[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fd8jvr27v-2626fPWdHCkB0U9ctxXvp0if0KRKa3CeXs":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":38,"analysis":135,"fingerprints":338},"kblog-metadata","Kblog Metadata","0.6","philliplord","https:\u002F\u002Fprofiles.wordpress.org\u002Fphilliplord\u002F","\u003Cp>This plugin displays who, what and when information about a blog and its\u003Cbr \u002F>\nposts; it provides widgets which readers can see, as well as a computational\u003Cbr \u002F>\nrepresentation that allows computers to extract the same information. This\u003Cbr \u002F>\nprovides greater clarity on who posts are written by, and how they should be\u003Cbr \u002F>\ncited. Readers can download the citation as a BibTeX file. Another widget\u003Cbr \u002F>\nprovides deep links through to Web Archives, allowing readers to check old\u003Cbr \u002F>\nversions of posts.\u003C\u002Fp>\n\u003Cp>It is part of the Knowledgeblog project (http:\u002F\u002Fknowledgeblog.org), which is\u003Cbr \u002F>\ndeveloping plugins to improve WordPress as a tool for academic publishing,\u003Cbr \u002F>\neither for individual authors, or for conferences and workshops publishing\u003Cbr \u002F>\nproceedings to the web. As well as this file, additional documentation is\u003Cbr \u002F>\navailable at\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Fprocess.knowledgeblog.org\u002Fcategory\u002Fkblog-metadata\" rel=\"nofollow ugc\">process\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>It is often useful to embed bibliographic metadata, describing the author(s),\u003Cbr \u002F>\ntitle and publication date into a web page. There are a variety of different\u003Cbr \u002F>\nways of doing this, described in a variety of different specifications and\u002For\u003Cbr \u002F>\nstandards. These vary widely in their formality, uptake and age, as well as\u003Cbr \u002F>\nclarity with which the specification is written.\u003C\u002Fp>\n\u003Cp>The practical upshot of this is that automatic capture of metadata which\u003Cbr \u002F>\nenables tools such as Greycite (http:\u002F\u002Fgreycite.knowledgeblog.org) and various\u003Cbr \u002F>\nbibliographic software to work is a somewhat ad hoc affair. Sometimes it\u003Cbr \u002F>\nworks, sometimes it does not. Rather than requiring users to add a separate\u003Cbr \u002F>\nplugin for each of these specifications, kblog-metadata takes the approach of\u003Cbr \u002F>\nadding metadata in as many formats as possible, in the hope that, for any\u003Cbr \u002F>\ntool, at least one will work.\u003C\u002Fp>\n\u003Cp>Kblog Metadata enhances the ability of WordPress to expose and edit\u003Cbr \u002F>\nbibliographic metadata of academic posts. It consists of a number of\u003Cbr \u002F>\npieces of functionality\u003C\u002Fp>\n\u003Cul>\n\u003Cli>kblog-headers — adds invisible metadata\u003C\u002Fli>\n\u003Cli>kblog-authors — allows multiple authors, without requring WordPress accounts\u003C\u002Fli>\n\u003Cli>kblog-table-of-contents — displays all posts in a variety of formats. \u003C\u002Fli>\n\u003Cli>kblog-title — set container titles (“blogname”) per post or using a custom taxonomy.\u003C\u002Fli>\n\u003Cli>kblog-boilerplate — displays citation information as widget or in post\u003Cbr \u002F>\ncontent\u003C\u002Fli>\n\u003Cli>kblog-download — downloaded bib or other formats for posts\u003C\u002Fli>\n\u003Cli>kblog-archive — widget to display web archives\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>We will include new formats or specifications where possible, so long as they\u003Cbr \u002F>\nare not too computationally intensive. Please send email to the \u003Ca href=\"mailto:knowledgeblog@googlegroups.com\" rel=\"nofollow ugc\">mailing\u003Cbr \u002F>\nlist\u003C\u002Fa> if you are interested in a new format.