[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fH5NaJwDkU5d_lpsOXiQWLCfhbeEJz05PACIZ8knlVHA":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":20,"download_link":21,"security_score":22,"vuln_count":23,"unpatched_count":23,"last_vuln_date":24,"fetched_at":25,"vulnerabilities":26,"developer":27,"crawl_stats":24,"alternatives":35,"analysis":36,"fingerprints":113},"notifications","Notifications","1.1.3","Chris Reynolds","https:\u002F\u002Fprofiles.wordpress.org\u002Fjazzs3quence\u002F","\u003Cp>How many times have you needed to display a notice across your site? Too many, if you ask me. I wrote this plugin because many of the notification bar plugins out there leave much to be desired. Either there are too many options or not enough or not the ones that I want. Plus, it’s not easy to create a notice — you have to go to some crazy screen and set options unique to that plugin.\u003C\u002Fp>\n\u003Cp>This plugin uses custom post types, so notifications are set up like mini-posts that we all know and love. Multiple controls, as well as a built-in filter, enable developers and casual users alike to easily customize the notification bar to your heart’s content.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Update:\u003C\u002Fstrong> This plugin now supports the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fzamoose\u002Fthemehookalliance\" rel=\"nofollow ugc\">Theme Hook Alliance\u003C\u002Fa> \u003Ccode>tha_body_top\u003C\u002Fcode> action. If you are using the \u003Ccode>body_open\u003C\u002Fcode> action in your child theme, please change this to \u003Ccode>tha_body_top\u003C\u002Fcode>, e.g.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>do_action( 'tha_body_top' );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Usage\u003C\u002Fh4>\n\u003Cp>Notifications looks for the \u003Ccode>body_open\u003C\u002Fcode> hook. This hook  was first \u003Ca href=\"https:\u002F\u002Fcore.trac.wordpress.org\u002Fticket\u002F12563#comment:10\" rel=\"nofollow ugc\">proposed on Trac\u003C\u002Fa> by \u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Fnacin\" rel=\"nofollow ugc\">Andrew Nacin\u003C\u002Fa> as a way to hook into an action that fires immediately after the \u003Ccode>\u003Cbody>\u003C\u002Fcode> tag in the code.\u003C\u002Fp>\n\u003Cp>Want to filter the output to customize how the notification gets displayed? Use the \u003Ccode>notf_notification_filter\u003C\u002Fcode> filter in your plugin or theme, like this:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>     function my_test_filter( $output ) {\n        $output = '\u003Cspan class=\"whoops-i-did-it-again\" style=\"color: red;\">'.notf_message().'\u003C\u002Fspan>';\n        return $output;\n     }\n     add_filter( 'notf_notification_filter', 'my_test_filter' );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cstrong>Important:\u003C\u002Fstrong> Use the \u003Ccode>notf_message\u003C\u002Fcode> function in your filter to return the actual notification.\u003C\u002Fp>\n","Easy, customizable notifications for your WordPress site",30,4093,100,2,"2014-06-04T22:15:00.000Z","3.9.40","3.0","",[],"http:\u002F\u002Fmuseumthemes.com\u002Fnotifications\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnotifications.1.1.3.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":28,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":30,"avg_security_score":31,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},"jazzs3quence",4,1240,88,141,71,"2026-04-04T05:51:15.823Z",[],{"attackSurface":37,"codeSignals":80,"taintFlows":105,"riskAssessment":106,"analyzedAt":112},{"hooks":38,"ajaxHandlers":76,"restRoutes":77,"shortcodes":78,"cronEvents":79,"entryPointCount":23,"unprotectedCount":23},[39,45,48,52,57,61,65,68,72],{"type":40,"name":41,"callback":42,"priority":23,"file":43,"line":44},"action","init","notf_post_type_notifications","notifications.php",59,{"type":40,"name":46,"callback":47,"file":43,"line":33},"admin_init","notf_settings_init",{"type":40,"name":49,"callback":50,"file":43,"line":51},"admin_menu","notf_add_options_page",83,{"type":53,"name":54,"callback":55,"file":43,"line":56},"filter","enter_title_here","notf_change_default_title",255,{"type":53,"name":58,"callback":59,"file":43,"line":60},"get_sample_permalink_html","notf_remove_permalink",273,{"type":40,"name":62,"callback":63,"file":43,"line":64},"wp_head","notf_custom_css_output",351,{"type":40,"name":62,"callback":66,"file":43,"line":67},"notf_css",366,{"type":40,"name":69,"callback":70,"file":43,"line":71},"tha_body_top","notf_display",378,{"type":40,"name":73,"callback":74,"file":43,"line":75},"admin_head","notf_icons",410,[],[],[],[],{"dangerousFunctions":81,"sqlUsage":82,"outputEscaping":84,"fileOperations":23,"externalRequests":23,"nonceChecks":23,"capabilityChecks":23,"bundledLibraries":104},[],{"prepared":23,"raw":23,"locations":83},[],{"escaped":85,"rawEcho":86,"locations":87},13,7,[88,92,94,96,98,100,102],{"file":89,"line":90,"context":91},"inc\\option-setup.php",31,"raw output",{"file":89,"line":93,"context":91},57,{"file":89,"line":95,"context":91},67,{"file":89,"line":97,"context":91},93,{"file":89,"line":99,"context":91},119,{"file":43,"line":101,"context":91},348,{"file":43,"line":103,"context":91},376,[],[],{"summary":107,"deductions":108},"Based on the provided static analysis and vulnerability history, the 'notifications' plugin v1.1.3 exhibits a strong security posture. The absence of any identified attack surface points, dangerous functions, file operations, or external HTTP requests is a significant positive.  Furthermore, all SQL queries are prepared, and there are no recorded vulnerabilities or CVEs, suggesting a well-maintained and secure codebase. This lack of known issues and attack vectors indicates a robust development process focused on security. The primary area for improvement lies in output escaping, where 35% of outputs are not properly escaped. While there are no direct indicators of immediate exploitation due to this, it represents a potential risk for cross-site scripting (XSS) vulnerabilities if user-supplied data is involved in these unescaped outputs. Despite this, the overall assessment is positive, with a strong foundation of secure coding practices.",[109],{"reason":110,"points":111},"Unescaped output detected",5,"2026-03-16T22:33:31.536Z",{"wat":114,"direct":121},{"assetPaths":115,"generatorPatterns":118,"scriptPaths":119,"versionParams":120},[116,117],"\u002Fwp-content\u002Fplugins\u002Fnotifications\u002Fcss\u002F","\u002Fwp-content\u002Fplugins\u002Fnotifications\u002Fjs\u002F",[],[],[],{"cssClasses":122,"htmlComments":124,"htmlAttributes":125,"restEndpoints":126,"jsGlobals":127,"shortcodeOutput":128},[123],"notf_notification_wrapper",[],[],[],[],[]]