[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$flvOAg_lNxZGoBOzVgYUQXBpP3fI8HgEKUMoWAuJiY3U":3,"$fy4gUlg76jygyG0O_xpD2BlDoFKjSyaVC9g_cJ_EjTbc":283,"$fhKBs62Pe7pA_LJat5J_3Jtm2T-uzfnkU-PQh3Vd0WhY":287},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":18,"download_link":23,"security_score":24,"vuln_count":14,"unpatched_count":14,"last_vuln_date":25,"fetched_at":26,"discovery_status":27,"vulnerabilities":28,"developer":46,"crawl_stats":34,"alternatives":52,"analysis":156,"fingerprints":262},"knowledge-base-maker","Knowledge Base – Knowledge Base Maker","1.1.8","devfelixmoira","https:\u002F\u002Fprofiles.wordpress.org\u002Fdevfelixmoira\u002F","\u003Cp>Organize your documentation and FAQs with our Knowledge Base Maker plugin. It’s easy to use, flexible and professional.\u003C\u002Fp>\n\u003Cp>Knowledge Base sarch bar shortcode name is [ykb_knowledge_base]\u003C\u002Fp>\n\u003Cp>If you think that you have found a bug in Knowledge Base Maker plugin or have any questions, please feel free to contact us at dev.felixmoira@gmail.com.\u003C\u002Fp>\n","Organize your documentation and FAQs with our Knowledge Base Maker plugin. It's easy to use, flexible and professional.",200,3662,100,1,"2023-01-26T18:27:00.000Z","6.1.10","3.8","",[20,21,22],"poll","poll-form","polls","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fknowledge-base-maker.1.1.8.zip",63,"2025-06-19 00:00:00","2026-04-16T10:56:18.058Z","no_bundle",[29],{"id":30,"url_slug":31,"title":32,"description":33,"plugin_slug":4,"theme_slug":34,"affected_versions":35,"patched_in_version":34,"severity":36,"cvss_score":37,"cvss_vector":38,"vuln_type":39,"published_date":25,"updated_date":40,"references":41,"days_to_patch":34,"patch_diff_files":43,"patch_trac_url":34,"research_status":34,"research_verified":44,"research_rounds_completed":45,"research_plan":34,"research_summary":34,"research_vulnerable_code":34,"research_fix_diff":34,"research_exploit_outline":34,"research_model_used":34,"research_started_at":34,"research_completed_at":34,"research_error":34,"poc_status":34,"poc_video_id":34,"poc_summary":34,"poc_steps":34,"poc_tested_at":34,"poc_wp_version":34,"poc_php_version":34,"poc_playwright_script":34,"poc_exploit_code":34,"poc_has_trace":44,"poc_model_used":34,"poc_verification_depth":34},"CVE-2025-52791","knowledge-base-8211-knowledge-base-maker-cross-site-request-forgery","Knowledge Base – Knowledge Base Maker \u003C= 1.1.8 - Cross-Site Request Forgery","The Knowledge Base – Knowledge Base Maker plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.8. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to perform an unauthorized action granted they can trick a site administrator into performing an action such as clicking on a link.",null,"\u003C=1.1.8","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Cross-Site Request Forgery (CSRF)","2025-06-25 15:43:09",[42],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F6fb7944a-58ad-4e52-8fe2-6b535517541e?source=api-prod",[],false,0,{"slug":7,"display_name":7,"profile_url":8,"plugin_count":47,"total_installs":48,"avg_security_score":49,"avg_patch_time_days":50,"trust_score":49,"computed_at":51},6,1510,80,8,"2026-05-20T07:52:59.654Z",[53,67,91,113,133],{"slug":54,"name":55,"version":56,"author":7,"author_profile":8,"description":57,"short_description":58,"active_installs":59,"downloaded":60,"rating":13,"num_ratings":61,"last_updated":62,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":63,"homepage":18,"download_link":64,"security_score":65,"vuln_count":14,"unpatched_count":14,"last_vuln_date":66,"fetched_at":26},"poll-builder","Poll, Poll Forms – WordPress Poll plugin by Poll Builder","1.3.5","\u003Cp>The easiest way to create Poll forms via Poll plugin.\u003C\u002Fp>\n\u003Cp>If you think that you have found a bug in Poll plugin or have any questions, please feel free to contact us at dev.felixmoira@gmail.com.\u003C\u002Fp>\n","Poll Builder plugin allows you easiest way to create Poll forms via the Poll plugin.",10,4726,2,"2023-01-26T18:22:00.000Z",[20,21,22],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpoll-builder.1.3.5.zip",64,"2024-12-11 00:00:00",{"slug":68,"name":69,"version":70,"author":71,"author_profile":72,"description":73,"short_description":74,"active_installs":75,"downloaded":76,"rating":13,"num_ratings":77,"last_updated":78,"tested_up_to":79,"requires_at_least":80,"requires_php":81,"tags":82,"homepage":87,"download_link":88,"security_score":89,"vuln_count":14,"unpatched_count":45,"last_vuln_date":90,"fetched_at":26},"crowdsignal-forms","Crowdsignal Forms","1.8.0","Automattic","https:\u002F\u002Fprofiles.wordpress.org\u002Fautomattic\u002F","\u003Cp>The Crowdsignal Forms plugin allows you to create and manage polls right from within the block editor.