[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f9wFYGBADJObxeMJkoNE9TphTBQudOldS-HqaEAFBlKo":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":34,"analysis":143,"fingerprints":265},"nolip-nofollow-links-in-posts-reborn","NoLiP – Nofollow Links in Posts Reborn","2.0","patrickcurl","https:\u002F\u002Fprofiles.wordpress.org\u002Fpatrickcurl\u002F","\u003Cp>The NoLiP plugin enables you to add the “nofollow” attribute into links in a post within a specified category. This plugin is useful if you are doing sponsored posts. You can set the plugin to add the “nofollow” attribute for posts older than “X” days.\u003C\u002Fp>\n\u003Cp>Originally the Nofollow Links in Post Plugin found here:\u003Cbr \u002F>\nhttp:\u002F\u002Fwww.themiak.com\u002Fwp-plugins\u002Fnofollow-links-in-posts\u002F\u003C\u002Fp>\n","Adds the rel=\"nofollow\" to links in posts within a selected category. Useful for sponsored posts.",10,4730,0,"2009-06-25T01:03:00.000Z","2.8","",[18,19,20,21,22],"link","links","nofollow","post","sponsored","http:\u002F\u002Fwww.theresabloginmysoup.com\u002Fwordpress-plugins\u002Fnolip\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnolip-nofollow-links-in-posts-reborn.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},1,30,84,"2026-04-04T22:27:16.038Z",[35,61,80,103,123],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":45,"num_ratings":46,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":50,"tags":51,"homepage":16,"download_link":57,"security_score":58,"vuln_count":59,"unpatched_count":13,"last_vuln_date":60,"fetched_at":27},"mww-disclaimer-buttons","MWW Disclaimer Buttons","3.5","Jennifer Moss","https:\u002F\u002Fprofiles.wordpress.org\u002Fmossifer\u002F","\u003Cp>For bloggers\u002Fcontent creators that accept free products or compensation for reviews, or use affiliate links, the FTC requires that you put disclosures at the top of any post or page.\u003C\u002Fp>\n\u003Cp>This plugin creates an options box in the POST or PAGE editor for you to add each of these buttons to your post without having to include it in post text.\u003C\u002Fp>\n\u003Cp>[Affiliate Links] – Blogger makes money when someone clicks on link and purchases product from 3rd party vendor.\u003C\u002Fp>\n\u003Cp>[PR Sample] – Free product was received by blogger in exchange for a review and\u002For post.\u003C\u002Fp>\n\u003Cp>[Sponsored] – Blogger was paid directly for the post\u002Fpage.\u003C\u002Fp>\n\u003Cp>The disclaimer buttons appear below the title and above the text on a single post or page–they do not appear on excerpts nor your RSS feed.\u003C\u002Fp>\n\u003Ch3>Short Description\u003C\u002Fh3>\n\u003Cp>Generates disclaimer buttons for bloggers that receive any compensation for reviews, including affiliate links.\u003C\u002Fp>\n\u003Ch3>Markdown\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Admin Page for entering disclaimer URL\u003C\u002Fli>\n\u003Cli>Settings box on post page\u003C\u002Fli>\n\u003Cli>Appends buttons to the_content() (post text) on single post or page only.\u003C\u002Fli>\n\u003C\u002Fol>\n","The FTC requires that you put disclosures at the top of your post if you were compensated in any way (affiliate links, free products, or payment).",500,13988,100,3,"2025-10-08T20:30:00.000Z","6.8.5","4.2","7.0",[52,53,54,55,56],"affiliate-links","disclaimers","disclosures","pr-samples","sponsored-posts","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmww-disclaimer-buttons.zip",98,2,"2025-09-26 00:00:00",{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":69,"downloaded":70,"rating":45,"num_ratings":71,"last_updated":72,"tested_up_to":73,"requires_at_least":74,"requires_php":50,"tags":75,"homepage":78,"download_link":79,"security_score":45,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"affiliate-link-marker","Affiliate Link Marker","1.0.9","Johannes Kinast","https:\u002F\u002Fprofiles.wordpress.org\u002Fgoaroundagain\u002F","\u003Cp>A WordPress Plugin to mark your Affiliate Links with a \u003Ccode>*\u003C\u002Fcode>, add \u003Ccode>rel=\"nofollow sponsored noopener\"\u003C\u002Fcode> to affiliate links and attach a disclosure at the end of every post which contains at least one affiliate link.