[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fX_muyQLNByD8pFfIO2bjh_OtoLwE1s3ZN-0J5tu-z_o":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":15,"requires_php":15,"tags":16,"homepage":21,"download_link":22,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25,"vulnerabilities":26,"developer":27,"crawl_stats":24,"alternatives":33,"analysis":34,"fingerprints":95},"multiple-user-post","Multiple User Post","2.0","Kapil Lohakare","https:\u002F\u002Fprofiles.wordpress.org\u002Fkapillohakare\u002F","\u003Cul>\n\u003Cli>This plugin will be helpful if you want to have multiple editor for single post.\u003C\u002Fli>\n\u003Cli>This plugin will add the multiple users to single post so that each user can contribute to the post.\u003C\u002Fli>\n\u003Cli>The Plugin will send and email to registered user to add\u002Fsuggest the edits in the given post.\u003C\u002Fli>\n\u003Cli>Post author can select\u002Fassign the user to post and publish the post.\u003C\u002Fli>\n\u003Cli>The same post content will be forwarded to users and email be sent out for suggesting update.\u003C\u002Fli>\n\u003Cli>User will logged into the admin panel and edit the post at their end. Same information will be forwarded to the author of the post. This information will be displayed into the meta field of the post and author can see it.\u003C\u002Fli>\n\u003Cli>One new “Unread” Custom post type is created for storing these suggestions and this CPT will be hidden from front end so that these edits access protection will be controlled.\u003C\u002Fli>\n\u003Cli>This is because it has one to one relationship within post and users table. This plugin will be helpful for suggest an update for post by different users.\u003C\u002Fli>\n\u003C\u002Ful>\n","assign users, delegate post, edit me, post relationship, one to many, many to many, user post, multiple posts, suggest edit, multiple edit.",10,1468,0,"2016-07-05T15:57:00.000Z","",[17,18,19,4,20],"admin-user-roles","more-editors","more-users","multiple-user-to-single-post","#","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmultiple-user-post.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":28,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":11,"avg_security_score":23,"avg_patch_time_days":30,"trust_score":31,"computed_at":32},"kapillohakare",1,30,84,"2026-04-04T06:57:50.999Z",[],{"attackSurface":35,"codeSignals":70,"taintFlows":85,"riskAssessment":86,"analyzedAt":94},{"hooks":36,"ajaxHandlers":58,"restRoutes":66,"shortcodes":67,"cronEvents":68,"entryPointCount":69,"unprotectedCount":69},[37,43,47,51,55],{"type":38,"name":39,"callback":40,"file":41,"line":42},"action","admin_enqueue_scripts","multiple_user_post_enqueue_scripts","multiple-user-post.php",29,{"type":38,"name":44,"callback":45,"priority":11,"file":41,"line":46},"save_post","multiple_user_post_save_admin",133,{"type":38,"name":48,"callback":49,"file":41,"line":50},"add_meta_boxes","multiple_user_post_add_meta_admin",140,{"type":38,"name":52,"callback":53,"file":41,"line":54},"init","multiple_user_post_status",177,{"type":38,"name":52,"callback":56,"file":41,"line":57},"multiple_user_post_unread_init",180,[59,63],{"action":60,"nopriv":61,"callback":60,"hasNonce":61,"hasCapCheck":61,"file":41,"line":62},"multiple_user_post_getpage",false,31,{"action":60,"nopriv":64,"callback":60,"hasNonce":61,"hasCapCheck":61,"file":41,"line":65},true,32,[],[],[],2,{"dangerousFunctions":71,"sqlUsage":72,"outputEscaping":74,"fileOperations":13,"externalRequests":13,"nonceChecks":29,"capabilityChecks":29,"bundledLibraries":84},[],{"prepared":13,"raw":13,"locations":73},[],{"escaped":13,"rawEcho":75,"locations":76},3,[77,80,82],{"file":41,"line":78,"context":79},52,"raw output",{"file":41,"line":81,"context":79},75,{"file":41,"line":83,"context":79},148,[],[],{"summary":87,"deductions":88},"The \"multiple-user-post\" v2.0 plugin presents a mixed security posture. While it demonstrates good practices in avoiding dangerous functions, raw SQL queries, and external HTTP requests, significant concerns arise from its attack surface and output escaping.  The plugin exposes two AJAX handlers, both of which lack authentication checks. This is a critical oversight that could allow unauthorized users to trigger plugin functionality. Furthermore, all three identified output instances are not properly escaped, leaving the plugin vulnerable to cross-site scripting (XSS) attacks where user-supplied data could be injected and executed in other users' browsers.  The absence of any recorded vulnerabilities in its history is a positive sign, suggesting a generally stable codebase. However, this should not overshadow the immediate risks identified in the static analysis. The plugin's strengths lie in its SQL handling and lack of known CVEs, but the critical gaps in authorization and output sanitization pose a tangible threat that requires immediate attention.",[89,91],{"reason":90,"points":11},"Unprotected AJAX handlers",{"reason":92,"points":93},"Unescaped output",8,"2026-03-17T00:42:06.115Z",{"wat":96,"direct":105},{"assetPaths":97,"generatorPatterns":100,"scriptPaths":101,"versionParams":102},[98,99],"\u002Fwp-content\u002Fplugins\u002Fmultiple-user-post\u002Fjs\u002Fjquery-ui.js","\u002Fwp-content\u002Fplugins\u002Fmultiple-user-post\u002Fjs\u002Fcustom.js",[],[98,99],[103,104],"multiple-user-post\u002Fjs\u002Fjquery-ui.js?ver=","multiple-user-post\u002Fjs\u002Fcustom.js?ver=",{"cssClasses":106,"htmlComments":109,"htmlAttributes":110,"restEndpoints":114,"jsGlobals":116,"shortcodeOutput":118},[107,108],"ui-widget","ui-widget-content",[],[111,112,113],"id=\"birds\"","id=\"log\"","data-wp-editor-id=\"user_editor_.*\"",[115],"\u002Fwp-json\u002Fmultiple-user-post\u002Fv1\u002Fsome-endpoint",[117],"script_object",[]]