,"callback":375,"file":356,"line":376},"admin_style_load",162,{"type":164,"name":165,"callback":378,"file":356,"line":379},"privacy_declaration",165,{"type":164,"name":381,"callback":381,"priority":207,"file":356,"line":382},"do_feed_rss2",168,{"type":164,"name":384,"callback":384,"priority":207,"file":356,"line":385},"do_feed_atom",169,{"type":164,"name":387,"callback":388,"file":356,"line":389},"widgets_init","closure",172,[],[392],{"namespace":393,"route":394,"methods":395,"callback":397,"permissionCallback":38,"file":264,"line":398},"post-kinds\u002F1.0","\u002Ffields",[396],"GET","anonymous",96,[],[],{"dangerousFunctions":402,"sqlUsage":403,"outputEscaping":405,"fileOperations":28,"externalRequests":29,"nonceChecks":28,"capabilityChecks":78,"bundledLibraries":657},[],{"prepared":29,"raw":29,"locations":404},[],{"escaped":406,"rawEcho":407,"locations":408},137,190,[409,412,415,416,417,419,420,421,423,424,427,429,430,432,433,435,436,438,440,442,444,446,447,448,450,452,454,456,457,459,460,462,464,466,467,468,469,471,472,473,475,476,477,478,480,483,484,485,487,488,489,490,491,492,494,495,496,497,499,500,502,504,506,507,509,510,511,512,513,514,517,518,519,521,522,523,524,525,526,527,529,530,531,532,533,535,536,537,538,540,541,542,544,545,546,547,548,549,551,552,554,555,556,558,559,560,561,562,563,564,566,567,568,569,570,571,572,574,575,576,577,578,579,580,581,582,583,584,586,587,588,589,590,591,593,594,596,597,598,599,600,601,602,604,605,606,607,608,609,610,611,612,614,615,616,618,619,620,621,622,623,624,625,626,627,629,630,631,632,634,635,636,637,639,640,641,642,643,644,645,646,648,649,650,651,652,653,654,655,656],{"file":166,"line":410,"context":411},300,"raw output",{"file":413,"line":414,"context":411},"includes\\class-kind-menu-widget.php",45,{"file":413,"line":362,"context":411},{"file":413,"line":13,"context":411},{"file":418,"line":191,"context":411},"includes\\class-kind-post-widget.php",{"file":418,"line":287,"context":411},{"file":418,"line":333,"context":411},{"file":264,"line":422,"context":411},1417,{"file":340,"line":379,"context":411},{"file":425,"line":426,"context":411},"includes\\kind-functions.php",108,{"file":428,"line":152,"context":411},"templates\\feed-atom-comments.php",{"file":428,"line":303,"context":411},{"file":428,"line":431,"context":411},53,{"file":428,"line":311,"context":411},{"file":428,"line":434,"context":411},55,{"file":428,"line":398,"context":411},{"file":428,"line":437,"context":411},102,{"file":428,"line":439,"context":411},103,{"file":428,"line":441,"context":411},105,{"file":428,"line":443,"context":411},119,{"file":445,"line":170,"context":411},"templates\\feed-atom.php",{"file":445,"line":191,"context":411},{"file":445,"line":336,"context":411},{"file":445,"line":449,"context":411},72,{"file":445,"line":451,"context":411},73,{"file":445,"line":453,"context":411},90,{"file":445,"line":455,"context":411},91,{"file":445,"line":27,"context":411},{"file":458,"line":207,"context":411},"templates\\feed-rss2-comments.php",{"file":458,"line":309,"context":411},{"file":458,"line":461,"context":411},56,{"file":458,"line":463,"context":411},62,{"file":458,"line":465,"context":411},98,{"file":458,"line":96,"context":411},{"file":458,"line":437,"context":411},{"file":458,"line":439,"context":411},{"file":470,"line":170,"context":411},"templates\\feed-rss2.php",{"file":470,"line":414,"context":411},{"file":470,"line":317,"context":411},{"file":470,"line":474,"context":411},74,{"file":470,"line":455,"context":411},{"file":470,"line":53,"context":411},{"file":470,"line":426,"context":411},{"file":470,"line":479,"context":411},115,{"file":481,"line":482,"context":411},"templates\\reply-author.php",7,{"file":481,"line":341,"context":411},{"file":481,"line":201,"context":411},{"file":486,"line":51,"context":411},"templates\\reply-details.php",{"file":486,"line":207,"context":411},{"file":486,"line":345,"context":411},{"file":486,"line":193,"context":411},{"file":486,"line":201,"context":411},{"file":486,"line":210,"context