\u003C\u002Fp>\n\u003Cp>You can manage your own list of affiliate tracking domains or URL parts (used to detect affiliate links) and change the disclosure text.\u003C\u002Fp>\n\u003Cp>Works great with Multisites. If activated networkwide, you can manage your affiliate domains from your Network Admin Area and the disclosure (e.g. translated) for every single page.\u003C\u002Fp>\n\u003Cp>The following Affiliate Networks with the corresponding tracking domains are supported out of the box (but you can add your own or remove unused):\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Amazon PartnerNet \u003Ccode>amazon\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Webgains \u003Ccode>track.webgains.com\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>AWIN \u003Ccode>awin1.com\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>financeAds \u003Ccode>financeads.net\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Performance Horizon\u002FPartnerize \u003Ccode>prf.hn\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Belboon \u003Ccode>belboon.de\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Tradedoubler \u003Ccode>tradedoubler.com\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Adcell \u003Ccode>adcell.de\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>TradeTracker \u003Ccode>tc.tradetracker.net\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Daisycon \u003Ccode>ds1.nl\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>ShareASale \u003Ccode>shareasale.com\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>CJ.com \u003Ccode>jdoqocy.com\u003C\u002Fcode> \u003Ccode>tkqlhce.com\u003C\u002Fcode> \u003Ccode>anrdoezrs.net\u003C\u002Fcode> \u003Ccode>dpbolvw.net\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>FinanceQuality \u003Ccode>l.neqty.net\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Target Circle \u003Ccode>c.trackmytarget.com\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>NetAffiliation \u003Ccode>action.metaffiliation.com\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Selecdoo \u003Ccode>work.selecdoo.com\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Viglink \u003Ccode>viglink.com\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>eBay Partner Network \u003Ccode>rover.ebay.com\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Groupon Partner Network \u003Ccode>t.groupon\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Saturn + Media Markt Private Network \u003Ccode>pvn.mediamarkt.de\u003C\u002Fcode> \u003Ccode>pvn.saturn.de\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>StackCommerce \u003Ccode>stacksocial.com\u003C\u002Fcode> \u003Ccode>citizengoods.com\u003C\u002Fcode> \u003Ccode>skillwise.com\u003C\u002Fcode> \u003Ccode>joyus.com\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n","Mark your Affiliate Links with a *, add rel=\"nofollow sponsored noopener\" to affiliate links and attach a disclosure at the end of e &hellip;",400,5846,6,"2025-12-05T12:51:00.000Z","6.9.4","4.6",[76,19,77,20,22],"affiliate","multisite","https:\u002F\u002Fgo-around.de\u002Fplugin\u002Faffiliate-marker","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Faffiliate-link-marker.zip",{"slug":81,"name":82,"version":83,"author":84,"author_profile":85,"description":86,"short_description":87,"active_installs":88,"downloaded":89,"rating":90,"num_ratings":91,"last_updated":92,"tested_up_to":73,"requires_at_least":49,"requires_php":93,"tags":94,"homepage":99,"download_link":100,"security_score":101,"vuln_count":46,"unpatched_count":13,"last_vuln_date":102,"fetched_at":27},"wp-external-links","External Links – nofollow, noopener & new window","2.63","WebFactory","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebfactory\u002F","\u003Cp>\u003Cstrong>Manage all external & internal links on your site\u003C\u002Fstrong>. Control icons, nofollow, noopener, ugc (User Generated Content), sponsored and if links open in new window or new tab.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgetwplinks.com\u002F\" rel=\"nofollow ugc\">WP Links\u003C\u002Fa> plugin was completely rebuilt in v2 and has lots of new features, like noopener, ugc and sponsored values for rel; font icons, internal links options and full WPMU support.