[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f0eLM0bTUVRK7PCqS-vUqPiX0nR88ioirdmapX8kRMlk":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":39,"analysis":149,"fingerprints":304},"post-reaction","Post Reaction – Add Like or Emoji Reactions to Posts","1.0.0","bPlugins","https:\u002F\u002Fprofiles.wordpress.org\u002Fbplugins\u002F","\u003Cp>👉 \u003Ca href=\"https:\u002F\u002Fbplugins.com\u002Fproducts\u002Fpost-reaction\u002F#demos\" rel=\"nofollow ugc\">Plugin Demo\u003C\u002Fa> | \u003Ca href=\"#\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fbplugins.com\u002Fsupport\" rel=\"nofollow ugc\">Request a new features \u002F  Feedback\u003C\u002Fa> 👈\u003C\u002Fp>\n\u003Cp>“Count Post Reactions” is a robust plugin designed to enhance engagement on your WordPress site by providing valuable insights into user interactions with your content. With this plugin, you can effortlessly track and display various types of reactions, including likes, loves, cares, and even custom reactions.\u003C\u002Fp>\n\u003Cp>By implementing this plugin, you gain the ability to measure the impact of your posts in real-time, allowing you to tailor your content strategy to better resonate with your audience. The detailed reaction counts provide invaluable feedback on which posts are generating the most engagement, helping you optimize your content creation efforts for maximum impact.\u003C\u002Fp>\n\u003Cp>One of the standout features of “Count Post Reactions” is its ability to enforce one-time reactions per user. This functionality ensures that each user can only react to a post once, maintaining the integrity of your reaction data and preventing spammy or repetitive reactions.\u003C\u002Fp>\n\u003Cp>The plugin offers seamless integration with your WordPress site, allowing you to easily customize the appearance and behavior of the reaction counters to suit your branding and design preferences. Whether you’re running a personal blog, a news site, or an online community, “Count Post Reactions” empowers you to better understand and leverage user sentiment to drive engagement and foster a vibrant online community.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Add Post Reaction in any post types\u003C\u002Fli>\n\u003Cli>Enable\u002FDisable any reaction\u003C\u002Fli>\n\u003Cli>Add Custom Reaction\u003C\u002Fli>\n\u003Cli>Place content after\u002Fbefore the Reactions\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>How to use?\u003C\u002Fh4>\n\u003Cp>Install the plugin, go to Tools -> Post Reaction -> Enable\u003C\u002Fp>\n\u003Ch3>Developer Notes\u003C\u002Fh3>\n\u003Cp>Public source code GitHub link for review, study, and contribute.\u003C\u002Fp>\n\u003Cp>https:\u002F\u002Fgithub.com\u002FbPlugins-LLC\u002Fcount-post-reaction\u003C\u002Fp>\n\u003Cp>For more information on how to contribute to this plugin, please visit our GitHub repository.\u003C\u002Fp>\n","Add Facebook Reaction interface in WordPress Posts and Count them (likes, loves, cares, custom react)",60,2050,0,"2026-03-12T05:00:00.000Z","6.9.4","5.7","7.1",[19,20,21,22,23],"care","like","love","post-reactions","reaction","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpost-reaction.1.0.0.zip",100,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":32,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":35,"avg_patch_time_days":36,"trust_score":37,"computed_at":38},"bplugins","colorlibplugins",120,738240,99,140,78,"2026-04-04T02:42:03.584Z",[40,66,91,114,132],{"slug":41,"name":42,"version":43,"author":44,"author_profile":45,"description":46,"short_description":47,"active_installs":48,"downloaded":49,"rating":50,"num_ratings":51,"last_updated":52,"tested_up_to":53,"requires_at_least":54,"requires_php":55,"tags":56,"homepage":61,"download_link":62,"security_score":63,"vuln_count":64,"unpatched_count":13,"last_vuln_date":65,"fetched_at":28},"booster-extension","Booster Extension","1.2.2","themeinwp","https:\u002F\u002Fprofiles.wordpress.org\u002Fthemeinwp\u002F","\u003Cp>Booster Extension is a free WordPress plugin that supercharges your site with awesome powerful features. There’re numerous plugins in the official WordPress repository that promises to provide the features that we offer, however if you install them all, there’s inconsistency in their backend and frontend styles and possible plugin conflicts. That’s why we’ve created Booster Extension, adding all the essentials components for every WordPress blog or magazine.