[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fi_-M-mszVPMQDaZiAP5trx-sK8wRqRfsIZDy2pUjlJk":3,"$fIwhBitWbbAvag8pLTPXXPR-sO57uyQ7SsLy_aiDiBI4":333,"$f0oTzTLT7rQQoY_ghknHyJgkjHQEWTqX6C8kR2tc4fgQ":338},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":17,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"discovery_status":28,"vulnerabilities":29,"developer":30,"crawl_stats":26,"alternatives":38,"analysis":137,"fingerprints":307},"likes-posts-comments","Like Posts & Comments","1.1","A. Chappard","https:\u002F\u002Fprofiles.wordpress.org\u002Faurelien\u002F","\u003Cp>This plugin provides 4 new template tags to display some informations\u002Factions about posts and comments. This template tags have to be called within the loop :\u003Cbr \u002F>\nwp_postlike(); : Return a link to like or unlike a post\u003Cbr \u002F>\nwp_commentlike(); : Return a link to like or unlike a comment\u003Cbr \u002F>\nwp_nb_postlike(); : Return a text to display the number of like for the current post\u003Cbr \u002F>\nwp_nb_commentlike(); : Return a text to display the number of like for the current comment\u003C\u002Fp>\n","Allows you to add links 'I like \u002F I do not like' to each post and comment.",10,3230,0,"2013-02-15T07:55:00.000Z","3.5.2","3.3","",[19,20,21,22,23],"like","like-comment","like-post","unlike","unlike-post","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flikes-posts-comments.1.1.zip",85,null,"2026-04-06T09:54:40.288Z","no_bundle",[],{"slug":31,"display_name":32,"profile_url":8,"plugin_count":11,"total_installs":33,"avg_security_score":34,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"aurelien","Aurélien LWS",78080,89,222,71,"2026-05-20T11:19:54.878Z",[39,61,85,104,121],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":47,"downloaded":48,"rating":49,"num_ratings":50,"last_updated":51,"tested_up_to":52,"requires_at_least":53,"requires_php":54,"tags":55,"homepage":17,"download_link":58,"security_score":59,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":60},"like-post-block","Like Post Block","1.5.0","Roel Magdaleno","https:\u002F\u002Fprofiles.wordpress.org\u002Frokumetal\u002F","\u003Cp>The Like Post Block plugin registers a WordPress block that allows you to add a like button to your WordPress block editor.\u003C\u002Fp>\n\u003Cp>You can insert this block in a single post, page, custom post type, and you can also insert it in any Gutenberg template.\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Add a like button to any post, page or custom post type\u003C\u002Fli>\n\u003Cli>Limit the number of likes per user\u003C\u002Fli>\n\u003Cli>Save user’s IP address to prevent multiple likes\u003C\u002Fli>\n\u003Cli>Supports any Gutenberg template\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Development\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Froelmagdaleno\u002Flike-post-block\" rel=\"nofollow ugc\">View on GitHub\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Add a button to like any post type.",80,3159,100,2,"2025-05-03T00:08:00.000Z","6.8.5","6.2","7.4",[56,57,19,21],"block","heart","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flike-post-block.1.5.0.zip",92,"2026-04-16T10:56:18.058Z",{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":11,"downloaded":69,"rating":49,"num_ratings":70,"last_updated":71,"tested_up_to":72,"requires_at_least":73,"requires_php":54,"tags":74,"homepage":80,"download_link":81,"security_score":82,"vuln_count":83,"unpatched_count":13,"last_vuln_date":84,"fetched_at":60},"clevernode-related-content","CleverNode Related Content","1.1.8","Metup","https:\u002F\u002Fprofiles.wordpress.org\u002Fmetup\u002F","\u003Cp>The \u003Cstrong>CleverNode Related Content\u003C\u002Fstrong> plugin allows you to \u003Cstrong>display a collection of related articles\u003C\u002Fstrong>, picked among those on your own site.