\u003C\u002Fp>\n\u003Ch4>Link Scanner – PRO feature\u003C\u002Fh4>\n\u003Cp>Check every single link on your site! See if it’s broken or not, if it’s redirected, what’s the target and rel attribute and what page exactly it’s linking to. This feature is a part of the \u003Ca href=\"https:\u002F\u002Fgetwplinks.com\u002F\" rel=\"nofollow ugc\">WP Links PRO\u003C\u002Fa> plugin.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Manage external and internal links\u003C\u002Fli>\n\u003Cli>Open links in new window or tab\u003C\u002Fli>\n\u003Cli>Add follow or nofollow (for SEO)\u003C\u002Fli>\n\u003Cli>Add noopener and noreferrer (for security)\u003C\u002Fli>\n\u003Cli>Add ugc (User Generated Content) and sponsored values to rel (\u003Ca href=\"https:\u002F\u002Fwebmasters.googleblog.com\u002F2019\u002F09\u002Fevolving-nofollow-new-ways-to-identify.html\" rel=\"nofollow ugc\">Google announcement\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Add link icons (FontAwesome and Dashicons)\u003C\u002Fli>\n\u003Cli>Set other attributes like title and CSS classes\u003C\u002Fli>\n\u003Cli>Scan complete page (or just posts, comments, widgets)\u003C\u002Fli>\n\u003Cli>SEO friendly\u003C\u002Fli>\n\u003Cli>Link Scanner – check all links on your site – PRO feature\u003C\u002Fli>\n\u003Cli>Exit Confirmation – protect visitors and traffic when external links are clicked – PRO feature\u003C\u002Fli>\n\u003Cli>Link Rules – create advanced link rules for chosen link groups – PRO feature\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>And more…\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Network Settings (WPMU support)\u003C\u002Fli>\n\u003Cli>Use template tag to apply plugin settings on specific contents\u003C\u002Fli>\n\u003Cli>Set data-attribute to change how individual links will be treated\u003C\u002Fli>\n\u003Cli>Use built-in actions and filters to implement your specific needs\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Easy to use\u003C\u002Fh4>\n\u003Cp>After activating you can set all options for external and internal links on the plugins admin page.\u003C\u002Fp>\n\u003Ch4>On the fly\u003C\u002Fh4>\n\u003Cp>The plugin filters the output and changes the links on the fly. The real contents (posts, pages, widget etcetera) will not be changed in the database.\u003Cbr \u002F>\nWhen deactivating the plugin, all contents will be the same as it was before.\u003C\u002Fp>\n\u003Ch4>GDPR compatibility\u003C\u002Fh4>\n\u003Cp>We are not lawyers. Please do not take any of the following as legal advice.\u003Cbr \u002F>\nWP External Links does not track, collect or process any user data. Nothing is logged or pushed to any 3rd parties. We also don’t use any 3rd party services or CDNs. Based on that, we feel it’s GDPR compatible, but again, please, don’t take this as legal advice.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Like the plugin?\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fview\u002Fplugin-reviews\u002Fwp-external-links\" rel=\"ugc\">Rate it\u003C\u002Fa> to support the development.\u003C\u002Fp>\n\u003Cp>If you’re having \u003Cstrong>problems with SSL or HTTPS\u003C\u002Fstrong> try our free \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-force-ssl\u002F\" rel=\"ugc\">WP Force SSL\u003C\u002Fa> plugin. It’s a great way to enable SSL and fix SSL problems.\u003C\u002Fp>\n\u003Ch3>Documentation\u003C\u002Fh3>\n\u003Cp>After activating you can set all options for external and internal links.\u003C\u002Fp>\n\u003Ch4>Data attribute “data-wpel-link”\u003C\u002Fh4>\n\u003Cp>Links being processed by this plugin will also contain the data-attribute \u003Ccode>data-wpel-link\u003C\u002Fcode>.\u003Cbr \u002F>\nThe plugin could set the value to \u003Ccode>external\u003C\u002Fcode>, \u003Ccode>internal\u003C\u002Fcode> or \u003Ccode>exclude\u003C\u002Fcode>, meaning how the\u003Cbr \u002F>\nlink was processed.\u003C\u002Fp>\n\u003Cp>You can also set the data-attribute yourself. This way you can force how the plugin will process\u003Cbr \u002F>\ncertain links.