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Social share with share count\u003C\u002Fstrong>\u003Cbr \u002F>\nSharing buttons increase traffic and engagement by helping readers share your posts and pages to their friends on social media. Booster Extension enables your website users to share the content over Facebook, Twitter, LinkedIn, Pinterest and Email. This is the Simplest and Smoothest Social Sharing plugin with an awesome visual appearance.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Calculate and Display Read Time\u003C\u002Fstrong>\u003Cbr \u002F>\nDo you want to display estimated post reading time in your WordPress blog posts? Booster Extension let’s you easily add an estimated reading time to your WordPress posts. An estimated reading time encourages users to read a blog post instead of clicking away.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Reaction Buttons and Feedback Emoji\u003C\u002Fstrong>\u003Cbr \u002F>\nBooster Extension helps you to collect user feedback using the most spoken language in the world: the emoji. Increase your audience engagement in a fun way for your users.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Author Box with Social Profiles\u003C\u002Fstrong>\u003Cbr \u002F>\nBooster Extension adds a responsive author box at the end of your posts, showing the author name, author gravatar and author description. It also adds over 30 social profile fields on WordPress user profile screen, allowing to display the author social icons.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Like\u002FDislike Post\u003C\u002Fstrong>\u003Cbr \u002F>\nBooster Extension increases the interaction with the WordPress post by enabling likes and dislikes buttons along with the count. You can choose either Thumbs Up\u002FThumbs Down or Smiley\u002FFrown.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>License: GPLv2\nLicense URI: http:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Booster Extension is a free WordPress plugin that supercharges your site with awesome powerful features. There’re numerous plugins in the official Wor &hellip;",8000,182275,88,7,"2024-04-26T04:40:00.000Z","6.5.8","4.5","5.5",[57,22,58,59,60],"post-like-and-dislike","read-time","share-count","social-share","https:\u002F\u002Fwww.themeinwp.com\u002Fbooster-extension\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbooster-extension.1.2.2.zip",91,1,"2024-04-29 00:00:00",{"slug":67,"name":68,"version":69,"author":70,"author_profile":71,"description":72,"short_description":73,"active_installs":74,"downloaded":75,"rating":76,"num_ratings":77,"last_updated":78,"tested_up_to":79,"requires_at_least":80,"requires_php":81,"tags":82,"homepage":86,"download_link":87,"security_score":88,"vuln_count":89,"unpatched_count":13,"last_vuln_date":90,"fetched_at":28},"i-recommend-this","I Recommend This – Love\u002FLike Button for WordPress Posts","4.0.1","Harish Chouhan","https:\u002F\u002Fprofiles.wordpress.org\u002Fhchouhan\u002F","\u003Cp>“I Recommend This” allows your visitors to effortlessly like or recommend your posts with a single click, making it easier for them to show their appreciation without leaving a comment. Enhance your site’s engagement by providing a simple, user-friendly way for readers to interact with your content.\u003C\u002Fp>\n\u003Ch3>Features:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Display a counter for likes\u002Frecommendations.\u003C\u002Fli>\n\u003Cli>Widget and shortcode to display the most liked posts.\u003C\u002Fli>\n\u003Cli>Choose between a “Thumbs Up” or “Heart” icon.\u003C\u002Fli>\n\u003Cli>Prevents multiple votes from the same user via cookies and IP address tracking.