\u003Cbr \u002F>\nThe correlation is made through a \u003Cstrong>semantic algorithm\u003C\u002Fstrong> that scans both the title and content of your articles in order to select a collection of related posts.\u003Cbr \u002F>\nArticles are displayed as a grid containing the featured image, title and link to the featured article. The \u003Cstrong>position\u003C\u002Fstrong> of this grid within the page may be \u003Cstrong>freely chosen\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>New in version 1.1.8\u003C\u002Fstrong>\u003Cbr \u002F>\nCleaner frontend loading with enqueued widget styles, a smoother admin experience and stronger security for a more reliable CleverNode setup.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>New in version 1.0.2\u003C\u002Fstrong>\u003Cbr \u002F>\nAdded AMP support: using the official \u003Ca href=\"https:\u002F\u002Fit.wordpress.org\u002Fplugins\u002Famp\u002F\" rel=\"nofollow ugc\">AMP plugin for WordPress\u003C\u002Fa> and the \u003Ca href=\"https:\u002F\u002Fit.wordpress.org\u002Fplugins\u002Faccelerated-mobile-pages\u002F\" rel=\"nofollow ugc\">AMP for WP – Accelerated Mobile Pages\u003C\u002Fa> plugin, the widget will be rendered as an \u003Ccode>amp-embed\u003C\u002Fcode>.\u003C\u002Fp>\n","CleverNode Related Content is a semantic correlation service that allows you to place a collection of related articles on your WordPress site.",4768,4,"2026-04-13T16:12:00.000Z","6.9.4","5.9",[75,76,77,78,79],"related-posts","semantic-related-posts","semantic-textual-similarity","similar-posts","you-also-may-like-posts","https:\u002F\u002Fclevernode.it\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fclevernode-related-content.1.1.8.zip",99,1,"2024-12-11 00:00:00",{"slug":86,"name":87,"version":88,"author":89,"author_profile":90,"description":91,"short_description":92,"active_installs":11,"downloaded":93,"rating":49,"num_ratings":83,"last_updated":94,"tested_up_to":95,"requires_at_least":96,"requires_php":17,"tags":97,"homepage":17,"download_link":103,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":60},"pl-manager","Post Like Manager","1.0","manidipmandal","https:\u002F\u002Fprofiles.wordpress.org\u002Fmanidipmandal\u002F","\u003Cp>PL Manager is a plugin for adding like and unlike  functionality for posts, pages, Custom post types. It has many configuration settings, that you can customize it fully. it will show a list of most liked posts. If you have already liked a post and now you dislike it, then the old voting will be cancelled and vice-versa.\u003C\u002Fp>\n\u003Ch4>Standard features\u003C\u002Fh4>\n\u003Col>\n\u003Cli>AJAX thumbs up\u002Fdown functionality without refreshing the page.\u003C\u002Fli>\n\u003Cli>Wide range of voting period.\u003C\u002Fli>\n\u003Cli>4 beautiful voting styles.\u003C\u002Fli>\n\u003Cli>Show\u002Fhide +\u002F- symbols before like\u002Funlike count\u003C\u002Fli>\n\u003Cli>Allow or block guest users to vote\u003C\u002Fli>\n\u003Cli>Custom messages\u003C\u002Fli>\n\u003Cli>Exclude specific posts, categories, post types if you do not want this functionality to be shown there\u003C\u002Fli>\n\u003Cli>Show the like functionality on top or at the bottom of the content\u003C\u002Fli>\n\u003Cli>Show the like functionality on left or right of the content\u003Cbr \u002F>\n11.Option to save plugin settings and table even after plugin uninstallation\u003C\u002Fli>\n\u003C\u002Fol>\n","A smooth ajax-based like\u002Fdislike functionality for wordpress posts, pages, Custom post types..",2201,"2016-10-17T13:51:00.000Z","4.6.30","4.0",[98,99,100,101,102],"most-liked-posts","recently-liked-posts","thumbs-down","thumbs-up","wordpress-like-post","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpl-manager.zip",{"slug":105,"name":106,"version":107,"author":108,"author_profile":109,"description":110,"short_description":111,"active_installs":11,"downloaded":112,"rating":49,"num_ratings":83,"last_updated":113,"tested_up_to":114,"requires_at_least":96,"requires_php":17,"tags":115,"homepage":119,"download_link":120,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"post-like","Post