[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fGTrBfLX2OpVsl8pGjzhFYAyJcZY0CtfUIzlK44piXnU":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":35,"analysis":127,"fingerprints":294},"profiles-manager-for-buddypress","Profiles Manager","1.6","elbuntu","https:\u002F\u002Fprofiles.wordpress.org\u002Felbuntu\u002F","\u003Cp>Profiles Manager is designed to help you monetize your social network by hiding the premium profile fields from non-paying members. This plugin\u003Cbr \u002F>\nworks with any kind of payment system in place but is tested with s2member.\u003C\u002Fp>\n\u003Cp>Features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Hide BuddyPress Profile Groups to certain members\u003C\u002Fli>\n\u003Cli>Easy to use UI\u003C\u002Fli>\n\u003Cli>Create upgrade account menu item on free members profiles.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Removing the plugin\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Deactivate The Plugin \u003C\u002Fli>\n\u003Cli>Replace bp_pm_group_tabs(); with bp_profile_group_tabs();\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin is designed to help you monetize your social network by hiding the premium profile fields from non-paying members.",10,4465,100,1,"2016-02-25T13:24:00.000Z","3.4.2","2.8","",[20,21,22,23],"buddypress","profile","social","social-network","http:\u002F\u002Felbuntu.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fprofiles-manager-for-buddypress.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":14,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},30,84,"2026-04-04T17:02:34.790Z",[36,58,77,95,109],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":46,"num_ratings":47,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":18,"tags":51,"homepage":56,"download_link":57,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"buddypress-edit-activity","BuddyPress Edit Activity","1.1.1","Syed Balkhi","https:\u002F\u002Fprofiles.wordpress.org\u002Fsmub\u002F","\u003Cp>Let your BuddyPress members edit their activity posts and replies on the front-end of the site. You can even set a time limit for how long activity posts should remain editable.\u003C\u002Fp>\n\u003Cp>Just activate the plugin, and every activity post and reply will become editable, styled automatically by BuddyPress to fit with your theme.\u003C\u002Fp>\n","BuddyPress Edit Activity allows your members to edit their activity posts on the front-end of your BuddyPress-powered site.",900,75058,92,17,"2020-04-23T13:56:00.000Z","5.4.19","3.8",[52,20,53,54,55],"activity","messaging","profiles","social-networking","https:\u002F\u002Fwww.buddyboss.com\u002Fproduct\u002Fbuddypress-edit-activity\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddypress-edit-activity.1.1.1.zip",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":13,"downloaded":66,"rating":33,"num_ratings":67,"last_updated":68,"tested_up_to":49,"requires_at_least":69,"requires_php":70,"tags":71,"homepage":75,"download_link":76,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"advanced-xprofile-fields-for-buddypress","Advanced XProfile Fields for BuddyPress","1.0.4.2","SuitePlugins","https:\u002F\u002Fprofiles.wordpress.org\u002Fsuiteplugins\u002F","\u003Cp>Advanced XProfile Fields for BuddyPress creates a way to enhance your BuddyPress profile fields.\u003C\u002Fp>\n\u003Ch4>Take control of all your field labels\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Create 1 profile field and change the label shown on Registration, Profile Edit, My Profile, Other User Profile screen\u003C\u002Fli>\n\u003Cli>Add a label for user listing screen\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Validate fields on Profile Edit\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Set Character Limits\u003C\u002Fli>\n\u003Cli>Set Minimum Character Requirements\u003C\u002Fli>\n\u003Cli>Text Format\u003Cbr \u002F>\n** Force text formats – Alphanumeric, Alpha, Email and URL\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Additional Options\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Hide field on registration page\u003C\u002Fli>\n\u003Cli>Make a field non-editable after a user has saved entry. Perfect for field like Gender, Title etc\u003C\u002Fli>\n\u003Cli>Show fields in admin. Show the profile field in the user’s admin list.\u003C\u002Fli>\n\u003C\u002Ful>\n","Enhance your BuddyPress profile fields with Advanced XProfile Fields for BuddyPress. Manage fields labels, validation and show fields in admin.",13299,5,"2020-04-26T18:57:00.000Z","3.2","5.3",[20,72,73,74,23],"buddypress-groups","buddypress-profile-field","groups","http:\u002F\u002Fsuiteplugins.