[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fCENLhnY4IHsrrrxlOZCEw2ZIFk2fCtjmah_uwI2dysk":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":22,"download_link":23,"security_score":24,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":36,"analysis":117,"fingerprints":172},"kittens-for-comments","Kittens for Comments","3.0.2","Will Brubaker","https:\u002F\u002Fprofiles.wordpress.org\u002Fwillthewebmechanic\u002F","\u003Cp>You’ve poured your heart and soul in to writing fascinating blog posts.  You know you have a lot of readership, but nobody except your mom is leaving comments.  That’s a bit discouraging right?  Entice your readers to leave comments by giving them a picture of a cute kitten in return.\u003C\u002Fp>\n\u003Cp>Just prior to the comment form coming in to view, an unobtrusive panel will be displayed with a short message that says: “Your comments make us happy.  Leave a comment, get a kitten!”\u003C\u002Fp>\n\u003Cp> \u003C\u002Fp>\n\u003Cp>When a comment is submitted, a picture of an adorable kitten is displayed in a modal window.\u003C\u002Fp>\n\u003Cp>Caveats:\u003C\u002Fp>\n\u003Cp>This plugin assumes that your comment form is A) built with the ‘comment_form’ WordPress function and B) that your comment form has an id of “commentform” (This is the WordPress default, but your theme developer may have changed the behavior for whatever reason.\u003Cbr \u002F>\nThis plugin assumes that comment forms only appear on single posts and only loads the code when a single post (or page) is loaded.\u003Cbr \u002F>\n \u003C\u002Fp>\n\u003Ch3>Other Information\u003C\u002Fh3>\n\u003Cp>I created this plugin for my own amusement and am offering it for you to use as you wish.  If you find it useful but would like more features, please do ask.\u003C\u002Fp>\n","Encourages your readers to leave comments with the promise of a kitten picture.  Who doesn't love kittens?",10,2262,100,3,"2015-11-28T14:56:00.000Z","4.4.34","3.9","",[20,21],"blog","comments","http:\u002F\u002Fwww.willthewebmechanic.com\u002Fkittens-for-comments.html","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkittens-for-comments.3.0.2.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":24,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"willthewebmechanic",2,40,30,84,"2026-04-04T15:57:57.610Z",[37,57,71,89,102],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":13,"downloaded":45,"rating":13,"num_ratings":31,"last_updated":46,"tested_up_to":47,"requires_at_least":48,"requires_php":49,"tags":50,"homepage":42,"download_link":55,"security_score":56,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"comment-emojis-for-wp","Comment Emojis for WP","1.1.0","Jayeshkumar Chopda","https:\u002F\u002Fprofiles.wordpress.org\u002Fjayeshchopda\u002F","\u003Cp>\u003Cstrong>Comment Emojis for WP\u003C\u002Fstrong> adds a lightweight emoji picker to the comment textarea on your WordPress site. This allows users to insert emojis into their comments or react to posts and comments with emojis. The plugin is intuitive, fast, and enhances user interaction on your site.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n– React to any post or comment with emojis.\u003Cbr \u002F>\n– Guests or logged-in users can react to comments.\u003Cbr \u002F>\n– Recent emojis are saved and displayed in the picker.\u003Cbr \u002F>\n– Emoji search functionality by emoji names.\u003Cbr \u002F>\n– Filter emojis by categories or scroll through the picker.\u003Cbr \u002F>\n– Add multiple emojis directly to the comment textarea.\u003C\u002Fp>\n\u003Ch3>Setup and Configuration\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Go to \u003Cstrong>Settings > Comment Emojis\u003C\u002Fstrong> in your WordPress admin dashboard.  \u003C\u002Fli>\n\u003Cli>Configure the available options by ticking the checkboxes.  \u003C\u002Fli>\n\u003Cli>Save your changes.