\u003C\u002Fp>\n\u003Cp>When you add the value \u003Ccode>ignore\u003C\u002Fcode>, the link will be completely ignored by the plugin:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003Ca href=\"http:\u002F\u002Fsomedomain.com\" data-wpel-link=\"ignore\">Go to somedomain\u003C\u002Fa>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Action “wpel_link”\u003C\u002Fh4>\n\u003Cp>Use this action to change the link object after all plugin settings have been applied.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>add_action( 'wpel_link', ( $link_object ) {\n    if ( $link_object->is_external() ) {\n        \u002F\u002F get current url\n        $url = $link_object->getAttribute( 'href' );\n\n        \u002F\u002F set redirect url\n        $redirect_url = '\u002F\u002Fsomedom.com?url='. urlencode( $url );\n        $link_object->setAttribute( 'href', $redirect_url );\n    }\n}, 10, 1 );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>The link object is an instance of \u003Ccode>WPEL_Link\u003C\u002Fcode> class.\u003C\u002Fp>\n\u003Ch4>Action hook “wpel_before_apply_link”\u003C\u002Fh4>\n\u003Cp>Use this action to change the link object before the plugin settings will be applied on the link.\u003Cbr \u002F>\nYou can use this filter f.e. to ignore individual links from being processed. Or change dynamically how\u003Cbr \u002F>\nthey will be treated by this plugin.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>add_action( 'wpel_before_apply_link', function ( $link ) {\n    \u002F\u002F ignore links with class \"some-cls\"\n    if ( $link->has_attr_value( 'class', 'some-cls' ) ) {\n        $link->set_ignore();\n    }\n\n    \u002F\u002F mark and treat links with class \"ext-cls\" as external link\n    if ( $link->has_attr_value( 'class', 'ext-cls' ) ) {\n        $link->set_external();\n    }\n}, 10 );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Filter hook “wpel_apply_settings”\u003C\u002Fh4>\n\u003Cp>When filter returns false the plugin settings will not be applied. Can be used when f.e. certain posts or pages should be ignored by this plugin.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>add_filter( 'wpel_apply_settings', '__return_false' );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>See \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-external-links\u002Ffaq\u002F\" rel=\"ugc\">FAQ\u003C\u002Fa> for more info.\u003C\u002Fp>\n","Internal links & external links manager: open in new window or tab, control nofollow, ugc, sponsored & noopener. SEO friendly.",90000,1641157,86,247,"2025-12-03T19:28:00.000Z","7.2",[95,96,97,20,98],"external-links","new-tab","new-window","noopener","https:\u002F\u002Fgetwplinks.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-external-links.2.63.zip",99,"2023-03-08 00:00:00",{"slug":104,"name":105,"version":106,"author":107,"author_profile":108,"description":109,"short_description":110,"active_installs":111,"downloaded":112,"rating":13,"num_ratings":13,"last_updated":113,"tested_up_to":73,"requires_at_least":114,"requires_php":115,"tags":116,"homepage":121,"download_link":122,"security_score":45,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"raratheme-companion","RaraTheme Companion","1.4.4","Rara Themes","https:\u002F\u002Fprofiles.wordpress.org\u002Fraratheme\u002F","\u003Cp>RaraTheme Companion is truly a must have companion for your website. It provides 23 useful and frequently used widgets that you can add to the sidebars to create an engaging website.\u003C\u002Fp>\n\u003Ch3>Widgets offered\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Advertisement\u003C\u002Fli>\n\u003Cli>A Featured Page\u003C\u002Fli>\n\u003Cli>Author Bio\u003C\u002Fli>\n\u003Cli>Call to Action\u003C\u002Fli>\n\u003Cli>Client Logo\u003C\u002Fli>\n\u003Cli>Contact\u003C\u002Fli>\n\u003Cli>Custom Categories\u003C\u002Fli>\n\u003Cli>Facebook Page\u003C\u002Fli>\n\u003Cli>FAQs\u003C\u002Fli>\n\u003Cli>Featured Post\u003C\u002Fli>\n\u003Cli>Icon Text\u003C\u002Fli>\n\u003Cli>Image Text\u003C\u002Fli>\n\u003Cli>Image\u003C\u002Fli>\n\u003Cli>Latest Tweets\u003C\u002Fli>\n\u003Cli>Pinterest\u003C\u002Fli>\n\u003Cli>Popular Post\u003C\u002Fli>\n\u003Cli>Posts Category Slider\u003C\u002Fli>\n\u003Cli>Recent Post\u003C\u002Fli>\n\u003Cli>Snapchat\u003C\u002Fli>\n\u003Cli>Social Media\u003C\u002Fli>\n\u003Cli>Stat Counter\u003C\u002Fli>\n\u003Cli>Team Member\u003C\u002Fli>\n\u003Cli>Testimonial\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>The plugin works best with themes developed by Rara Theme.