\u003Cbr \u002F>\nCreating polls is as simple and as fast as writing a bullet point list. No embed blocks and no copy pasting needed anymore.\u003C\u002Fp>\n\u003Cp>Customize the look and feel of your polls to match your brand, and pick your favorite color. The poll block supports the styling of your theme by default, and from there you can customize the styling of your polls the way you want.\u003C\u002Fp>\n\u003Cp>With Crowdsignal’s results page you can view all responses as they come in. See the geo-locations of your voters and analyze IP addresses for any suspicious voting behavior. See advanced stats and analytics for understanding your audience.\u003C\u002Fp>\n\u003Cp>Analyze your results and then export them in a number of different formats.\u003C\u002Fp>\n\u003Cp>Set close dates for polls, create polls with single or multiple choice answers, choose whether to show your readers the poll results or keep them private.\u003C\u002Fp>\n\u003Cp>You can create an unlimited number of polls with a free \u003Ca href=\"https:\u002F\u002Fcrowdsignal.com\u002F\" rel=\"nofollow ugc\">Crowdsignal\u003C\u002Fa> account and your first 2,500 signals are free. A signal is a response you get to a poll. If you are on a free plan, you still have full access to the first 2,500 signals. Any further responses you collect will still be recorded but if you \u003Ca href=\"https:\u002F\u002Fcrowdsignal.com\u002Fpricing\u002F\" rel=\"nofollow ugc\">upgrade\u003C\u002Fa> you will get access to our unlocked reports to see them. You’ll also get access to a \u003Ca href=\"https:\u002F\u002Fcrowdsignal.com\u002Ffeatures\u002F\" rel=\"nofollow ugc\">range of features\u003C\u002Fa> not available to free users.\u003C\u002Fp>\n","The Crowdsignal Forms plugin allows you to create and manage polls right from within the block editor.",200000,144027,3,"2026-02-10T14:53:00.000Z","6.9.4","6.0","5.6.20",[83,84,85,22,86],"block","forms","gutenberg","surveys","https:\u002F\u002Fcrowdsignal.com\u002Fcrowdsignal-forms\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcrowdsignal-forms.1.8.0.zip",99,"2025-12-27 00:00:00",{"slug":92,"name":93,"version":94,"author":71,"author_profile":72,"description":95,"short_description":96,"active_installs":97,"downloaded":98,"rating":99,"num_ratings":100,"last_updated":101,"tested_up_to":79,"requires_at_least":102,"requires_php":103,"tags":104,"homepage":108,"download_link":109,"security_score":110,"vuln_count":111,"unpatched_count":45,"last_vuln_date":112,"fetched_at":26},"polldaddy","Crowdsignal Dashboard – Polls, Surveys & more","3.1.5","\u003Cp>The Crowdsignal Dashboard plugin allows you to create and manage polls, surveys, quizzes, and ratings from within your WordPress admin. See all your projects in one place, be they surveys, quizzes and polls made on Crowdsignal.com or any of our poll and survey blocks using our Crowdsignal Forms plugin. With just one click view all results for your responses as they come in to analyze responses in real time and export your results everywhere!\u003C\u002Fp>\n\u003Ch3>The Block Editor\u003C\u002Fh3>\n\u003Cp>Are you using the new block editor for WordPress? Our other plugin, \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcrowdsignal-forms\u002F\" rel=\"ugc\">Crowdsignal Forms\u003C\u002Fa> provides a number of blocks for your post editor that allow you to gather actionable feedback from your audience:\u003Cbr \u002F>\n* Poll: Create polls and get your audience’s opinion.\u003Cbr \u002F>\n* Survey Embed: Create surveys in minutes with 14 question types and embed them into your page.\u003Cbr \u002F>\n* Feedback Button: A floating and always visible button that allows your audience to share feedback anytime.\u003Cbr \u002F>\n* Measure NPS: Calculate your Net Promoter Score! Collect feedback and track customer satisfaction over time.\u003Cbr \u002F>\n* Voting: Allow your audience to rate your work or express their opinion.\u003Cbr \u002F>\n* Applause: Let your audience cheer with a big round of applause.