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Notes\u003C\u002Fh3>\n\u003Cp>This plugin follows WordPress coding standards and is designed to be lightweight for optimal performance. For support, visit the plugin’s support forum.\u003C\u002Fp>\n","Add a lightweight emoji picker to the comment textarea, allowing users to insert emojis and react to posts or comments.",1552,"2025-01-28T10:48:00.000Z","6.7.5","5.0","7.4",[51,52,21,53,54],"blog-comment","comment-emojis","emoji","insert-emoji","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcomment-emojis-for-wp.1.1.0.zip",92,{"slug":58,"name":59,"version":60,"author":18,"author_profile":61,"description":18,"short_description":62,"active_installs":11,"downloaded":63,"rating":25,"num_ratings":25,"last_updated":64,"tested_up_to":65,"requires_at_least":66,"requires_php":18,"tags":67,"homepage":69,"download_link":70,"security_score":24,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"blogfollow","BlogFollow","1.1","https:\u002F\u002Fprofiles.wordpress.org\u002Fmattc78\u002F","BlogFollow is a WordPress pluggin that shows a snippet from a commenter's blog at the bottom on their comment.",2223,"2008-10-28T14:08:00.000Z","2.6","2.0.2",[20,21,68],"snippet","http:\u002F\u002Fwww.pseudocoder.com\u002Fblogfollow-show-a-snippet-from-a-commenters-blog-in-the-comment\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblogfollow.zip",{"slug":72,"name":73,"version":74,"author":75,"author_profile":76,"description":77,"short_description":78,"active_installs":11,"downloaded":79,"rating":80,"num_ratings":81,"last_updated":82,"tested_up_to":18,"requires_at_least":18,"requires_php":18,"tags":83,"homepage":87,"download_link":88,"security_score":24,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"bp-import-blog-activity","BP Import Blog Activity","0.2","Boone Gorges","https:\u002F\u002Fprofiles.wordpress.org\u002Fboonebgorges\u002F","\u003Cp>If you install BuddyPress on an already thriving WordPress installation, you’ll notice that existing blog comments and posts are not inserted into the activity stream. This plugin fixes that.\u003C\u002Fp>\n\u003Cp>Requires WordPress Multisite\u003C\u002Fp>\n","Updates BuddyPress activity streams with missing blog comments and posts",4652,20,1,"2012-09-17T01:07:00.000Z",[84,20,85,21,86],"activity","buddypress","import","http:\u002F\u002Fteleogistic.net\u002Fcode\u002Fbuddypress\u002Fbp-import-blog-activity","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbp-import-blog-activity.0.2.zip",{"slug":90,"name":91,"version":92,"author":75,"author_profile":76,"description":93,"short_description":94,"active_installs":11,"downloaded":95,"rating":25,"num_ratings":25,"last_updated":96,"tested_up_to":18,"requires_at_least":18,"requires_php":18,"tags":97,"homepage":100,"download_link":101,"security_score":24,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"bp-include-non-member-comments","BP Include Non-member Comments","1.3","\u003Cp>By default, BuddyPress does not include comments from non-members (or non-logged-in users more generally) in the sitewide activity stream. This plugin records activity items for those comments.\u003C\u002Fp>\n\u003Cp>Please note: the latest version of this plugin (1.2) will NOT work with versions of BuddyPress between 1.2RC and 1.2.1. BP versions 1.2.2+ are supported. Please download an earlier version of this plugin for compatibility with older versions of BuddyPress\u003C\u002Fp>\n","Inserts blog comments from non-logged-in users into the activity stream",4788,"2013-03-26T16:03:00.000Z",[84,98,85,21,99],"blogs","non-members","http:\u002F\u002Fteleogistic.net\u002Fcode\u002Fbuddypress\u002Fbp-include-non-member-comments","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbp-include-non-member-comments.1.3.zip",{"slug":103,"name":104,"version":105,"author":106,"author_profile":107,"description":108,"short_description":109,"active_installs":11,"downloaded":110,"rating":13,"num_ratings":81,"last_updated":18,"tested_up_to":18,"requires_at_least":18,"requires_php":18,"tags":111,"homepage":114,"download_link":115,"security_score":13,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":116},"buddypress-activity-as-blog-comments","BuddyPress