\u003C\u002Fp>\n\u003Cp>The plugin also provides simple yet clean code which allows developers to overwrite the plugin properties. The plugin offers a multiple numbers of filters and action hooks which for maximum flexibility to the developers.\u003C\u002Fp>\n","23 extremely useful custom widgets to create an engaging website.",10000,497772,"2026-01-06T05:43:00.000Z","4.4.0","7.4",[117,118,119,120],"posts","sidebars","social-links","widgets","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fraratheme-companion","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fraratheme-companion.1.4.4.zip",{"slug":124,"name":125,"version":126,"author":127,"author_profile":128,"description":129,"short_description":130,"active_installs":131,"downloaded":132,"rating":133,"num_ratings":134,"last_updated":135,"tested_up_to":136,"requires_at_least":15,"requires_php":16,"tags":137,"homepage":141,"download_link":142,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"sem-external-links","External Links","6.8.1","Denis de Bernardy","https:\u002F\u002Fprofiles.wordpress.org\u002Fdenis-de-bernardy\u002F","\u003Cp>The external links plugin for WordPress lets you process outgoing links differently from internal links.\u003C\u002Fp>\n\u003Ch4>Usage\u003C\u002Fh4>\n\u003Cp>Under Settings \u002F External Links, you can configure the plugin to:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Process all outgoing links, rather than only those within your entries’ content and text widgets.\u003C\u002Fli>\n\u003Cli>Add an external link icon to outgoing links. You can use a class=”no_icon” attribute on links to override this.\u003C\u002Fli>\n\u003Cli>Add rel=nofollow to the links. (Note: You can use a rel=”follow” attribute on links to override this.)\u003C\u002Fli>\n\u003Cli>Open outgoing links in new windows. Note that this can damage your visitor’s trust towards your site in that they can think your site used a pop-under.\u003C\u002Fli>\n\u003Cli>Turn on “autolinks” functionality.\u003C\u002Fli>\n\u003Cli>Domains\u002Fsubdomains you wish to Exclude from processing.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Auto Links\u003C\u002Fh4>\n\u003Cp>The Autolink functionality automatically converts urls to hyperlinked urls in post\u002Fpage content, excerpts and text widgets.\u003C\u002Fp>\n\u003Cp>Before:\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>www.semiologic.com\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>After:\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fwww.semiologic.com\" rel=\"nofollow ugc\">www.semiologic.com\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>Help Me!\u003C\u002Fh4>\n\u003Cp>The \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fsem-external-links\" rel=\"ugc\">Plugin’s Forum\u003C\u002Fa> is the best place to report issues.\u003C\u002Fp>\n","The external links plugin for WordPress lets you process outgoing links differently from internal links.",9000,357821,96,36,"2017-11-28T08:44:00.000Z","4.7.32",[95,138,139,20,140],"link-target","link-icon","semiologic","http:\u002F\u002Fwww.semiologic.com\u002Fsoftware\u002Fexternal-links\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsem-external-links.zip",{"attackSurface":144,"codeSignals":177,"taintFlows":211,"riskAssessment":251,"analyzedAt":264},{"hooks":145,"ajaxHandlers":173,"restRoutes":174,"shortcodes":175,"cronEvents":176,"entryPointCount":13,"unprotectedCount":13},[146,152,156,160,163,167,170],{"type":147,"name":148,"callback":149,"file":150,"line":151},"action","the_content","make_nofollow_links","nolip.php",120,{"type":147,"name":153,"callback":154,"file":150,"line":155},"admin_menu","add_makenofollowoption_page",145,{"type":147,"name":157,"callback":158,"file":150,"line":159},"edit_form_advanced","advanced_makefollow",494,{"type":147,"name":161,"callback":158,"file":150,"line":162},"dbx_post_advanced",496,{"type":147,"name":164,"callback":165,"file":150,"line":166},"edit_post","nofollow2posts",501,{"type":147,"name":168,"callback":165,"file":150,"line":169},"publish_post",502,{"type":147,"name":171,"callback":165,"file":150,"line":172},"save_post",503,[],[],[],[],{"dangerousFunctions":178,"sqlUsage":187,"outputEscaping":189,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":210},[179,183,185],{"fn":180,"file":150,"line":181,"context":182},"unserialize",47,"$added_no_follow_cats = !is_array($added_no_follow_cats)?unserialize($added_no_follow_cats):$added_n",{"fn":180,"file":150,"line":184,"context":182},178,{"fn":180,"file":150,"line":186,"context":182},214,{"prepared":13,"raw":13,"locations":188},[],{"escaped":13,"rawEcho":190,"locations":191},9,[192,195,197,199,201,203,204,206,208],{"file":150,"line":193,"context":194},124,"raw output",{"file":150,"line":196,"context":194},133,{"file":150,"line":198,"context":194},336,{"file":150,"line":200,"context":194},340,{"file":150,"line":202,"context":194},346,{"file":150,"line":202,"context":194},{"file":150,"line":205,"context":194},357,{"file":150,"line":207,"context":194},393,{"file":150,"line":209,"context":194},395,[],[212,239],{"entryPoint":213,"graph":214,"unsanitizedCount":59,"severity":238},"display_makenofollow_settings (nolip.php:157)",{"nodes":215,"edges":234},[216,221,226,230],{"id":217,"type":218,"label":219,"file":150,"line":220},"n0","source","$_POST['older_than_days']",164,{"id":222,"type":223,"label":224,"file":150,"line":220,"wp_function":225},"n1","sink","update_option() [Settings Manipulation]","update_option",{"id":227,"type":218,"label":228,"file":150,"line":229},"n2","$_SERVER",159,{"id":231,"type":223,"label":232,"file":150,"line":209,"wp_function":233},"n3","echo() [XSS]","echo",[235,237],{"from":217,"to":222,"sanitized":236},false,{"from":227,"to":231,"sanitized":236},"medium",{"entryPoint":240,"graph":241,"unsanitizedCount":59,"severity":250},"\u003Cnolip> (nolip.php:0)",{"nodes":242,"edges":247},[243,244,245,246],{"id":217,"type":218,"label":219,"file":150,"line":220},{"id":222,"type":223,"label":224,"file":150,"line":220,"wp_function":225},{"id":227,"type":218,"label":228,"file":150,"line":229},{"id":231,"type":223,"label":232,"file":150,"line":209,"wp_function":233},[248,249],{"from":217,"to":222,"sanitized":236},{"from":227,"to":231,"sanitized":236},"low",{"summary":252,"deductions":253},"The nolip-nofollow-links-in-posts-reborn plugin v2.0 exhibits a mixed security posture. While it demonstrates good practices by avoiding SQL injection through prepared statements, having no file operations, and no external HTTP requests, several critical concerns are present. The plugin utilizes the `unserialize` function three times, which is a known vector for remote code execution if attacker-controlled data is passed to it. Additionally, 100% of its output is not properly escaped, creating a significant risk of cross-site scripting (XSS) vulnerabilities. The taint analysis reveals two flows with unsanitized paths, though they are not classified as critical or high severity in this report, they still indicate potential areas where malicious input could lead to unexpected behavior or exploits. The plugin's vulnerability history is clean, with no recorded CVEs, which is a positive sign. However, the presence of dangerous functions and unescaped output, coupled with the taint analysis findings, suggests that the clean history may be due to limited exposure or an incomplete analysis rather than inherent robust security. The absence of any attack surface entry points like AJAX handlers, REST API routes, or shortcodes is a strength, but it also means the security of the `unserialize` function and output handling is paramount and currently deficient.",[254,257,260,263],{"reason":255,"points":256},"Dangerous function: unserialize usage",15,{"reason":258,"points":259},"Unescaped output detected",8,{"reason":261,"points":262},"Taint flow with unsanitized path",5,{"reason":261,"points":262},"2026-03-17T00:54:01.362Z",{"wat":266,"direct":272},{"assetPaths":267,"generatorPatterns":269,"scriptPaths":270,"versionParams":271},[268],"\u002Fwp-content\u002Fplugins\u002Fnolip-nofollow-links-in-posts-reborn\u002Fnolip.php",[],[],[],{"cssClasses":273,"htmlComments":274,"htmlAttributes":275,"restEndpoints":276,"jsGlobals":277,"shortcodeOutput":278},[],[],[],[],[],[]]