Like","1.0.3","Aamer Shahzad","https:\u002F\u002Fprofiles.wordpress.org\u002Ftalentedaamer\u002F","\u003Cp>Post Like is a plugin for blog authors that allows you to add like button at the end of single post. User should be logged in to like the post, once post is liked it is stored in user liked posts. User can also unlike the post. In the future release we will add a login link for users who are not logged in and some customizer options. Future releases will also include some of widgets for most liked posts and a user widget to show user liked posts.\u003C\u002Fp>\n\u003Ch3>Like\u003C\u002Fh3>\n\u003Cp>When the users are logged in, they will be able to see the like link and counter at the bottom of the single post. Then they will be able to like the post.\u003C\u002Fp>\n\u003Ch3>Unlike\u003C\u002Fh3>\n\u003Cp>After a post is liked by a logged in user, he can also unlike the post after page is refreshed.\u003C\u002Fp>\n\u003Ch3>Plugin Settings\u003C\u002Fh3>\n\u003Cp>For plugin settings go to \u003Cstrong>Settings -> Post Like Settings\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Ch3>Demo Video\u003C\u002Fh3>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FWRT-DHCwbyI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n","Post like is a simple ajax based post like\u002Funlike plugin that help your visitors to like posts. Counter shows number of post likes.",2065,"2019-02-17T19:46:00.000Z","4.9.29",[116,19,117,118,22],"count","love","post","http:\u002F\u002Fwpthemecraft.com\u002Fplugins\u002Fpost-like-plugin-for-wordpress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpost-like.1.0.3.zip",{"slug":122,"name":123,"version":124,"author":125,"author_profile":126,"description":127,"short_description":128,"active_installs":11,"downloaded":129,"rating":13,"num_ratings":13,"last_updated":130,"tested_up_to":131,"requires_at_least":132,"requires_php":17,"tags":133,"homepage":17,"download_link":136,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":60},"post-likerator","Post Likerator","1.0.0","Flipeleven","https:\u002F\u002Fprofiles.wordpress.org\u002Fflipeleven\u002F","\u003Cp>Enables a simple like\u002Funlike feature to be added to posts, pages, etc. There is no dislike feature. You are expected to style it however you like so it matches your theme; it has none of its own CSS. There is also no admin page or options for this plugin.\u003C\u002Fp>\n\u003Cp>Add the like button to your template using the included PHP function:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003C?php post_likerator(); ?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>By default it will use the current post ID and echo the like button’s markup. You can change this by passing (integer) Post ID and (boolean) echo arguments to the function:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003C?php $like_button = post_likerator(2501, false); ?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>The above will attribute likes to post ID \u003Ccode>2501\u003C\u002Fcode> and will assign the string of markup to the \u003Ccode>$like_button\u003C\u002Fcode> variable instead of echoing it.\u003C\u002Fp>\n\u003Cp>Once you’ve got it looking awesome, click to like the post. Clicking again will unlike it. You can go back and forth as much as you want, but it will probably get boring after a little while.