\u003C\u002Fp>\n\u003Ch3>Kblog Headers\u003C\u002Fh3>\n\u003Cp>There are many tools to which academics may want to advertise their work. We\u003Cbr \u002F>\ncurrently support three independent standards which are:\u003C\u002Fp>\n\u003Col>\n\u003Cli>COinS (http:\u002F\u002Focoins.info).\u003C\u002Fli>\n\u003Cli>Meta tags as suggested by Google Scholar.\u003C\u002Fli>\n\u003Cli>Open Graph Protocol (http:\u002F\u002Fogp.me) \u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>These will be automatically added to add pages and posts on installation of\u003Cbr \u002F>\nthe plugin. The metadata is taken either from the user profile, the WordPress\u003Cbr \u002F>\nmetadata, or from Kblog Author metadata.\u003C\u002Fp>\n\u003Ch3>Kblog Table of Contents\u003C\u002Fh3>\n\u003Cp>The table of contents functionality comes in two forms: one designed for\u003Cbr \u002F>\nembedding in an existing page, and one for computational consumption. To add a\u003Cbr \u002F>\ntable of contents to a page add a “shortcode” to your post contents.\u003C\u002Fp>\n\u003Cp>[kblogtoc]\u003C\u002Fp>\n\u003Cp>Additionally, it is also possible to retrieve a simple HTML or plain text\u003Cbr \u002F>\nrepresentation of the table of contents from (http:\u002F\u002Fblogurl\u002F?kblog-toc=txt)\u003Cbr \u002F>\nor (http:\u002F\u002Fblogurl\u002F?kblog-toc=html). Author information comes from\u003Cbr \u002F>\nKblog Author.\u003C\u002Fp>\n\u003Cp>You can specify the default category for the table of contents from the\u003Cbr \u002F>\nSettings Menu, or accept the default which is to show them all.\u003C\u002Fp>\n\u003Ch3>Kblog Authors\u003C\u002Fh3>\n\u003Cp>Academic writing is more often multi-author than not, yet this is poorly\u003Cbr \u002F>\nsupported within WordPress. While there are existing co-author plugins these\u003Cbr \u002F>\noften require assigning multiple user accounts, one per author, even though\u003Cbr \u002F>\nmany authors will never login to WordPress. Within Kblog Authors you can add\u003Cbr \u002F>\n“display authors”, totally independently from WordPress accounts. They will\u003Cbr \u002F>\nappear on Kblog Table of Contents and in metadata generated by Kblog Headers.\u003C\u002Fp>\n\u003Cp>Authors can be added either on the “Edit Post” page of WordPress, or through\u003Cbr \u002F>\nthe use of an [author] shortcode within the document content. Authors\u003Cbr \u002F>\nspecified within the post content take precedence.\u003C\u002Fp>\n\u003Ch3>Kblog Title\u003C\u002Fh3>\n\u003Cp>Authors may wish to alter the apparent title of their blog for a post or a\u003Cbr \u002F>\ngroup of posts. For example, I may wish to publish a paper that I have written\u003Cbr \u002F>\nfor a conference on my own blog, but wish the metadata to refer to the\u003Cbr \u002F>\nconference. Alternatively, as with\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Fbio-ontologies.knowledgeblog.org\" rel=\"nofollow ugc\">bio-ontologies\u003C\u002Fa> I may wish to host\u003Cbr \u002F>\nmultiple meetings on a single website (one per year, for instance), and have\u003Cbr \u002F>\nthe year, or meeting number, appear in the metadata. Kblog Title allows both\u003Cbr \u002F>\nof these uses, by allowing the user to set the container name (“blogname”)\u003Cbr \u002F>\neither for an individual post, or using an Event tag.\u003C\u002Fp>\n\u003Ch3>Acknowledgements\u003C\u002Fh3>\n\u003Cp>kblog-metadata includes the HumanNameParser from Jason Priem\u003Cbr \u002F>\n(http:\u002F\u002Fjasonpriem.org\u002Fhuman-name-parse\u002F) which is licensed under the MIT\u003Cbr \u002F>\nLicense.