\u003C\u002Fp>\n\u003Cp>Learn more about the Crowdsignal Forms plugin \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcrowdsignal-forms\u002F\" rel=\"ugc\">here\u003C\u002Fa>, and on \u003Ca href=\"https:\u002F\u002Fcrowdsignal.com\u002F\" rel=\"nofollow ugc\">crowdsignal.com\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Want to help translate the plugin or keep an existing translation up-to-date? Head on over to the \u003Ca href=\"http:\u002F\u002Ftranslate.wordpress.com\u002Fprojects\u002Fpolldaddy\u002Fplugin\" rel=\"nofollow ugc\">translation site\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Some strings are not translated when polls and surveys are embedded. You will have to translate them using a language pack on \u003Ca href=\"https:\u002F\u002Fcrowdsignal.com\u002F\" rel=\"nofollow ugc\">Crowdsignal.com\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Development of the plugin takes place in \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FAutomattic\u002Fcrowdsignal-plugin\" rel=\"nofollow ugc\">this GitHub repository\u003C\u002Fa>. Contributions are welcome!\u003C\u002Fp>\n\u003Ch3>The Classic Editor\u003C\u002Fh3>\n\u003Cp>If you are a long time user of this plugin and you still use the classic post editor, the best way to create polls is through your \u003Ca href=\"https:\u002F\u002Fapp.crowdsignal.com\u002Fdashboard\u002F\" rel=\"nofollow ugc\">Crowdsignal account\u003C\u002Fa> where you have a number of different ways to share polls (and surveys). However, up to version 2.2.6, this plugin had an “Add Poll” button above the post editor that opened a very basic poll editor. That “Add Poll” button has since been removed but if you would still like to use it, open up the wp-admin dashboard on your WordPress site. Add “admin.php?page=polls&action=create-poll” to the end of the URL, after “wp-admin\u002F” so it looks like https:\u002F\u002Fexample.com\u002Fwp-admin\u002Fadmin.php?page=polls&action=create-poll and you will see the old poll editor. Bookmark that URL if you still want to use that poll editor. We do not recommend using version 2.2.6 of the plugin as you will miss out on many bug fixes and new features added since then.\u003C\u002Fp>\n","Manage your Crowdsignal polls, surveys, quizzes, and ratings directly from the WordPress dashboard.",100000,1262975,54,34,"2026-02-25T16:33:00.000Z","5.5","5.6",[105,22,106,86,107],"polling","rating","vote","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpolldaddy\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpolldaddy.3.1.5.zip",96,9,"2024-09-24 00:00:00",{"slug":114,"name":115,"version":116,"author":117,"author_profile":118,"description":119,"short_description":120,"active_installs":121,"downloaded":122,"rating":123,"num_ratings":124,"last_updated":125,"tested_up_to":126,"requires_at_least":127,"requires_php":18,"tags":128,"homepage":130,"download_link":131,"security_score":123,"vuln_count":47,"unpatched_count":45,"last_vuln_date":132,"fetched_at":26},"wp-polls","WP-Polls","2.77.3","Lester Chan","https:\u002F\u002Fprofiles.wordpress.org\u002Fgamerz\u002F","\u003Cp>WP-Polls is extremely customizable via templates and css styles and there are tons of options for you to choose to ensure that WP-Polls runs the way you wanted. It now supports multiple selection of answers.\u003C\u002Fp>\n\u003Ch3>Development\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Flesterchan\u002Fwp-polls\" title=\"https:\u002F\u002Fgithub.com\u002Flesterchan\u002Fwp-polls\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002Flesterchan\u002Fwp-polls\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Plugin icon by \u003Ca href=\"http:\u002F\u002Fwww.freepik.com\" rel=\"nofollow ugc\">Freepik\u003C\u002Fa> from \u003Ca href=\"http:\u002F\u002Fwww.flaticon.com\" rel=\"nofollow ugc\">Flaticon\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Donations\u003C\u002Fh3>\n\u003Cp>I spent most of my free time creating, updating, maintaining and supporting these plugins, if you really love my plugins and could spare me a couple of bucks, I will really appreciate it. If not feel free to use it without any obligations.\u003C\u002Fp>\n","Adds an AJAX poll system to your WordPress blog. You can also easily add a poll into your WordPress's blog post\u002Fpage.",40000,3680319,84,136,"2025-01-18T03:07:00.000Z","6.7.5","4.9.6",[129,20,105,22,107],"booth","https:\u002F\u002Flesterchan.net\u002Fportfolio\u002Fprogramming\u002Fphp\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-polls.2.77.3.zip","2025-01-21 14:08:11",{"slug":134,"name":135,"version":136,"author":137,"author_profile":138,"description":139,"short_description":140,"active_installs":141,"downloaded":142,"rating":143,"num_ratings":144,"last_updated":145,"tested_up_to":79,"requires_at_least":146,"requires_php":18,"tags":147,"homepage":151,"download_link":152,"security_score":153,"vuln_count":154,"unpatched_count":45,"last_vuln_date":155,"fetched_at":26},"yop-poll","YOP Poll","6.5.40","YOP","https:\u002F\u002Fprofiles.wordpress.org\u002Fyourownprogrammer\u002F","\u003Cp>YOP Poll plugin allows you to easily integrate a survey in your blog post\u002Fpage and to manage the polls from within your WordPress dashboard but if offers so much more than other similar products.  