":411},{"file":493,"line":293,"context":411},"templates\\reply-metabox.php",{"file":493,"line":300,"context":411},{"file":493,"line":362,"context":411},{"file":493,"line":365,"context":411},{"file":493,"line":498,"context":411},58,{"file":493,"line":323,"context":411},{"file":493,"line":501,"context":411},64,{"file":493,"line":503,"context":411},69,{"file":505,"line":66,"context":411},"templates\\reply-time.php",{"file":505,"line":259,"context":411},{"file":505,"line":508,"context":411},16,{"file":505,"line":167,"context":411},{"file":505,"line":220,"context":411},{"file":505,"line":279,"context":411},{"file":505,"line":287,"context":411},{"file":505,"line":290,"context":411},{"file":515,"line":516,"context":411},"views\\kind-audio.php",32,{"file":515,"line":284,"context":411},{"file":515,"line":362,"context":411},{"file":520,"line":197,"context":411},"views\\kind-bookmark.php",{"file":520,"line":175,"context":411},{"file":520,"line":167,"context":411},{"file":520,"line":176,"context":411},{"file":520,"line":226,"context":411},{"file":520,"line":287,"context":411},{"file":520,"line":293,"context":411},{"file":528,"line":508,"context":411},"views\\kind-checkin.php",{"file":528,"line":167,"context":411},{"file":528,"line":210,"context":411},{"file":528,"line":516,"context":411},{"file":528,"line":253,"context":411},{"file":534,"line":193,"context":411},"views\\kind-drink.php",{"file":534,"line":351,"context":411},{"file":534,"line":175,"context":411},{"file":534,"line":171,"context":411},{"file":534,"line":539,"context":411},31,{"file":534,"line":191,"context":411},{"file":534,"line":256,"context":411},{"file":543,"line":351,"context":411},"views\\kind-eat.php",{"file":543,"line":204,"context":411},{"file":543,"line":171,"context":411},{"file":543,"line":220,"context":411},{"file":543,"line":284,"context":411},{"file":543,"line":290,"context":411},{"file":543,"line":550,"context":411},41,{"file":543,"line":303,"context":411},{"file":553,"line":259,"context":411},"views\\kind-event.php",{"file":553,"line":341,"context":411},{"file":553,"line":229,"context":411},{"file":557,"line":508,"context":411},"views\\kind-favorite.php",{"file":557,"line":201,"context":411},{"file":557,"line":204,"context":411},{"file":557,"line":210,"context":411},{"file":557,"line":223,"context":411},{"file":557,"line":287,"context":411},{"file":557,"line":293,"context":411},{"file":565,"line":508,"context":411},"views\\kind-issue.php",{"file":565,"line":201,"context":411},{"file":565,"line":204,"context":411},{"file":565,"line":210,"context":411},{"file":565,"line":223,"context":411},{"file":565,"line":287,"context":411},{"file":565,"line":293,"context":411},{"file":573,"line":175,"context":411},"views\\kind-itinerary.php",{"file":573,"line":204,"context":411},{"file":573,"line":226,"context":411},{"file":573,"line":229,"context":411},{"file":573,"line":279,"context":411},{"file":573,"line":284,"context":411},{"file":573,"line":287,"context":411},{"file":573,"line":287,"context":411},{"file":573,"line":256,"context":411},{"file":573,"line":297,"context":411},{"file":573,"line":297,"context":411},{"file":585,"line":167,"context":411},"views\\kind-jam.php",{"file":585,"line":176,"context":411},{"file":585,"line":226,"context":411},{"file":585,"line":539,"context":411},{"file":585,"line":284,"context":411},{"file":585,"line":260,"context":411},{"file":585,"line":592,"context":411},44,{"file":585,"line":365,"context":411},{"file":595,"line":197,"context":411},"views\\kind-like.php",{"file":595,"line":175,"context":411},{"file":595,"line":167,"context":411},{"file":595,"line":176,"context":411},{"file":595,"line":226,"context":411},{"file":595,"line":290,"context":411},{"file":595,"line":253,"context":411},{"file":603,"line":210,"context":411},"views\\kind-listen.php",{"file":603,"line":223,"context":411},{"file":603,"line":279,"context":411},{"file":603,"line":191,"context":411},{"file":603,"line":290,"context":411},{"file":603,"line":592,"context":411},{"file":603,"line":