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadvanced-xprofile-fields-for-buddypress.zip",{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":85,"downloaded":86,"rating":87,"num_ratings":88,"last_updated":89,"tested_up_to":90,"requires_at_least":91,"requires_php":18,"tags":92,"homepage":93,"download_link":94,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"buddypress-who-clicked-at-my-profile","Buddypress Who clicked at my Profile?","3.6","quan_flo","https:\u002F\u002Fprofiles.wordpress.org\u002Fquan_flo\u002F","\u003Cp>\u003Cstrong>Do you want to increase your buddypress user’s interaction?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Tell them if other visited their profile!\u003C\u002Fp>\n\u003Cp>This plugin will notify your members about other members that visited their profile via buddypress notification system.\u003Cbr \u002F>\nThis plugin also provides a widget that shows last profile visitors for the logged in user.\u003Cbr \u002F>\nThis plugin provides a shortcode that can be used anywhere to display the logged in user’s visitors\u003C\u002Fp>\n\u003Cp>Shortcode usage:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[buddypresswcamp_show_visits]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Use Parameter to show avatars insted of links or configure how many last visitors should be shown.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[buddypresswcamp_show_visits showAvatars=1 amount=5]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>If you use bbpress \u003C 2.6 please apply the changes described there: https:\u002F\u002Fbbpress.trac.wordpress.org\u002Fticket\u002F2779 to get the notifications working\u003C\u002Fp>\n\u003Cp>\u003Cstrong>More about me and my plugins\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Since the year 1999 I do administration, customizing and programming for several forums, communities and social networks. In the year 2013 I switched from another PHP framework to WordPress.\u003Cbr \u002F>\nBecause not all plugins I’d like to have exist already I wrote some own plugins and I think I’ll continue to do so.\u003C\u002Fp>\n\u003Cp>If you have the scope at forums or social networks my other modules might also be interesting for you. \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsearch.php?q=quan_flo\" title=\"ifs-net \u002F quan_flo WordPress Plugins\" rel=\"ugc\">Just take a look at my WordPress Profile to see all my Plugins.\u003C\u002Fa> Use them and if my work helps you to save time, earn money or just makes you happy feel free to donate – Thanks. The donation link can be found at the right sidebar next to this text.\u003C\u002Fp>\n","This plugin will notify your members about other members that visited their profile. This plugin also provides a widget that shows last profile visito &hellip;",40,15155,98,15,"2016-07-25T18:23:00.000Z","4.7.32","4.2",[20,21,23],"http:\u002F\u002Fifs-net.de","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddypress-who-clicked-at-my-profile.zip",{"slug":96,"name":97,"version":98,"author":99,"author_profile":100,"description":101,"short_description":102,"active_installs":103,"downloaded":104,"rating":27,"num_ratings":27,"last_updated":105,"tested_up_to":90,"requires_at_least":69,"requires_php":18,"tags":106,"homepage":107,"download_link":108,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"bp-xprofile-fields-custom-css-classes","Buddypress Xprofile Fields Custom Css Classes","1.0","codepixlabs","https:\u002F\u002Fprofiles.wordpress.org\u002Fcodepixlabs\u002F","\u003Cp>Buddypress Xprofile Fields Custom Css Classes allows to add classes to xprofile fields for ease of styling.\u003C\u002Fp>\n\u003Ch4>Gives more control for frontend designers\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Add single or multiple classes to each field\u003C\u002Fli>\n\u003Cli>Group fields based on classes\u003C\u002Fli>\n\u003Cli>Extremely light \u003C 5kb\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Eases process of css framework support\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Buddypress forms ( register \u002F profile edit ) do not support any css frameworks out of the box\u003C\u002Fli>\n\u003Cli>This plugins makes it easy to style forms as per any css framworks, as it provide ability to add css classes for each field\u003C\u002Fli>\n\u003C\u002Ful>\n","Add custom classes to xprofile fields for ease of