Simply put, it doesn’t lose sight of your needs and ensures that no detail is left unaccounted for.\u003C\u002Fp>\n\u003Cp>To name just a few improvements, you can create polls to include both single or multiple answers, work with a wide variety of options and settings to decide how you wish to sort your poll information, how to manage the results, what details to display and what to keep private, whether you want to view the total votes or the total voters, to set vote permissions or block voters etc.\u003C\u002Fp>\n\u003Cp>Scheduling your polls is no longer a problem. YOP Poll can simultaneously run multiple polls (no limit included) or you can schedule your polls to start one after another. Also, keeping track of your polls is easy, you have various sorting functions and you can access older versions at any time.\u003C\u002Fp>\n\u003Cp>Designed to intuitive and easy to use, this plugin allows shortcodes and includes a widget functionality that fits perfectly with your WordPress website. For more details on the included features, please refer to the description below.\u003C\u002Fp>\n\u003Cp>Current poll features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Create\u002F Edit \u002F Clone\u002FDelete poll – allows you to create or intervene in your poll at any time, if you consider it necessary.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Poll scheduling:  programs each poll to start\u002Fend on a certain date. You can simultaneously run multiple polls. This option can be used to schedule your polls one after another.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Display polls: you can choose to display one or more polls on your website by simply adding the corresponding poll ID. You can also decide for a random display of your active polls.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>View all polls: lists all your polls that you can sort by number of votes or voters, by question or by date. It also includes a search option.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Poll answers – allows other answers, multiple answers and includes a sorting module by various criteria: in exact order, in alphabetical order, by number of votes, ascending, descending etc.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Poll results – offers a great flexibility when displaying the results: before\u002Fafter vote, after poll’s end date, on a custom date or never. The results can also be displayed by vote numbers, percentages or both. You can choose to include a view results link, view number of votes or number of voters.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Add custom fields – is a complex option that you can use to ask for additional information from your voters, information that you can then export and use for.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Reset stats – proves useful when you wish to restart a poll.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Vote permissions: – limits the voting accessibility to guests, registered users or both, or blocks user access by cookie, IP and username.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Archive options – allows the users of the website to access former polls statistics. You can choose which polls to display according to their start\u002Fend date.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Display Options – displays answers and results tabulated, vertically or horizontally.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Logs and bans – user logs and bans can be seen in the admin section. You can ban users by email, username and IP and you can set the limitation preferences for all your polls or for just one of them.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","Use a full option polling solution to get the answers you need. YOP Poll is the perfect, easy to use poll plugin for your WordPress site.",10000,1238193,88,448,"2026-02-16T10:33:00.000Z","3.3",[148,20,149,22,150],"create-poll","poll-plugin","wordpress-poll","https:\u002F\u002Fyop-poll.