Activity Stream as Blog Comments","0.1.1","rich! @ etiviti","https:\u002F\u002Fprofiles.wordpress.org\u002Fnuprn1\u002F","\u003Cp>This plugin will replace the main BuddyPress blog (for what BP is activated on) comments section with the activity stream reply system (threaded) and the (reply | favorite) links\u003C\u002Fp>\n\u003Cp>This will remove the WP Comments reply section – only the site admin will have access to make traditional comment replies (you may adjust this in the theme file)\u003C\u002Fp>\n\u003Cp>I consider this an experimental plugin showing how the activity stream can be more a main component across WordPress.\u003C\u002Fp>\n\u003Ch4>Requirements\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Activity stream enabled\u003C\u002Fli>\n\u003Cli>blog and forum activity stream enabled\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Important Notes\u003C\u002Fh4>\n\u003Cp>Please see the FAQ – if you have an existing BP install with blog postings and comments you MUST run an additional plugin to import blog postings and comments into the activity stream (this is untested)\u003C\u002Fp>\n\u003Cp>Currently no WPMU subblog support – looking for any brave souls to configure it properly. 🙂\u003C\u002Fp>\n\u003Ch4>Related Links:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fblog.etiviti.com\u002F2010\u002F04\u002Fbuddypress-activity-stream-as-blog-comments\u002F\" title=\"BuddyPress Activity Stream as Blog Comments - Blog About Page\" rel=\"nofollow ugc\">About Page\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fetivite.com\u002F2010\u002F04\u002Fwhat-does-it-mean\u002F\" title=\"Plugin Demo Site\" rel=\"nofollow ugc\">See it in action\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Please report any bugs, ideas, concerns, etc – detailed.\u003C\u002Fp>\n\u003Ch3>Extra Configuration\u003C\u002Fh3>\n\u003Ch4>Allow other members to use traditional blog comment reply\u003C\u002Fh4>\n\u003Cp>Edit the theme file theme\u002Factivitycomments\u002Fblogactivity-commments.php (you may want to copy this activitycomments\u002Ffile to your default theme to prevent future updates from overwriting)\u003C\u002Fp>\n\u003Cp>change the line\n    \u003C\u002Fp>\n\u003Cp>Where is_site_admin can be \u003Ccode>current_user_can()\u003C\u002Fcode> with the wp_cap level (lets say you want editors or authors to reply to comments in the traditional sense). Then additional blog_comments will show activity replies underneath as well. (a neat nested effect)\u003C\u002Fp>\n","This plugin will replace the blog comments section with the activity stream reply system",7332,[112,113,85],"activity-stream","blog-comments","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fbuddypress-activity-as-blog-comments\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddypress-activity-as-blog-comments.zip","2026-03-15T10:48:56.248Z",{"attackSurface":118,"codeSignals":148,"taintFlows":160,"riskAssessment":161,"analyzedAt":171},{"hooks":119,"ajaxHandlers":144,"restRoutes":145,"shortcodes":146,"cronEvents":147,"entryPointCount":25,"unprotectedCount":25},[120,126,130,135,139],{"type":121,"name":122,"callback":123,"file":124,"line":125},"action","wp_enqueue_scripts","my_enqueue_scripts","kittens4comments.php",35,{"type":121,"name":127,"callback":128,"file":124,"line":129},"comment_form","kitten_comment_addons",36,{"type":131,"name":132,"callback":133,"file":124,"line":134},"filter","comment_form_defaults","comment_form_addons",37,{"type":121,"name":136,"callback":137,"file":124,"line":138},"admin_menu","wwm_admin_menu",38,{"type":131,"name":140,"callback":141,"priority":142,"file":124,"line":143},"wwm_plugin_links","this_plugin_link",99,63,[],[],[],[],{"dangerousFunctions":149,"sqlUsage":150,"outputEscaping":152,"fileOperations":25,"externalRequests":25,"nonceChecks":25,"capabilityChecks":25,"bundledLibraries":159},[],{"prepared":25,"raw":25,"locations":151},[],{"escaped":25,"rawEcho":31,"locations":153},[154,157],{"file":124,"line":155,"context":156},114,"raw