styling.",20,1931,"2017-04-24T11:07:00.000Z",[20,72,73,74,23],"http:\u002F\u002Fcodepixlabs.com\u002Fplugins\u002Fbuddypress-xprofile-fields-custom-css-classes","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbp-xprofile-fields-custom-css-classes.zip",{"slug":110,"name":111,"version":112,"author":113,"author_profile":114,"description":115,"short_description":116,"active_installs":11,"downloaded":117,"rating":13,"num_ratings":14,"last_updated":18,"tested_up_to":118,"requires_at_least":119,"requires_php":18,"tags":120,"homepage":124,"download_link":125,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":126},"mif-bp-customizer","MIF BP Customizer","1.0.0","asergeev34","https:\u002F\u002Fprofiles.wordpress.org\u002Fasergeev34\u002F","\u003Cp>Buddypress features extension plugin for creation of social network site.\u003Cbr \u002F>\nIt is oriented on work with social networking plugin BuddyPress.\u003C\u002Fp>\n\u003Cp>Adds features:\u003C\u002Fp>\n\u003Cp>Activity feed\u003C\u002Fp>\n\u003Cp>Special activity feed. Changes the appearance and behavior of the activity feed on users’ pages (on personal page – “Whole feed”, on other users’ pages – only their activity). Allows to use content blocking tools.\u003C\u002Fp>\n\u003Cp>Post types of activity feed. Allows to specify activity types, which should be displayed in user’s feed (“Special activity feed” option is required).\u003C\u002Fp>\n\u003Cp>User blocking. Allows to maintain a list of users, whose information is blocked in your activity feed (“Special activity feed” option is required).\u003C\u002Fp>\n\u003Cp>Site behavior\u003C\u002Fp>\n\u003Cp>Profile as a homepage. Set user profile as his home page.\u003C\u002Fp>\n\u003Cp>Profile privacy. Allow users to limit access to their profiles.\u003C\u002Fp>\n\u003Cp>Subscribers. Enable subscription option for user updates (subscription = one-way friendship).\u003C\u002Fp>\n\u003Cp>Notifications. Advanced notification mode.\u003C\u002Fp>\n\u003Cp>Pop-up messages. Mechanism of pop-up messages (echo-server configuration is required).\u003C\u002Fp>\n\u003Cp>Documents. Creation of files and documents collections on users’ and groups’ pages. Files and documents publication in the activity feed.\u003C\u002Fp>\n\u003Cp>Dialogues (experimentally\u002Fis in a test mode). Simple and convenient dialogues instead of the standard system of private messages (experimentally\u002Fis in a test mode; echo-server configuration is required).\u003C\u002Fp>\n\u003Cp>Background image. Allow to use custom image as a background for user profile or group.\u003C\u002Fp>\n\u003Cp>Group address. Allow to change the group address in its settings and at creation.\u003C\u002Fp>\n\u003Cp>«Like» button. «Like» button for posts in the activity feed.\u003C\u002Fp>\n\u003Cp>«Repost» button. Second publication (repost) of posts in the activity feed.\u003C\u002Fp>\n\u003Cp>«Favorite», «Delete» buttons. Special «Favorite», «Delete» buttons (as «Like» and «Repost» button)\u003C\u002Fp>\n\u003Cp>Visual elements\u003C\u002Fp>\n\u003Cp>Site member widget. Fast and simple widget of site members avatars.\u003C\u002Fp>\n\u003Cp>Group widget. Fast and simple widget of group avatars.\u003C\u002Fp>\n","Buddypress features extension plugin for creation of social network site.",1691,"4.9.29","4.8",[20,121,122,123,23],"like","private-profile","repost","https:\u002F\u002Fgithub.com\u002Falexey-sergeev\u002Fmif-bp-customizer","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmif-bp-customizer.zip","2026-03-15T10:48:56.248Z",{"attackSurface":128,"codeSignals":149,"taintFlows":244,"riskAssessment":282,"analyzedAt":293},{"hooks":129,"ajaxHandlers":141,"restRoutes":142,"shortcodes":143,"cronEvents":148,"entryPointCount":14,"unprotectedCount":27},[130,136],{"type":131,"name":132,"callback":133,"file":134,"line":135},"action","wp_head","bp_restrict_profile_head","frontEngine.php",125,{"type":131,"name":137,"callback":138,"file":139,"line":140},"admin_menu","bpm_menu","loader.php",87,[],[],[144],{"tag":145,"callback":146,"file":134,"line":147},"bpm-form","create_page",74,[],{"dangerousFunctions":150,"sqlUsage":151,"outputEscaping":179,"fileOperations":27,"externalRequests":27,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":243},[],{"prepared":152,"raw":153,"locations":154},47,12,[155,159,160,162,164,165,167,169,171,173,175,177],{"file":156,"line":157,"context":158},"admin\\init.php",11,"$wpdb->query() with variable