\u003C\u002Fp>\n\u003Ch3>Copyright\u003C\u002Fh3>\n\u003Cp>This plugin is copyright Phillip Lord, Newcastle University and is licensed\u003Cbr \u002F>\nunder GPLv2.\u003C\u002Fp>\n","Displays bibliographic metadata both for humans and computers.",10,2721,100,1,"2016-04-07T09:00:00.000Z","4.4.34","3.0","",[20,21,22,23],"academic","res-comms","scholar","science","http:\u002F\u002Fwww.knowledgeblog.org","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkblog-metadata.0.6.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":34,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},2,20,93,30,89,"2026-04-04T11:07:56.275Z",[39,50,69,87,110],{"slug":40,"name":41,"version":42,"author":7,"author_profile":8,"description":43,"short_description":44,"active_installs":11,"downloaded":45,"rating":27,"num_ratings":27,"last_updated":18,"tested_up_to":46,"requires_at_least":17,"requires_php":18,"tags":47,"homepage":18,"download_link":48,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":49},"kblog-include","Kblog Include","0.1","\u003Cp>With this plugin you can include content from arXiv or other academic\u003Cbr \u002F>\nrepositories in your blog post. For example, if placing\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[kblog-inc server=\"arxiv\"]1303.0213[\u002Fkblog-inc]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>in your blog post, the abstract of this article will be include at this point\u003Cbr \u002F>\nin text. Additionally, the title will be set to the title of the article (“The\u003Cbr \u002F>\nsemantic web takes wing” in this case). Finally, if you have use\u003Cbr \u002F>\n\u003Ca href=\"kblog-metadata\" rel=\"nofollow ugc\">https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fkblog-metadata\u002F\u003C\u002Fa>, the authors,\u003Cbr \u002F>\nand date will be set appropriately also.\u003C\u002Fp>\n\u003Cp>It is possible to add additional material to the post as normal; for example,\u003Cbr \u002F>\nwith my\u003Cbr \u002F>\n\u003Ca href=\"papers\" rel=\"nofollow ugc\">http:\u002F\u002Fwww.russet.org.uk\u002Fblog\u002Fcategory\u002Fall\u002Fprofessional\u002Fscience\u002Fpapers\u003C\u002Fa>,\u003Cbr \u002F>\nI add a plain English summary, and where the authors allow, I also add the\u003Cbr \u002F>\nreviews; an example can be seen for the above\u003Cbr \u002F>\n\u003Ca href=\"[paper\" rel=\"nofollow ugc\">http:\u002F\u002Fwww.russet.org.uk\u002Fblog\u002F2366\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Kblog-include uses OAI-PHM to harvest the metadata that is displays; as this\u003Cbr \u002F>\nis a standard, it should mean that kblog-include can transclude from any\u003Cbr \u002F>\nrepository that supports this standard. In practice, unfortunately, different\u003Cbr \u002F>\nrepositories use the tags in different ways. Currently, kblog-include supports\u003Cbr \u002F>\nhttp:\u002F\u002Farxiv.org, the [http:\u002F\u002Feprint.ncl.ac.uk](Newcastle University) eprints\u003Cbr \u002F>\nserver, and \u003Ca href=\"Greycite\" rel=\"nofollow ugc\">http:\u002F\u002Fgreycite.knowledgeblog.org\u003C\u002Fa>. For example:\u003C\u002Fp>\n\u003Cp>[kblog-inc server=”eprint.ncl.ac.uk”]193637[\u002Fkblog-inc]\u003C\u002Fp>\n\u003Cp>Shows one of my papers.\u003C\u002Fp>\n\u003Cp>I am open to requests for new servers, ideally, via\u003Cbr \u002F>\n[https:\u002F\u002Fgithub.com\u002Fphillord\u002Fkblog-include](pull request), or email otherwise.