\u003C\u002Fp>\n","Simple like\u002Funlike function for posts. No dislikes. Bring your own CSS.",1359,"2017-10-19T16:53:00.000Z","4.8.28","4.8.2",[134,19,135,101],"developer-friendly","like-posts","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpost-likerator.1.0.0.zip",{"attackSurface":138,"codeSignals":180,"taintFlows":216,"riskAssessment":294,"analyzedAt":306},{"hooks":139,"ajaxHandlers":169,"restRoutes":177,"shortcodes":178,"cronEvents":179,"entryPointCount":50,"unprotectedCount":50},[140,146,150,153,156,160,165],{"type":141,"name":142,"callback":143,"file":144,"line":145},"action","wp_head","add_ajax_library","likes-posts-comments.php",138,{"type":141,"name":147,"callback":148,"file":144,"line":149},"wp_enqueue_scripts","register_plugin_scripts",141,{"type":141,"name":151,"callback":151,"file":144,"line":152},"delete_comment",144,{"type":141,"name":154,"callback":154,"file":144,"line":155},"delete_post",145,{"type":141,"name":157,"callback":158,"priority":11,"file":144,"line":159},"delete_blog","cleardatabase",146,{"type":141,"name":161,"callback":162,"file":163,"line":164},"admin_menu","create_admin_page_option","settings.php",21,{"type":141,"name":166,"callback":167,"file":163,"line":168},"admin_init","setup_plugin_options",22,[170,174],{"action":171,"nopriv":172,"callback":171,"hasNonce":172,"hasCapCheck":172,"file":144,"line":173},"like_a_post",false,142,{"action":175,"nopriv":172,"callback":175,"hasNonce":172,"hasCapCheck":172,"file":144,"line":176},"like_a_comment",143,[],[],[],{"dangerousFunctions":181,"sqlUsage":182,"outputEscaping":185,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":215},[],{"prepared":183,"raw":13,"locations":184},20,[],{"escaped":70,"rawEcho":186,"locations":187},15,[188,191,193,195,197,198,200,201,203,204,205,206,209,211,213],{"file":144,"line":189,"context":190},243,"raw output",{"file":144,"line":192,"context":190},293,{"file":144,"line":194,"context":190},314,{"file":163,"line":196,"context":190},129,{"file":163,"line":196,"context":190},{"file":163,"line":199,"context":190},134,{"file":163,"line":199,"context":190},{"file":163,"line":202,"context":190},139,{"file":163,"line":202,"context":190},{"file":163,"line":152,"context":190},{"file":163,"line":152,"context":190},{"file":207,"line":208,"context":190},"template-tags.php",16,{"file":207,"line":210,"context":190},23,{"file":207,"line":212,"context":190},30,{"file":207,"line":214,"context":190},38,[],[217,249,268],{"entryPoint":218,"graph":219,"unsanitizedCount":50,"severity":248},"like_a_comment (likes-posts-comments.php:205)",{"nodes":220,"edges":244},[221,226,232,235,239],{"id":222,"type":223,"label":224,"file":144,"line":225},"n0","source","$_POST['comment_id']",230,{"id":227,"type":228,"label":229,"file":144,"line":230,"wp_function":231},"n1","sink","query() [SQLi]",223,"query",{"id":233,"type":223,"label":224,"file":144,"line":234},"n2",236,{"id":236,"type":237,"label":238,"file":144,"line":234},"n3","transform","→ getTextNbLikeComment()",{"id":240,"type":228,"label":241,"file":144,"line":242,"wp_function":243},"n4","get_var() [SQLi]",121,"get_var",[245,246,247],{"from":222,"to":227,"sanitized":172},{"from":233,"to":236,"sanitized":172},{"from":236,"to":240,"sanitized":172},"high",{"entryPoint":250,"graph":251,"unsanitizedCount":50,"severity":248},"like_a_post (likes-posts-comments.php:252)",{"nodes":252,"edges":264},[253,256,258,260,262],{"id":222,"type":223,"label":254,"file":144,"line":255},"$_POST['post_id']",277,{"id":227,"type":228,"label":229,"file":144,"line":257,"wp_function":231},270,{"id":233,"type":223,"label":254,"file":144,"line":259},284,{"id":236,"type":237,"label":261,"file":144,"line":259},"→ getTextNbLikePost()",{"id":240,"type":228,"label":241,"file":144,"line":263,"wp_function":243},103,[265,266,267],{"from":222,"to":227,"sanitized":172},{"from":233,"to":236,"sanitized":172},{"from":236,"to":240,"sanitized":172},{"entryPoint":269,"graph":270,"unsanitizedCount":70,"severity":248},"\u003Clikes-posts-comments> (likes-posts-comments.php:0)",{"nodes":271,"edges":287},[272,273,274,275,276,277,279,281,283,285],{"id":222,"type":223,"label":224,"file":144,"line":225},{"id":227,"type":228,"label":229,"file":144,"line":230,"wp_function":231},{"id":233,"type":223,"label":254,"file":144,"line":255},{"id":236,"type":228,"label":229,"file":144,"line":257,"wp_function":231},