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fyop-poll.6.5.40.zip",94,14,"2025-11-02 00:00:00",{"attackSurface":157,"codeSignals":210,"taintFlows":226,"riskAssessment":251,"analyzedAt":261},{"hooks":158,"ajaxHandlers":197,"restRoutes":204,"shortcodes":205,"cronEvents":209,"entryPointCount":77,"unprotectedCount":45},[159,165,169,172,176,180,185,189,192],{"type":160,"name":161,"callback":162,"file":163,"line":164},"action","admin_head","adminHead","com\\classes\\admin\\Actions.php",11,{"type":160,"name":166,"callback":167,"file":163,"line":168},"add_meta_boxes","metaboxes",12,{"type":160,"name":170,"callback":171,"file":163,"line":154},"admin_post_ykb_save_configuration","saveConfiguration",{"type":160,"name":173,"callback":174,"file":163,"line":175},"admin_action_ykb_duplicate_post_as_draft","duplicatePostSave",15,{"type":160,"name":177,"callback":178,"file":179,"line":168},"admin_enqueue_scripts","adminEenqueScripts","com\\classes\\admin\\CSS.php",{"type":181,"name":182,"callback":183,"priority":59,"file":184,"line":164},"filter","post_row_actions","duplicatePost","com\\classes\\admin\\Filters.php",{"type":160,"name":186,"callback":187,"file":188,"line":59},"init","postTypeInit","com\\classes\\global\\Actions.php",{"type":160,"name":190,"callback":191,"file":188,"line":168},"admin_menu","addSubMenu",{"type":160,"name":193,"callback":194,"file":195,"line":196},"admin_init","pluginRedirect","com\\classes\\YkbInit.php",16,[198,203],{"action":199,"nopriv":44,"callback":200,"hasNonce":201,"hasCapCheck":44,"file":202,"line":59},"ykb_search_data","search",true,"com\\classes\\global\\Ajax.php",{"action":199,"nopriv":44,"callback":200,"hasNonce":201,"hasCapCheck":44,"file":202,"line":164},[],[206],{"tag":207,"callback":208,"file":188,"line":164},"ykb_knowledge_base","shortcode",[],{"dangerousFunctions":211,"sqlUsage":212,"outputEscaping":217,"fileOperations":45,"externalRequests":45,"nonceChecks":61,"capabilityChecks":14,"bundledLibraries":225},[],{"prepared":14,"raw":14,"locations":213},[214],{"file":163,"line":215,"context":216},87,"$wpdb->get_results() with variable interpolation",{"escaped":218,"rawEcho":61,"locations":219},30,[220,223],{"file":202,"line":221,"context":222},17,"raw output",{"file":224,"line":59,"context":222},"public\\views\\front\\searchBar.php",[],[227,243],{"entryPoint":228,"graph":229,"unsanitizedCount":45,"severity":242},"search (com\\classes\\global\\Ajax.php:14)",{"nodes":230,"edges":240},[231,235],{"id":232,"type":233,"label":234,"file":202,"line":221},"n0","source","$_POST['value']",{"id":236,"type":237,"label":238,"file":202,"line":221,"wp_function":239},"n1","sink","echo() [XSS]","echo",[241],{"from":232,"to":236,"sanitized":201},"low",{"entryPoint":244,"graph":245,"unsanitizedCount":45,"severity":242},"\u003CAjax> (com\\classes\\global\\Ajax.php:0)",{"nodes":246,"edges":249},[247,248],{"id":232,"type":233,"label":234,"file":202,"line":221},{"id":236,"type":237,"label":238,"file":202,"line":221,"wp_function":239},[250],{"from":232,"to":236,"sanitized":201},{"summary":252,"deductions":253},"The 'knowledge-base-maker' plugin v1.1.8 exhibits a generally good security posture with strong adherence to secure coding practices. The static analysis reveals a relatively small attack surface with no unprotected entry points.  The plugin demonstrates a high percentage of properly escaped outputs and a good number of nonce and capability checks.  Furthermore, the absence of dangerous functions, file operations, and external HTTP requests is commendable. The taint analysis also shows no critical or high severity unsanitized flows, indicating a low risk of direct code injection or sensitive data exposure through untrusted input.\n\nHowever, a significant concern arises from the plugin's vulnerability history. The presence of one unpatched medium severity CVE, specifically a Cross-Site Request Forgery (CSRF) vulnerability, indicates a past weakness that has not yet been addressed. The recurrence of CSRF as a common vulnerability type is a pattern that warrants attention, suggesting a potential recurring oversight in handling user actions. While the current code analysis doesn't expose this specific CSRF vulnerability, the historical data suggests a latent risk that could be re-introduced or remain exploitable if not addressed.