\u003C\u002Fp>\n","Transcludes content from arXiv and other academic repositories.",1567,"3.9.40",[20,21,22,23],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkblog-include.0.1.zip","2026-03-15T10:48:56.248Z",{"slug":51,"name":52,"version":53,"author":54,"author_profile":55,"description":56,"short_description":57,"active_installs":13,"downloaded":58,"rating":27,"num_ratings":27,"last_updated":59,"tested_up_to":60,"requires_at_least":61,"requires_php":62,"tags":63,"homepage":67,"download_link":68,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"scholar-publications-fetcher","Scholar Publications Fetcher","2.2.0","valsze","https:\u002F\u002Fprofiles.wordpress.org\u002Fvalsze\u002F","\u003Cp>Automatically showcase your academic work directly on your WordPress site. \u003Cstrong>Scholar Publications Fetcher\u003C\u002Fstrong> retrieves your publication list from Google Scholar and displays it in an elegant card layout that looks great on any device.\u003C\u002Fp>\n\u003Cp>With a strong focus on performance and customization, this plugin is the perfect solution for academics, researchers, and professionals who want to maintain an up-to-date publication list without manual effort.\u003C\u002Fp>\n\u003Cp>✨ \u003Cstrong>Key Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>No API Key Needed\u003C\u002Fstrong>: Fetches your public profile directly.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Performance Caching\u003C\u002Fstrong>: Caches results using the WordPress Transients API to ensure your site loads fast. Cache duration is fully customizable.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Flexible Shortcode\u003C\u002Fstrong>: Use powerful shortcode attributes to control the number of publications displayed (\u003Ccode>count\u003C\u002Fcode>), show\u002Fhide abstracts (\u003Ccode>show_abstract\u003C\u002Fcode>), and set cache duration (\u003Ccode>cache_hours\u003C\u002Fcode>).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Modern & Responsive Design\u003C\u002Fstrong>: A clean, card-based layout that adapts perfectly to desktop, tablet, and mobile screens.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic Dark Mode\u003C\u002Fstrong>: Seamlessly adapts to the visitor’s system-level dark or light theme for a comfortable reading experience.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Easy to Customize\u003C\u002Fstrong>: Built with CSS variables, making it simple to change colors and styles to match your theme.\u003C\u002Fli>\n\u003C\u002Ful>\n","A lightweight and high-performance plugin to fetch, cache, and display your Google Scholar publications in a clean, modern, and responsive card layout &hellip;",1031,"2025-11-12T20:23:00.000Z","6.9.4","5.2","7.2",[20,64,65,22,66],"publications","research","shortcode","https:\u002F\u002Fvalsze.de\u002F2025\u002F07\u002F07\u002Fgoogle-scholar-publications-fetcher-wordpress-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fscholar-publications-fetcher.zip",{"slug":70,"name":71,"version":72,"author":73,"author_profile":74,"description":75,"short_description":76,"active_installs":77,"downloaded":78,"rating":13,"num_ratings":14,"last_updated":79,"tested_up_to":80,"requires_at_least":81,"requires_php":18,"tags":82,"homepage":85,"download_link":86,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"pubmed-posts","PubMed Posts","1.1.1","sydcode","https:\u002F\u002Fprofiles.wordpress.org\u002Fsydcode\u002F","\u003Cp>This plugin adds a dashboard widget that creates posts from \u003Ca href=\"http:\u002F\u002Fwww.ncbi.nlm.nih.gov\u002Fpubmed\u002F\" rel=\"nofollow ugc\">PubMed\u003C\u002Fa> articles, plus a search widget that finds posts with specific article data. A basic editor is also included that changes the layout of data in the post content.\u003C\u002Fp>\n\u003Cp>This is not an official \u003Ca href=\"http:\u002F\u002Fwww.ncbi.nlm.nih.gov\u002Fpubmed\u002F\" rel=\"nofollow ugc\">PubMed\u003C\u002Fa> plugin. All questions and suggestions should be posted in the plugin forum.