{"id":240,"type":223,"label":224,"file":144,"line":234},{"id":278,"type":237,"label":238,"file":144,"line":234},"n5",{"id":280,"type":228,"label":241,"file":144,"line":242,"wp_function":243},"n6",{"id":282,"type":223,"label":254,"file":144,"line":259},"n7",{"id":284,"type":237,"label":261,"file":144,"line":259},"n8",{"id":286,"type":228,"label":241,"file":144,"line":263,"wp_function":243},"n9",[288,289,290,291,292,293],{"from":222,"to":227,"sanitized":172},{"from":233,"to":236,"sanitized":172},{"from":240,"to":278,"sanitized":172},{"from":278,"to":280,"sanitized":172},{"from":282,"to":284,"sanitized":172},{"from":284,"to":286,"sanitized":172},{"summary":295,"deductions":296},"The \"likes-posts-comments\" v1.1 plugin presents a concerning security posture despite some positive aspects. While it avoids dangerous functions, raw SQL queries, and external HTTP requests, its attack surface is significantly exposed. The presence of two AJAX handlers without any authentication or capability checks is a critical vulnerability, allowing unauthenticated users to potentially trigger plugin functionalities. The taint analysis further highlights this risk, revealing three high-severity flows with unsanitized paths, strongly suggesting these AJAX endpoints are susceptible to injection attacks. The lack of nonce checks on these AJAX actions exacerbates the problem, making cross-site request forgery (CSRF) attacks highly probable.  Furthermore, only 21% of output is properly escaped, increasing the risk of cross-site scripting (XSS) vulnerabilities. The plugin's vulnerability history is clean, indicating a lack of past exploitable issues, which is positive. However, this historical data does not mitigate the immediate and significant risks identified in the current code analysis. The plugin's overall security is weak due to its exposed attack surface and lack of fundamental security checks.",[297,299,301,303],{"reason":298,"points":11},"AJAX handlers without auth checks",{"reason":300,"points":186},"High severity taint flows (unsanitized paths)",{"reason":302,"points":11},"Missing nonce checks",{"reason":304,"points":305},"Low output escaping percentage",8,"2026-04-16T11:53:27.661Z",{"wat":308,"direct":317},{"assetPaths":309,"generatorPatterns":312,"scriptPaths":313,"versionParams":314},[310,311],"\u002Fwp-content\u002Fplugins\u002Flikes-posts-comments\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Flikes-posts-comments\u002Fjs\u002Flikes.js",[],[311],[315,316],"likes-posts-comments\u002Fcss\u002Fstyle.css?ver=","likes-posts-comments\u002Fjs\u002Flikes.js?ver=",{"cssClasses":318,"htmlComments":325,"htmlAttributes":326,"restEndpoints":329,"jsGlobals":330,"shortcodeOutput":332},[319,320,321,322,323,324],"likes-post-link","dolike","doUnlike","likes-comment-link","nb-likes-post","nb-likes-comment",[],[327,328],"rel=\"postID_","rel=\"commentID_",[],[331],"var ajax_url = '",[],{"error":334,"url":335,"statusCode":336,"statusMessage":337,"message":337},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Flikes-posts-comments\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":50,"versions":339},[340,345],{"version":6,"download_url":24,"svn_tag_url":341,"released_at":26,"has_diff":172,"diff_files_changed":342,"diff_lines":26,"trac_diff_url":343,"vulnerabilities":344,"is_current":334},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Flikes-posts-comments\u002Ftags\u002F1.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Flikes-posts-comments%2Ftags%2F1.0&new_path=%2Flikes-posts-comments%2Ftags%2F1.1",[],{"version":88,"download_url":346,"svn_tag_url":347,"released_at":26,"has_diff":172,"diff_files_changed":348,"diff_lines":26,"trac_diff_url":26,"vulnerabilities":349,"is_current":172},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flikes-posts-comments.1.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Flikes-posts-comments\u002Ftags\u002F1.0\u002F",[],[]]