\n\nIn conclusion, 'knowledge-base-maker' v1.1.8 scores well on proactive security measures like input validation and output escaping. The static analysis paints a picture of a well-built plugin. The primary weakness lies in its unpatched historical vulnerability, which significantly impacts its overall trustworthiness. Addressing the outstanding CVE should be a priority to mitigate the risk associated with past security flaws.",[254,256,259],{"reason":255,"points":221},"Unpatched CVE (medium severity)",{"reason":257,"points":258},"SQL queries not fully prepared",5,{"reason":260,"points":61},"Minor unescaped output","2026-03-16T20:27:18.894Z",{"wat":263,"direct":273},{"assetPaths":264,"generatorPatterns":268,"scriptPaths":269,"versionParams":270},[265,266,267],"\u002Fwp-content\u002Fplugins\u002Fknowledge-base-maker\u002Fcom\u002Fviews\u002FsearchBar.php","\u002Fwp-content\u002Fplugins\u002Fknowledge-base-maker\u002Fassets\u002Fcss\u002FknowledgeBase.css","\u002Fwp-content\u002Fplugins\u002Fknowledge-base-maker\u002Fassets\u002Fjs\u002FsearchBar.js",[],[267],[271,272],"knowledge-base-maker\u002Fassets\u002Fcss\u002FknowledgeBase.css?ver=","knowledge-base-maker\u002Fassets\u002Fjs\u002FsearchBar.js?ver=",{"cssClasses":274,"htmlComments":275,"htmlAttributes":276,"restEndpoints":278,"jsGlobals":279,"shortcodeOutput":281},[],[],[277],"ykb-post-id",[],[280],"YKB_ARGS",[282],"\u003C!-- Search Bar -->",{"error":201,"url":284,"statusCode":285,"statusMessage":286,"message":286},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fknowledge-base-maker\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":288,"versions":289},20,[290,296,304,312,320,328,336,344,352,360,368,376,384,392,400,408,416,424,432,440],{"version":6,"download_url":23,"svn_tag_url":291,"released_at":34,"has_diff":44,"diff_files_changed":292,"diff_lines":34,"trac_diff_url":293,"vulnerabilities":294,"is_current":201},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fknowledge-base-maker\u002Ftags\u002F1.1.8\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fknowledge-base-maker%2Ftags%2F1.1.7.1&new_path=%2Fknowledge-base-maker%2Ftags%2F1.1.8",[295],{"id":30,"url_slug":31,"title":32,"severity":36,"cvss_score":37,"vuln_type":39,"patched_in_version":34},{"version":297,"download_url":298,"svn_tag_url":299,"released_at":34,"has_diff":44,"diff_files_changed":300,"diff_lines":34,"trac_diff_url":301,"vulnerabilities":302,"is_current":44},"1.1.7.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fknowledge-base-maker.1.1.7.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fknowledge-base-maker\u002Ftags\u002F1.1.7.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fknowledge-base-maker%2Ftags%2F1.1.7&new_path=%2Fknowledge-base-maker%2Ftags%2F1.1.7.1",[303],{"id":30,"url_slug":31,"title":32,"severity":36,"cvss_score":37,"vuln_type":39,"patched_in_version":34},{"version":305,"download_url":306,"svn_tag_url":307,"released_at":34,"has_diff":44,"diff_files_changed":308,"diff_lines":34,"trac_diff_url":309,"vulnerabilities":310,"is_current":44},"1.1.7","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fknowledge-base-maker.1.1.7.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fknowledge-base-maker\u002Ftags\u002F1.1.7\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fknowledge-base-maker%2Ftags%2F1.1.6&new_path=%2Fknowledge-base-maker%2Ftags%2F1.1.7",[311],{"id":30,"url_slug":31,"title":32,"severity":36,"cvss_score":37,"vuln_type":39,"patched_in_version":34},{"version":313,"download_url":314,"svn_tag_url":315,"released_at":34,"has_diff":44,"diff_files_changed":316,"diff_lines":34,"trac_diff_url":317,"vulnerabilities":318,"is_current":44},"1.1.6","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fknowledge-base-maker.1.1.6.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fknowledge-base-maker\u002Ftags\u002F1.1.6\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fknowledge-base-maker%2Ftags%2F1.1.5&new_path=%2Fknowledge-base-maker%2Ftags%2F1.1.6",[319],{"id":30,"url_slug":31,"title":32,"severity":36,"cvss_score":37,"vuln_type":39,"patched_in_version":34},{"version":321,"download_url":322,"svn_tag_url":323,"released_at":34,"has_diff":44,"diff_files_changed":324,"diff_lines":34,"trac_diff_url":325,"vulnerabilities":326,"is_current":44},"1.1.5","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fknowledge-base-maker.1.1.5.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fknowledge-base-maker\u002Ftags\u002F1.1.5\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fknowledge-base-maker%2Ftags%2F1.1.4&new_path=%2Fknowledge-base-maker%2Ftags%2F1.1.5",[327],{"id":30,"url_slug":31,"title":32,"severity":36,"cvss_score":37,"vuln_type":39,"patched_in_version":34},{"version":329,"download_url":330,"svn_tag_url":331,"released_at":34,"has_diff":44,"diff_files_changed":332,"diff_lines":34,"trac_diff_url":333,"vulnerabilities":334,"is_current":44},"1.1.4","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fknowledge-base-maker.1.1.4.