\u003C\u002Fp>\n\u003Cp>Thanks to Chetan and Jamie for sponsoring this plugin.\u003C\u002Fp>\n","This plugin adds a dashboard widget that creates posts from PubMed articles, plus a search widget that finds posts with specific article data.",50,3244,"2014-01-08T23:58:00.000Z","3.8.0","3.3.0",[20,83,84,65,23],"posts","pubmed","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpubmed-posts\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpubmed-posts.1.1.1.zip",{"slug":88,"name":89,"version":90,"author":91,"author_profile":92,"description":93,"short_description":94,"active_installs":95,"downloaded":96,"rating":97,"num_ratings":98,"last_updated":99,"tested_up_to":100,"requires_at_least":17,"requires_php":101,"tags":102,"homepage":18,"download_link":107,"security_score":108,"vuln_count":14,"unpatched_count":27,"last_vuln_date":109,"fetched_at":29},"mathjax-latex","MathJax-LaTeX","1.3.13","knowledgeblog","https:\u002F\u002Fprofiles.wordpress.org\u002Fknowledgeblog\u002F","\u003Cp>MathJax enables enables rendering of embedded LaTeX or MathML in HTML pages. This plugin adds this functionality to WordPress. The MathJax JavaScript is inject on-demand only to those pages which require it. This ensures that MathJax is not loaded for all pages, which will otherwise slow loading down.\u003C\u002Fp>\n\u003Cp>The MathJax JavaScript can be delivered from your own server, or you can use the Cloudflare Content Distribution Network (CDN), which is the preferred mechanism as it offers increased speed and stability over hosting the JavaScript and configuring the library yourself.\u003C\u002Fp>\n\u003Cp>You may embed latex using a variety of different syntaxes. The shortcode (https:\u002F\u002Fcodex.wordpress.org\u002FShortcode_API) syntax is preferred. So \u003Ccode>[latex]E=mc^2[\u002Flatex]\u003C\u002Fcode> will work out of the box. This also forces loading of MathJax.\u003C\u002Fp>\n\u003Cp>Additionally, you can use native MathJax syntax — \u003Ccode>$$E=mc^2$$\u003C\u002Fcode> or \u003Ccode>\\(E=mc^2\\)\u003C\u002Fcode>. However, if this is the only syntax used, the plugin must be explicitly told to load MathJax for the current page. This can be achieved by adding a \u003Ccode>[mathjax]\u003C\u002Fcode> shortcode anywhere in the post. For posts with both \u003Ccode>[latex]\u003C\u002Fcode>x\u003Ccode>[\u002Flatex]\u003C\u002Fcode> and \u003Ccode>$$x$$\u003C\u002Fcode> syntaxes this is unnecessary.\u003C\u002Fp>\n\u003Cp>You can use wp-latex syntax, \u003Ccode>$latex E=mc^2$\u003C\u002Fcode>. Parameters can be specified as with wp-latex but will be ignored. This means that MathJax-LaTeX should be a drop-in replacement for wp-latex. Because this conflicts with wp-latex, this behaviour is blocked when wp-latex is present, and must be explicitly enabled in the settings.\u003C\u002Fp>\n\u003Cp>You can also specify \u003Ccode>[nomathjax]\u003C\u002Fcode> — this will block mathjax on the current page, regardless of other tags.\u003C\u002Fp>\n\u003Cp>MathJax-LaTeX is developed on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fphillord\u002Fmathjax-latex\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Copyright\u003C\u002Fh3>\n\u003Cp>This plugin is copyright Phillip Lord, Newcastle University and is licensed under GPLv2.