\u003C\u002Fli>\n\u003Cli>View and sort posts by likes in the post edit page.\u003C\u002Fli>\n\u003Cli>Better GDPR compliance with anonymized IPs\u003C\u002Fli>\n\u003Cli>Built-in query block compatibility\u003C\u002Fli>\n\u003Cli>Extensive action and filter hooks for developers\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Advanced Options:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Hide the counter if the count is zero.\u003C\u002Fli>\n\u003Cli>Customize messages for zero, one, or multiple likes.\u003C\u002Fli>\n\u003Cli>Disable plugin CSS for custom styling.\u003C\u002Fli>\n\u003Cli>Option to disable IP address saving to comply with GDPR.\u003C\u002Fli>\n\u003Cli>Enhanced cookie management\u003C\u002Fli>\n\u003Cli>IP address anonymization for stronger GDPR compliance\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Shortcodes:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ccode>[irecommendthis]\u003C\u002Fcode> – Add the voting link to any page.\u003C\u002Fli>\n\u003Cli>\u003Ccode>[irecommendthis_top_posts post_type='post' container='div' number='10' year='2023' monthnum='7']\u003C\u002Fcode> – Display most recommended posts.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin is based exactly on Benoit “LeBen” Burgener’s “I Like This” Plugin and has been modified after getting requests for the changes I had made on my website.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>If you love the plugin, please consider rating it and clicking on “it works” button.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>Example Sites Using the Plugin:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fflattrendz.com\" rel=\"nofollow ugc\">Flat UI Design Gallery\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>For Developers:\u003C\u002Fh3>\n\u003Cp>This plugin is being developed on GitHub.. If you want to collaborate, please look at \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwebtions\u002FI-Recommend-This\" rel=\"nofollow ugc\">I Recommend This plugin on GitHub\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Translations\u003C\u002Fh3>\n\u003Cp>You can \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fi-recommend-this\u002Fstable\u002F\" rel=\"nofollow ugc\">help translate this plugin into your language\u003C\u002Fa> using your WordPress.org account.\u003C\u002Fp>\n","Enable your visitors to easily like or recommend your posts with a single click, enhancing engagement without the need for comments.",5000,390544,94,37,"2025-07-25T12:44:00.000Z","6.8.5","6.1","7.4",[20,21,83,84,85],"post","rate","recommend","https:\u002F\u002Fthemeist.com\u002Fplugins\u002Fwordpress\u002Fi-recommend-this\u002F#utm_source=wp-plugin&utm_medium=i-recommend-this&utm_campaign=plugins-page","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fi-recommend-this.4.0.1.zip",96,5,"2023-04-19 00:00:00",{"slug":92,"name":93,"version":94,"author":95,"author_profile":96,"description":97,"short_description":98,"active_installs":99,"downloaded":100,"rating":26,"num_ratings":101,"last_updated":102,"tested_up_to":103,"requires_at_least":104,"requires_php":105,"tags":106,"homepage":111,"download_link":112,"security_score":113,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"wpac-like-system","WPAC Social Tools – Like, React & Share","3.0.3","Mian Shahzad Raza","https:\u002F\u002Fprofiles.wordpress.org\u002Fmianshahzadraza\u002F","\u003Cp>This will add powerful social features to your WordPress website. Engage with your website visitors by giving them the opportunity to react with your content. This plugin will all like dislike buttons with like vs dislike bar or you can add emoji reactions like Facebook.\u003Cbr \u002F>\nBoth visitors and logged-in members can react to your posts. Not only reactions but a social sharing bar as well so no more different plugins.\u003Cbr \u002F>\nThis plugin also has a widget to show most liked or disliked posts anywhere you like.\u003C\u002Fp>\n\u003Cp>This plugin is my first project, so feel free to provide feedback via support forums. You can also contribute to help me improve this open-source project.