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fknowledge-base-maker\u002Ftags\u002F1.1.4\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fknowledge-base-maker%2Ftags%2F1.1.3&new_path=%2Fknowledge-base-maker%2Ftags%2F1.1.4",[335],{"id":30,"url_slug":31,"title":32,"severity":36,"cvss_score":37,"vuln_type":39,"patched_in_version":34},{"version":337,"download_url":338,"svn_tag_url":339,"released_at":34,"has_diff":44,"diff_files_changed":340,"diff_lines":34,"trac_diff_url":341,"vulnerabilities":342,"is_current":44},"1.1.3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fknowledge-base-maker.1.1.3.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fknowledge-base-maker\u002Ftags\u002F1.1.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fknowledge-base-maker%2Ftags%2F1.1.2&new_path=%2Fknowledge-base-maker%2Ftags%2F1.1.3",[343],{"id":30,"url_slug":31,"title":32,"severity":36,"cvss_score":37,"vuln_type":39,"patched_in_version":34},{"version":345,"download_url":346,"svn_tag_url":347,"released_at":34,"has_diff":44,"diff_files_changed":348,"diff_lines":34,"trac_diff_url":349,"vulnerabilities":350,"is_current":44},"1.1.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fknowledge-base-maker.1.1.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fknowledge-base-maker\u002Ftags\u002F1.1.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fknowledge-base-maker%2Ftags%2F1.1.1&new_path=%2Fknowledge-base-maker%2Ftags%2F1.1.2",[351],{"id":30,"url_slug":31,"title":32,"severity":36,"cvss_score":37,"vuln_type":39,"patched_in_version":34},{"version":353,"download_url":354,"svn_tag_url":355,"released_at":34,"has_diff":44,"diff_files_changed":356,"diff_lines":34,"trac_diff_url":357,"vulnerabilities":358,"is_current":44},"1.1.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fknowledge-base-maker.1.1.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fknowledge-base-maker\u002Ftags\u002F1.1.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fknowledge-base-maker%2Ftags%2F1.1.0&new_path=%2Fknowledge-base-maker%2Ftags%2F1.1.1",[359],{"id":30,"url_slug":31,"title":32,"severity":36,"cvss_score":37,"vuln_type":39,"patched_in_version":34},{"version":361,"download_url":362,"svn_tag_url":363,"released_at":34,"has_diff":44,"diff_files_changed":364,"diff_lines":34,"trac_diff_url":365,"vulnerabilities":366,"is_current":44},"1.1.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fknowledge-base-maker.1.1.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fknowledge-base-maker\u002Ftags\u002F1.1.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fknowledge-base-maker%2Ftags%2F1.0.9&new_path=%2Fknowledge-base-maker%2Ftags%2F1.1.0",[367],{"id":30,"url_slug":31,"title":32,"severity":36,"cvss_score":37,"vuln_type":39,"patched_in_version":34},{"version":369,"download_url":370,"svn_tag_url":371,"released_at":34,"has_diff":44,"diff_files_changed":372,"diff_lines":34,"trac_diff_url":373,"vulnerabilities":374,"is_current":44},"1.0.9","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fknowledge-base-maker.1.0.9.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fknowledge-base-maker\u002Ftags\u002F1.0.9\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fknowledge-base-maker%2Ftags%2F1.0.8&new_path=%2Fknowledge-base-maker%2Ftags%2F1.0.9",[375],{"id":30,"url_slug":31,"title":32,"severity":36,"cvss_score":37,"vuln_type":39,"patched_in_version":34},{"version":377,"download_url":378,"svn_tag_url":379,"released_at":34,"has_diff":44,"diff_files_changed":380,"diff_lines":34,"trac_diff_url":381,"vulnerabilities":382,"is_current":44},"1.0.8","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fknowledge-base-maker.1.0.8.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fknowledge-base-maker\u002Ftags\u002F1.0.8\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fknowledge-base-maker%2Ftags%2F1.0.7&new_path=%2Fknowledge-base-maker%2Ftags%2F1.0.8",[383],{"id":30,"url_slug":31,"title":32,"severity":36,"cvss_score":37,"vuln_type":39,"patched_in_version":34},{"version":385,"download_url":386,"svn_tag_url":387,"released_at":34,"has_diff":44,"diff_files_changed":388,"diff_lines":34,"trac_diff_url":389,"vulnerabilities":390,"is_current":44},"1.0.7","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fknowledge-base-maker.1.0.7.