output",{"file":124,"line":158,"context":156},159,[],[],{"summary":162,"deductions":163},"The \"kittens-for-comments\" v3.0.2 plugin exhibits a generally good security posture in terms of its attack surface and vulnerability history. The static analysis indicates no identified AJAX handlers, REST API routes, shortcodes, or cron events, which significantly reduces the potential entry points for attackers. Furthermore, the absence of dangerous functions, file operations, and external HTTP requests, coupled with the complete use of prepared statements for SQL queries, are strong indicators of secure coding practices. The plugin also boasts a clean vulnerability history with no known CVEs, suggesting a history of stable and secure development.\n\nHowever, a significant concern arises from the output escaping. With 100% of the identified outputs not being properly escaped, this presents a notable risk of Cross-Site Scripting (XSS) vulnerabilities. Attackers could potentially inject malicious scripts through comments that are then displayed without proper sanitization. The lack of nonce and capability checks on any potential entry points, although currently minimal, could become a risk if the plugin's functionality were to expand without these security measures being implemented. The analysis of taint flows yielded no issues, which is positive, but it's important to note the analysis was based on zero flows, so this is not a strong indicator of overall taint protection.\n\nIn conclusion, while the plugin is strong in preventing direct access vulnerabilities and has a clean history, the complete lack of output escaping is a critical weakness that needs immediate attention. This single issue significantly elevates the risk profile despite the plugin's other positive security attributes. The absence of nonce and capability checks should also be monitored as the plugin evolves. Addressing the output escaping is paramount to mitigating potential XSS attacks.",[164,167,169],{"reason":165,"points":166},"Output escaping is not properly implemented",8,{"reason":168,"points":14},"No nonce checks found",{"reason":170,"points":14},"No capability checks found","2026-03-17T01:30:38.595Z",{"wat":173,"direct":187},{"assetPaths":174,"generatorPatterns":182,"scriptPaths":183,"versionParams":184},[175,176,177,178,179,180,181],"\u002Fwp-content\u002Fplugins\u002Fkittens-for-comments\u002Fjs\u002Fwaypoints.min.js","\u002Fwp-content\u002Fplugins\u002Fkittens-for-comments\u002Fjs\u002Fjquery.colorbox-min.js","\u002Fwp-content\u002Fplugins\u002Fkittens-for-comments\u002Fjs\u002Fkittens4comments.js","\u002Fwp-content\u002Fplugins\u002Fkittens-for-comments\u002Fjs\u002Fkittens4comments.min.js","\u002Fwp-content\u002Fplugins\u002Fkittens-for-comments\u002Fcss\u002Fcolorbox.min.css","\u002Fwp-content\u002Fplugins\u002Fkittens-for-comments\u002Fcss\u002Fkittens4comments.css","\u002Fwp-content\u002Fplugins\u002Fkittens-for-comments\u002Fcss\u002Fkittens4comments.min.css",[],[175,176,177,178],[185,186,185,186],"kittens4comments?ver=","kittens4comments.min?ver=",{"cssClasses":188,"htmlComments":191,"htmlAttributes":192,"restEndpoints":193,"jsGlobals":194,"shortcodeOutput":196},[189,190],"kittenpanel","wwm-dashicon",[],[],[],[195],"kittenPic",[197],"\u003Cdiv class=\"kittenpanel\">\u003Cp>Your comments make us happy.\u003C\u002Fp>  \u003Cp>Leave a comment, get a kitten!\u003C\u002Fp>\u003C\u002Fdiv>"]