\u003C\u002Fp>\n\u003Cp>Github repository: If yu want to contribute to this project you can fork this \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwpacademy\u002Fwpac-like-system\u002F\" title=\"Github Repository for WPAC Like System\" rel=\"nofollow ugc\">Github Repository\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Like & Dislike Buttons \u003C\u002Fli>\n\u003Cli>Like vs Dislike bar\u003C\u002Fli>\n\u003Cli>Most Liked or Disliked Posts\u003C\u002Fli>\n\u003Cli>Handy shortcodes\u003C\u002Fli>\n\u003Cli>Reaction system with 2 styles of emojis\u003C\u002Fli>\n\u003Cli>Social Sharing\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Shortcodes\u003C\u002Fh4>\n\u003Cp>Display Like & Dislike buttons in post or page.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[WPAC_LIKE_SYSTEM]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Return Like\u002FDislike count for current post being viewed.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[WPAC_LIKE_COUNT] [WPAC_DISLIKE_COUNT]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Return Like\u002FDislike count for given post ID.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[WPAC_LIKE_COUNT id=\"123\"] [WPAC_DISLIKE_COUNT id=\"123\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Return Like\u002FDislike count wrapped in a string, use \u003Ccode>%\u003C\u002Fcode> where you want to display count value.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[WPAC_LIKE_COUNT string=\"Liked % times\"] [WPAC_DISLIKE_COUNT string=\"Disliked % times\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Use String with post id\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[WPAC_LIKE_COUNT id=\"123\" string=\"Liked % times\"] [WPAC_DISLIKE_COUNT id=\"123\" string=\"Disiked % times\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Credits\u003C\u002Fh4>\n\u003Cp>Libraries and resources used in this project.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fjquery.com\" rel=\"nofollow ugc\">jQuery\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Ffontawesome.com\u002F\" rel=\"nofollow ugc\">FontAwesome\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Ffonts.google.com\u002F\" rel=\"nofollow ugc\">Google WebFonts\u003C\u002Fa>\u003C\u002Fp>\n","The Most Simple WordPress Post Like, Dislike & Reaction System with Social Sharing.",300,11433,3,"2020-05-14T17:52:00.000Z","5.4.19","4.0","5.6.0",[107,20,108,109,110],"dislike","post-like","reactions","social-sharing","https:\u002F\u002Fgithub.com\u002Fwpacademy\u002Fwpac-like-system","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpac-like-system.3.0.3.zip",85,{"slug":115,"name":116,"version":117,"author":118,"author_profile":119,"description":120,"short_description":121,"active_installs":122,"downloaded":123,"rating":26,"num_ratings":89,"last_updated":124,"tested_up_to":125,"requires_at_least":126,"requires_php":127,"tags":128,"homepage":24,"download_link":131,"security_score":113,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"love-me","Love Me","1.1.0","Kantari Samy","https:\u002F\u002Fprofiles.wordpress.org\u002Fleprincenoir\u002F","\u003Cp>Display a very simple and customisable like button for your posts or any custom post type.\u003C\u002Fp>\n","Display a very simple and customisable like button for your posts or any custom post type.",200,6717,"2022-01-26T15:04:00.000Z","5.9.13","3.5","5.6",[129,20,130,21,115],"button","like-button","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flove-me.1.1.0.zip",{"slug":133,"name":134,"version":135,"author":136,"author_profile":137,"description":138,"short_description":139,"active_installs":26,"downloaded":140,"rating":13,"num_ratings":13,"last_updated":141,"tested_up_to":15,"requires_at_least":142,"requires_php":81,"tags":143,"homepage":137,"download_link":148,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"instant-emoji-reactions","Instant Emoji Reactions","1.0.2","Usama Khalid","https:\u002F\u002Fprofiles.wordpress.org\u002Fusamakhalid14\u002F","\u003Cp>Add emoji reactions to posts and custom post types, allowing both logged-in and guest users to express their feelings. This plugin enables users to engage with your content using fun and expressive emojis such as Agree, Disagree, Angry, Love, and Laugh. Reactions are stored for each post, providing valuable feedback and interaction metrics. Perfect for blogs, forums, and community-driven websites!