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fknowledge-base-maker\u002Ftags\u002F1.0.7\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fknowledge-base-maker%2Ftags%2F1.0.6&new_path=%2Fknowledge-base-maker%2Ftags%2F1.0.7",[391],{"id":30,"url_slug":31,"title":32,"severity":36,"cvss_score":37,"vuln_type":39,"patched_in_version":34},{"version":393,"download_url":394,"svn_tag_url":395,"released_at":34,"has_diff":44,"diff_files_changed":396,"diff_lines":34,"trac_diff_url":397,"vulnerabilities":398,"is_current":44},"1.0.6","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fknowledge-base-maker.1.0.6.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fknowledge-base-maker\u002Ftags\u002F1.0.6\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fknowledge-base-maker%2Ftags%2F1.0.5&new_path=%2Fknowledge-base-maker%2Ftags%2F1.0.6",[399],{"id":30,"url_slug":31,"title":32,"severity":36,"cvss_score":37,"vuln_type":39,"patched_in_version":34},{"version":401,"download_url":402,"svn_tag_url":403,"released_at":34,"has_diff":44,"diff_files_changed":404,"diff_lines":34,"trac_diff_url":405,"vulnerabilities":406,"is_current":44},"1.0.5","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fknowledge-base-maker.1.0.5.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fknowledge-base-maker\u002Ftags\u002F1.0.5\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fknowledge-base-maker%2Ftags%2F1.0.4&new_path=%2Fknowledge-base-maker%2Ftags%2F1.0.5",[407],{"id":30,"url_slug":31,"title":32,"severity":36,"cvss_score":37,"vuln_type":39,"patched_in_version":34},{"version":409,"download_url":410,"svn_tag_url":411,"released_at":34,"has_diff":44,"diff_files_changed":412,"diff_lines":34,"trac_diff_url":413,"vulnerabilities":414,"is_current":44},"1.0.4","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fknowledge-base-maker.1.0.4.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fknowledge-base-maker\u002Ftags\u002F1.0.4\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fknowledge-base-maker%2Ftags%2F1.0.3&new_path=%2Fknowledge-base-maker%2Ftags%2F1.0.4",[415],{"id":30,"url_slug":31,"title":32,"severity":36,"cvss_score":37,"vuln_type":39,"patched_in_version":34},{"version":417,"download_url":418,"svn_tag_url":419,"released_at":34,"has_diff":44,"diff_files_changed":420,"diff_lines":34,"trac_diff_url":421,"vulnerabilities":422,"is_current":44},"1.0.3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fknowledge-base-maker.1.0.3.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fknowledge-base-maker\u002Ftags\u002F1.0.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fknowledge-base-maker%2Ftags%2F1.0.2&new_path=%2Fknowledge-base-maker%2Ftags%2F1.0.3",[423],{"id":30,"url_slug":31,"title":32,"severity":36,"cvss_score":37,"vuln_type":39,"patched_in_version":34},{"version":425,"download_url":426,"svn_tag_url":427,"released_at":34,"has_diff":44,"diff_files_changed":428,"diff_lines":34,"trac_diff_url":429,"vulnerabilities":430,"is_current":44},"1.0.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fknowledge-base-maker.1.0.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fknowledge-base-maker\u002Ftags\u002F1.0.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fknowledge-base-maker%2Ftags%2F1.0.1&new_path=%2Fknowledge-base-maker%2Ftags%2F1.0.2",[431],{"id":30,"url_slug":31,"title":32,"severity":36,"cvss_score":37,"vuln_type":39,"patched_in_version":34},{"version":433,"download_url":434,"svn_tag_url":435,"released_at":34,"has_diff":44,"diff_files_changed":436,"diff_lines":34,"trac_diff_url":437,"vulnerabilities":438,"is_current":44},"1.0.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fknowledge-base-maker.1.0.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fknowledge-base-maker\u002Ftags\u002F1.0.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fknowledge-base-maker%2Ftags%2F1.0&new_path=%2Fknowledge-base-maker%2Ftags%2F1.0.1",[439],{"id":30,"url_slug":31,"title":32,"severity":36,"cvss_score":37,"vuln_type":39,"patched_in_version":34},{"version":441,"download_url":442,"svn_tag_url":443,"released_at":34,"has_diff":44,"diff_files_changed":444,"diff_lines":34,"trac_diff_url":34,"vulnerabilities":445,"is_current":44},"1.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fknowledge-base-maker.1.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fknowledge-base-maker\u002Ftags\u002F1.0\u002F",[],[446],{"id":30,"url_slug":31,"title":32,"severity":36,"cvss_score":37,"vuln_type":39,"patched_in_version":34}]