\u003C\u002Fp>\n","This plugin enables MathJax (http:\u002F\u002Fwww.mathjax.org) functionality for WordPress (http:\u002F\u002Fwww.wordpress.org).",10000,169356,88,11,"2025-01-14T16:50:00.000Z","6.7.5","7.0.0",[103,104,105,106,23],"latex","mathematics","mathjax","mathml","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmathjax-latex.1.3.13.zip",91,"2013-03-25 00:00:00",{"slug":111,"name":112,"version":113,"author":114,"author_profile":115,"description":116,"short_description":117,"active_installs":118,"downloaded":119,"rating":120,"num_ratings":121,"last_updated":122,"tested_up_to":123,"requires_at_least":124,"requires_php":18,"tags":125,"homepage":130,"download_link":131,"security_score":132,"vuln_count":133,"unpatched_count":27,"last_vuln_date":134,"fetched_at":29},"zotpress","Zotpress","7.4.2","Katie","https:\u002F\u002Fprofiles.wordpress.org\u002Fkseaborn\u002F","\u003Cp>\u003Ca href=\"http:\u002F\u002Fkatieseaborn.com\u002Fplugins\u002F\" title=\"Zotpress for WordPress\" rel=\"nofollow ugc\">Zotpress\u003C\u002Fa> brings publication broadcasting and scholarly blogging to WordPress through \u003Ca href=\"http:\u002F\u002Fzotero.org\u002F\" title=\"Zotero\" rel=\"nofollow ugc\">Zotero\u003C\u002Fa>, a free, cross-platform reference manager.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Displays your personal and group Zotero items through in-text citations, bibliographies, and searchable libraries\u003C\u002Fli>\n\u003Cli>Supports thumbnail images through WordPress’s Media Library and Open Library\u003C\u002Fli>\n\u003Cli>Supports selective CSS styling via IDs and classes\u003C\u002Fli>\n\u003Cli>Provides a range of additional features, such as allowing visitors to download citations\u003C\u002Fli>\n\u003Cli>And more!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Compatible with Firefox, Safari, Chrome, and IE9. Made with jQuery, jQuery UI, jQuery doTimeout, Live Query, OAuth, and \u003Ca href=\"https:\u002F\u002Fopenlibrary.org\u002F\" title=\"Open Library\" rel=\"nofollow ugc\">Open Library\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Special thanks to Joe Alberts for substantial contributions to the code, comprehensive testing, and design ideation. Thanks also to contributors Jeremy Varnham (@jvarn13), Christopher Cheung, Jason S., Chris Wentzloff, Karljürgen Feuerherm (@feuerherm), Mark Dingemanse (@codeispoetry), Jörg Mechnich (jmechnich@github), Tomas Risberg, @ericcorbett2, and @timtom for their code contributions, testing, and guidance. Finally, my sincere gratitude goes out to all who have donated in support of this plugin.\u003C\u002Fp>\n\u003Cp>Please note that this plugin is on semi-hiatus, with updates expected about 1-3 times a year.\u003C\u002Fp>\n\u003Ch4>Requirements\u003C\u002Fh4>\n\u003Cp>jQuery included in your theme (Zotpress will do this for you if it isn’t already included), and an HTTP request method supported by WordPress enabled on your server: cURL, fopen with Streams (PHP 5), or fsockopen. In your server config file, X-Frame-Options should be set to SAMEORIGIN. Optional: OAuth enabled on your server.\u003C\u002Fp>\n","Zotpress displays your Zotero citations on WordPress.",2000,132376,98,66,"2025-10-19T08:19:00.000Z","6.8.5","3.5",[126,127,128,64,129],"academic-blogging","bibliography","citation-manager","zotero","http:\u002F\u002Fkatieseaborn.com\u002Fplugins","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fzotpress.7.4.2.zip",87,8,"2025-06-10 