\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is licensed under the GPL-2.0+ License. You can freely use, modify, and distribute it under the terms of this license. See the full license at: https:\u002F\u002Fopensource.org\u002Flicenses\u002FGPL-2.0\u003C\u002Fp>\n","Add emoji reactions to posts and custom post types on your WordPress site, enabling both logged-in and guest users to express their feelings.",1428,"2025-12-15T06:44:00.000Z","5.0",[144,145,146,22,147],"ajax-reactions","emoji-feedback","emoji-reactions","reaction-buttons","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Finstant-emoji-reactions.1.0.2.zip",{"attackSurface":150,"codeSignals":199,"taintFlows":212,"riskAssessment":295,"analyzedAt":303},{"hooks":151,"ajaxHandlers":186,"restRoutes":195,"shortcodes":196,"cronEvents":197,"entryPointCount":198,"unprotectedCount":13},[152,158,161,165,168,173,177,181],{"type":153,"name":154,"callback":155,"file":156,"line":157},"action","admin_menu","add_opt_in_menu","inc\\Base\\Settings.php",10,{"type":153,"name":159,"callback":159,"file":156,"line":160},"admin_enqueue_scripts",11,{"type":153,"name":162,"callback":163,"file":156,"line":164},"admin_init","register_settings",12,{"type":153,"name":166,"callback":163,"file":156,"line":167},"rest_api_init",13,{"type":153,"name":169,"callback":170,"file":171,"line":172},"wp_enqueue_scripts","enqueue_scripts","inc\\PostReactionCounter.php",16,{"type":153,"name":174,"callback":175,"file":171,"line":176},"the_content","display_reactions_count",19,{"type":153,"name":178,"callback":179,"file":171,"line":180},"wp_footer","footerAlert",20,{"type":153,"name":182,"callback":183,"file":184,"line":185},"plugins_loaded","post_reactions_counter_setup","post-reaction.php",31,[187,193],{"action":188,"nopriv":189,"callback":190,"hasNonce":191,"hasCapCheck":189,"file":171,"line":192},"update_post_reaction",false,"save_reaction_callback",true,17,{"action":188,"nopriv":191,"callback":190,"hasNonce":191,"hasCapCheck":189,"file":171,"line":194},18,[],[],[],2,{"dangerousFunctions":200,"sqlUsage":201,"outputEscaping":209,"fileOperations":13,"externalRequests":13,"nonceChecks":64,"capabilityChecks":13,"bundledLibraries":211},[],{"prepared":157,"raw":198,"locations":202},[203,207],{"file":204,"line":205,"context":206},"inc\\Database\\Table.php",54,"$wpdb->query() with variable interpolation",{"file":204,"line":208,"context":206},73,{"escaped":167,"rawEcho":13,"locations":210},[],[],[213,247],{"entryPoint":214,"graph":215,"unsanitizedCount":198,"severity":246},"save_reaction_callback (inc\\PostReactionCounter.php:42)",{"nodes":216,"edges":241},[217,222,226,232,235,238],{"id":218,"type":219,"label":220,"file":171,"line":221},"n0","source","$_POST",77,{"id":223,"type":224,"label":225,"file":171,"line":221},"n1","transform","→ reaction_exists()",{"id":227,"type":228,"label":229,"file":171,"line":230,"wp_function":231},"n2","sink","get_var() [SQLi]",198,"get_var",{"id":233,"type":219,"label":220,"file":171,"line":234},"n3",86,{"id":236,"type":224,"label":237,"file":171,"line":234},"n4","→ save_reaction()",{"id":239,"type":228,"label":229,"file":171,"line":240,"wp_function":231},"n5",220,[242,243,244,245],{"from":218,"to":223,"sanitized":189},{"from":223,"to":227,"sanitized":189},{"from":233,"to":236,"sanitized":189},{"from":236,"to":239,"sanitized":189},"high",{"entryPoint":248,"graph":249,"unsanitizedCount":198,"severity":246},"\u003CPostReactionCounter> (inc\\PostReactionCounter.php:0)",{"nodes":250,"edges":285},[251,253,257,259,260,261,265,267,269,271,273,275,277,280,283],{"id":218,"type":219,"label":220,"file":171,"line":252},67,{"id":223,"type":228,"label":254,"file":171,"line":255,"wp_function":256},"get_results() [SQLi]",165,"get_results",{"id":227,"type":219,"label":258,"file":171,"line":252},"$_POST (x2)",{"id":233,"type":228,"label":229,"file":171,"line":230,"wp_function":231},{"id":236,"type":219,"label":220,"file":171,"line":252},{"id":239,"type":228,"label":262,"file":171,"line":263,"wp_function":264},"query() [SQLi]",274,"query",{"id":266,"type":219,"label":220,"file":171,"line":221},"n6",{"id":268,"type":224,"label":225,"file":171,"line":221},"n7",{"id":270,"type":228,"label":229,"file":171,"line":230,"wp_function":231},"n8",{"id":272,"type":219,"label":220,"file":171,"line":234},"n9",{"id":274,"type":224,"label":237,"file":171,"line":234},"n10",{"id":276,"type":228,"label":229,"file":171,"line":240,"wp_function":231},"n11",{"id":278,"type":219,"label":258,"file":171,"line":279},"n12",229,{"id":281,"type":224,"label":282,"file":171,"line":279},"n13","→ update_reaction()",{"id":284,"type":228,"label":262,"file":171,"line":263,"wp_function":264},"n14",[286,287,288,289,290,291,292,293,294],{"from":218,"to":223,"sanitized":191},{"from":227,"to":233,"sanitized":191},{"from":236,"to":239,"sanitized":191},{"from":266,"to":268,"sanitized":189},{"from":268,"to":270,"sanitized":189},{"from":272,"to":274,"sanitized":189},{"from":274,"to":276,"sanitized":189},{"from":278,"to":281,"sanitized":189},{"from":281,"to":284,"sanitized":191},{"summary":296,"deductions":297},"The \"post-reaction\" plugin v1.0.0 exhibits a generally good security posture, with no known vulnerabilities in its history and strong coding practices evident in the static analysis. Notably, all output is properly escaped, and there are no file operations or external HTTP requests, minimizing common attack vectors. The use of prepared statements for the majority of SQL queries is also a positive indicator of secure data handling.\n\nHowever, the taint analysis reveals two flows with unsanitized paths, flagged as high severity. While the plugin has an \"attack surface\" with two AJAX handlers, the static analysis indicates that these are protected and there are no unprotected entry points. The presence of a single nonce check, alongside the absence of capability checks for the AJAX handlers, could be a potential concern, especially if the taint analysis's \"unsanitized paths\" relate to these handlers. The lack of historical vulnerabilities is a good sign, but the high-severity taint flows are a critical point of attention that requires further investigation.\n\nIn conclusion, while the plugin demonstrates a strong foundation with secure output handling and SQL practices, the identified high-severity taint flows are a significant concern. The limited vulnerability history suggests past robustness, but these new findings necessitate immediate attention to ensure the plugin's continued security and to prevent potential exploitation through the identified unsanitized paths.",[298,301],{"reason":299,"points":300},"High severity taint flows with unsanitized paths",15,{"reason":302,"points":89},"AJAX handlers lack capability checks","2026-03-16T21:41:20.782Z",{"wat":305,"direct":318},{"assetPaths":306,"generatorPatterns":311,"scriptPaths":312,"versionParams":313},[307,308,309,310],"\u002Fwp-content\u002Fplugins\u002Fpost-reaction\u002Fdist\u002Fpublic.css","\u002Fwp-content\u002Fplugins\u002Fpost-reaction\u002Fdist\u002Fpublic.js","\u002Fwp-content\u002Fplugins\u002Fpost-reaction\u002Fdist\u002Fsettings.css","\u002Fwp-content\u002Fplugins\u002Fpost-reaction\u002Fdist\u002Fsettings.js",[],[308,310],[314,315,316,317],"post-reaction\u002Fdist\u002Fpublic.css?ver=","post-reaction\u002Fdist\u002Fpublic.js?ver=","post-reaction\u002Fdist\u002Fsettings.css?ver=","post-reaction\u002Fdist\u002Fsettings.js?ver=",{"cssClasses":319,"htmlComments":323,"htmlAttributes":324,"restEndpoints":327,"jsGlobals":329,"shortcodeOutput":331},[320,321,322],"post-reactions-list","reacted_to","prc_react_icon",[],[325,326],"data-id","data-react-type",[328],"\u002Fwp-json\u002Fcpr\u002Fv1\u002Fsettings",[330],"postReactScript",[]]