303,"context":411},{"file":603,"line":434,"context":411},{"file":603,"line":323,"context":411},{"file":613,"line":171,"context":411},"views\\kind-photo.php",{"file":613,"line":176,"context":411},{"file":613,"line":284,"context":411},{"file":617,"line":197,"context":411},"views\\kind-read.php",{"file":617,"line":175,"context":411},{"file":617,"line":171,"context":411},{"file":617,"line":176,"context":411},{"file":617,"line":226,"context":411},{"file":617,"line":539,"context":411},{"file":617,"line":256,"context":411},{"file":617,"line":550,"context":411},{"file":617,"line":303,"context":411},{"file":617,"line":309,"context":411},{"file":628,"line":351,"context":411},"views\\kind-rsvp.php",{"file":628,"line":167,"context":411},{"file":628,"line":229,"context":411},{"file":628,"line":539,"context":411},{"file":633,"line":256,"context":411},"views\\kind-video.php",{"file":633,"line":550,"context":411},{"file":633,"line":414,"context":411},{"file":633,"line":323,"context":411},{"file":638,"line":171,"context":411},"views\\kind-watch.php",{"file":638,"line":220,"context":411},{"file":638,"line":229,"context":411},{"file":638,"line":516,"context":411},{"file":638,"line":287,"context":411},{"file":638,"line":300,"context":411},{"file":638,"line":414,"context":411},{"file":638,"line":311,"context":411},{"file":647,"line":220,"context":411},"views\\kind.php",{"file":647,"line":229,"context":411},{"file":647,"line":516,"context":411},{"file":647,"line":287,"context":411},{"file":647,"line":253,"context":411},{"file":647,"line":260,"context":411},{"file":647,"line":368,"context":411},{"file":647,"line":431,"context":411},{"file":647,"line":463,"context":411},{"file":647,"line":333,"context":411},[],[],{"summary":660,"deductions":661},"The \"indieweb-post-kinds\" plugin v3.7.3 presents a mixed security posture. While it demonstrates good practices in several areas, such as using prepared statements for all SQL queries and having no known critical or high-severity vulnerabilities in its history, there are significant concerns arising from the static analysis.\n\nThe plugin exposes one REST API route that lacks permission callbacks, creating an unprotected entry point into the application. This is a critical flaw as it means any unauthenticated user could potentially interact with this endpoint. Although the static analysis did not reveal any dangerous functions, unescaped output, or unsanitized taint flows, the presence of an unprotected API route is a substantial risk that could be exploited for various malicious purposes, depending on the functionality of that route.\n\nThe vulnerability history, while dated, shows a past medium-severity Cross-Site Scripting (XSS) vulnerability. The lack of recent vulnerabilities and the existence of only one medium-severity one from 2015 could indicate improved development practices over time or simply a lack of recent, impactful discoveries. However, the current static analysis findings, particularly the unprotected REST API route, overshadow the historical record. The plugin's overall security is moderately compromised by this single, significant exposure.",[662,664,666],{"reason":663,"points":207},"Unprotected REST API route",{"reason":665,"points":51},"Low output escaping rate (42%)",{"reason":667,"points":140},"Dated vulnerability history (2015)","2026-03-16T20:38:26.998Z",{"wat":670,"direct":679},{"assetPaths":671,"generatorPatterns":674,"scriptPaths":675,"versionParams":676},[672,673],"\u002Fwp-content\u002Fplugins\u002Findieweb-post-kinds\u002Fcss\u002Fkind.min.css","\u002Fwp-content\u002Fplugins\u002Findieweb-post-kinds\u002Fcss\u002Fkind.admin.min.css",[],[],[677,678],"indieweb-post-kinds\u002Fcss\u002Fkind.min.css?ver=","indieweb-post-kinds\u002Fcss\u002Fkind.admin.min.css?ver=",{"cssClasses":680,"htmlComments":683,"htmlAttributes":684,"restEndpoints":686,"jsGlobals":688,"shortcodeOutput":689},[681,682],"kind-menu-widget","kind-post-widget",[],[685],"data-kind",[687],"\u002Fwp-json\u002Fparse-this\u002F",[],[]]