14:40:35",{"attackSurface":136,"codeSignals":240,"taintFlows":300,"riskAssessment":329,"analyzedAt":337},{"hooks":137,"ajaxHandlers":226,"restRoutes":227,"shortcodes":228,"cronEvents":238,"entryPointCount":239,"unprotectedCount":27},[138,145,150,154,158,161,165,169,174,177,181,185,188,191,195,200,204,207,209,211,214,217,219,222,225],{"type":139,"name":140,"callback":141,"priority":142,"file":143,"line":144},"filter","the_content","process_author_results",12,"kblog-author.php",13,{"type":146,"name":147,"callback":148,"file":143,"line":149},"action","add_meta_boxes","author_meta_box",147,{"type":146,"name":151,"callback":152,"file":143,"line":153},"save_post","author_save_box",149,{"type":146,"name":155,"callback":156,"file":143,"line":157},"init","kblog_author_admin_init",296,{"type":139,"name":140,"callback":159,"file":160,"line":11},"add_boilerplate","kblog-boilerplate.php",{"type":146,"name":162,"callback":163,"file":160,"line":164},"kblog_metadata_admin_render","options_render",117,{"type":146,"name":166,"callback":167,"file":160,"line":168},"kblog_metadata_admin_save","options_save",118,{"type":146,"name":170,"callback":171,"file":172,"line":173},"wp_head","header_action","kblog-headers.php",9,{"type":139,"name":140,"callback":175,"file":172,"line":176},"kblog_metadata_coins_content",22,{"type":146,"name":178,"callback":179,"file":172,"line":180},"kblog_head","kblog_metadata_header_metatags",68,{"type":139,"name":182,"callback":183,"file":172,"line":184},"language_attributes","kblog_metadata_language_attributes_ogp_filter",112,{"type":146,"name":178,"callback":186,"file":172,"line":187},"kblog_metadata_header_ogp_metatags",114,{"type":139,"name":189,"callback":190,"file":172,"line":164},"query_vars","ogp_query_vars",{"type":146,"name":192,"callback":193,"file":172,"line":194},"template_redirect","ogp_template_redirect",119,{"type":146,"name":196,"callback":197,"file":198,"line":199},"admin_menu","admin_page_init","kblog-metadata.php",45,{"type":139,"name":189,"callback":201,"file":202,"line":203},"toc_query_vars","kblog-table-of-contents.php",33,{"type":146,"name":192,"callback":205,"file":202,"line":206},"toc_template_redirect",35,{"type":146,"name":162,"callback":163,"file":202,"line":208},193,{"type":146,"name":166,"callback":167,"file":202,"line":210},194,{"type":146,"name":155,"callback":212,"file":213,"line":11},"register_event_taxonomy","kblog-title.php",{"type":146,"name":147,"callback":215,"file":213,"line":216},"title_meta_box",90,{"type":146,"name":151,"callback":218,"file":213,"line":108},"title_save_post",{"type":146,"name":155,"callback":220,"file":213,"line":221},"kblog_title_admin_init",189,{"type":146,"name":192,"callback":192,"file":223,"line":224},"kblog-transclude.php",6,{"type":139,"name":189,"callback":189,"file":223,"line":133},[],[],[229,232,236],{"tag":230,"callback":231,"file":143,"line":98},"author","author_shortcode",{"tag":233,"callback":234,"file":202,"line":235},"ktoc","table_shortcode",28,{"tag":237,"callback":234,"file":202,"line":35},"kblogtoc",[],3,{"dangerousFunctions":241,"sqlUsage":242,"outputEscaping":244,"fileOperations":27,"externalRequests":32,"nonceChecks":239,"capabilityChecks":298,"bundledLibraries":299},[],{"prepared":27,"raw":27,"locations":243},[],{"escaped":27,"rawEcho":245,"locations":246},25,[247,251,253,255,257,258,259,261,263,266,268,270,272,274,276,278,280,282,284,286,288,290,292,294,296],{"file":248,"line":249,"context":250},"kblog-archive.php",83,"raw output",{"file":143,"line":252,"context":250},181,{"file":143,"line":254,"context":250},239,{"file":160,"line":256,"context":250},75,{"file":160,"line":249,"context":250},{"file":160,"line":97,"context":250},{"file":160,"line":260,"context":250},107,{"file":160,"line":262,"context":250},158,{"file":264,"line":265,"context":250},"kblog-download.php",58,{"file":172,"line":267,"context":250},73,{"file":172,"line":269,"context":250},136,{"file":172,"line":271,"context":250},210,{"file":198,"line":273,"context":250},80,{"file":202,"line":275,"context":250},51,{"file":202,"line":277,"context":250},78,{"file":202,"line":279,"context":250},86,{"file":202,"line":281,"context":250},95,{"file":202,"line":283,"context":250},97,{"file":202,"line":285,"context":250},101,{"file":202,"line":287,"context":250},250,{"file":213,"line":289,"context":250},139,{"file":213,"line":291,"context":250},198,{"file":223,"line":293,"context":250},55,{"file":223,"line":295,"context":250},64,{"file":223,"line":297,"context":250},72,7,[],[301,320],{"entryPoint":302,"graph":303,"unsanitizedCount":14,"severity":319},"options_save (kblog-table-of-contents.php:198)",{"nodes":304,"edges":316},[305,310],{"id":306,"type":307,"label":308,"file":202,"line":309},"n0","source","$_POST['kblog-table-display-categories']",206,{"id":311,"type":312,"label":313,"file":202,"line":314,"wp_function":315},"n1","sink","update_option() [Settings Manipulation]",205,"update_option",[317],{"from":306,"to":311,"sanitized":318},false,"low",{"entryPoint":321,"graph":322,"unsanitizedCount":27,"severity":319},"\u003Ckblog-table-of-contents> (kblog-table-of-contents.php:0)",{"nodes":323,"edges":326},[324,325],{"id":306,"type":307,"label":308,"file":202,"line":309},{"id":311,"type":312,"label":313,"file":202,"line":314,"wp_function":315},[327],{"from":306,"to":311,"sanitized":328},true,{"summary":330,"deductions":331},"The kblog-metadata plugin v0.6 exhibits a mixed security posture. On the positive side, it demonstrates good practices by using prepared statements for all SQL queries, implementing nonce checks on all identified entry points (shortcodes), and performing capability checks on most interactions. The absence of known CVEs and a clean vulnerability history further suggests a generally well-maintained codebase.\n\nHowever, a significant concern lies in the complete lack of output escaping for any of the 25 identified output points. This indicates a high risk of Cross-Site Scripting (XSS) vulnerabilities, where user-supplied data, if not properly sanitized before display, could be injected and executed in the user's browser. Additionally, the presence of one flow with an unsanitized path in the taint analysis, even without a critical or high severity, warrants further investigation as it could potentially lead to unexpected behavior or security issues.\n\nWhile the plugin has a solid foundation with respect to SQL and authentication checks, the critical deficiency in output escaping presents a substantial security risk. The absence of past vulnerabilities could be due to the plugin's limited adoption or simply a lack of dedicated security auditing. The plugin needs to address the output escaping issue urgently to mitigate XSS risks.",[332,334],{"reason":333,"points":33},"25 outputs, 0% properly escaped",{"reason":335,"points":336},"1 flow with unsanitized paths",5,"2026-03-16T23:58:54.599Z",{"wat":339,"direct":353},{"assetPaths":340,"generatorPatterns":350,"scriptPaths":351,"versionParams":352},[341,342,343,344,345,346,347,348,349],"\u002Fwp-content\u002Fplugins\u002Fkblog-metadata\u002Fkblog-metadata.php","\u002Fwp-content\u002Fplugins\u002Fkblog-metadata\u002Fkblog-author.php","\u002Fwp-content\u002Fplugins\u002Fkblog-metadata\u002Fkblog-table-of-contents.php","\u002Fwp-content\u002Fplugins\u002Fkblog-metadata\u002Fkblog-headers.php","\u002Fwp-content\u002Fplugins\u002Fkblog-metadata\u002Fkblog-title.php","\u002Fwp-content\u002Fplugins\u002Fkblog-metadata\u002Fkblog-boilerplate.php","\u002Fwp-content\u002Fplugins\u002Fkblog-metadata\u002Fkblog-transclude.php","\u002Fwp-content\u002Fplugins\u002Fkblog-metadata\u002Fkblog-download.php","\u002Fwp-content\u002Fplugins\u002Fkblog-metadata\u002Fkblog-archive.php",[],[],[],{"cssClasses":354,"htmlComments":355,"htmlAttributes":356,"restEndpoints":359,"jsGlobals":360,"shortcodeOutput":361},[4],[],[357,358],"name=\"kblog-metadata\"","id=\"kblog-metadata\"",[],[],[362],"[author]"]