interpolation",{"file":156,"line":153,"context":158},{"file":156,"line":161,"context":158},13,{"file":156,"line":163,"context":158},14,{"file":156,"line":88,"context":158},{"file":156,"line":166,"context":158},16,{"file":168,"line":153,"context":158},"admin\\subscriptionManager.php",{"file":168,"line":170,"context":158},21,{"file":134,"line":47,"context":172},"$wpdb->get_results() with variable interpolation",{"file":134,"line":174,"context":172},37,{"file":134,"line":176,"context":172},55,{"file":134,"line":178,"context":172},82,{"escaped":67,"rawEcho":180,"locations":181},35,[182,184,186,188,190,191,193,195,197,199,201,203,204,205,206,207,209,211,213,215,217,218,219,221,223,225,227,229,231,233,235,236,237,239,241],{"file":156,"line":170,"context":183},"raw output",{"file":156,"line":185,"context":183},59,{"file":156,"line":187,"context":183},68,{"file":156,"line":189,"context":183},80,{"file":156,"line":33,"context":183},{"file":156,"line":192,"context":183},88,{"file":194,"line":174,"context":183},"admin\\profileManager.php",{"file":194,"line":196,"context":183},69,{"file":194,"line":198,"context":183},71,{"file":194,"line":200,"context":183},72,{"file":194,"line":202,"context":183},75,{"file":194,"line":202,"context":183},{"file":194,"line":178,"context":183},{"file":194,"line":178,"context":183},{"file":194,"line":192,"context":183},{"file":194,"line":208,"context":183},107,{"file":168,"line":210,"context":183},27,{"file":168,"line":212,"context":183},73,{"file":168,"line":214,"context":183},76,{"file":168,"line":216,"context":183},79,{"file":168,"line":178,"context":183},{"file":168,"line":26,"context":183},{"file":168,"line":220,"context":183},108,{"file":168,"line":222,"context":183},109,{"file":134,"line":224,"context":183},22,{"file":134,"line":226,"context":183},42,{"file":134,"line":228,"context":183},43,{"file":134,"line":230,"context":183},101,{"file":134,"line":232,"context":183},115,{"file":234,"line":103,"context":183},"subscriptionEngine.php",{"file":234,"line":170,"context":183},{"file":234,"line":224,"context":183},{"file":234,"line":238,"context":183},24,{"file":234,"line":240,"context":183},38,{"file":234,"line":242,"context":183},56,[],[245,264],{"entryPoint":246,"graph":247,"unsanitizedCount":262,"severity":263},"\u003Cinit> (admin\\init.php:0)",{"nodes":248,"edges":259},[249,254],{"id":250,"type":251,"label":252,"file":156,"line":253},"n0","source","$_POST (x3)",7,{"id":255,"type":256,"label":257,"file":156,"line":187,"wp_function":258},"n1","sink","echo() [XSS]","echo",[260],{"from":250,"to":255,"sanitized":261},false,3,"low",{"entryPoint":265,"graph":266,"unsanitizedCount":262,"severity":281},"\u003CprofileManager> (admin\\profileManager.php:0)",{"nodes":267,"edges":278},[268,270,273,276],{"id":250,"type":251,"label":269,"file":194,"line":161},"$_GET",{"id":255,"type":256,"label":271,"file":194,"line":163,"wp_function":272},"query() [SQLi]","query",{"id":274,"type":251,"label":275,"file":194,"line":170},"n2","$_POST (x2)",{"id":277,"type":256,"label":271,"file":194,"line":224,"wp_function":272},"n3",[279,280],{"from":250,"to":255,"sanitized":261},{"from":274,"to":277,"sanitized":261},"high",{"summary":283,"deductions":284},"The \"profiles-manager-for-buddypress\" plugin v1.6 exhibits a mixed security posture.  While it boasts a small attack surface with no identified AJAX handlers or REST API routes without authentication, and no known CVEs in its history, significant concerns arise from the static analysis. The low percentage of properly escaped output (13%) is a major red flag, suggesting a high risk of cross-site scripting (XSS) vulnerabilities. Furthermore, the taint analysis revealed one high-severity flow with unsanitized paths, indicating a potential for unauthorized actions or data manipulation.  The absence of nonce checks is also worrying, especially if any entry points were to become vulnerable.  The plugin's clean vulnerability history is a positive indicator, suggesting development practices may be improving, but the current code analysis reveals critical areas needing immediate attention. The low number of entry points is a strength, but the lack of robust output escaping and the identified high-severity taint flow significantly undermine its overall security.",[285,287,289,291],{"reason":286,"points":88},"High percentage of improperly escaped output",{"reason":288,"points":153},"High severity taint flow found",{"reason":290,"points":67},"No nonce checks present",{"reason":292,"points":262},"Low percentage of prepared SQL statements","2026-03-17T00:49:04.766Z",{"wat":295,"direct":304},{"assetPaths":296,"generatorPatterns":299,"scriptPaths":300,"versionParams":301},[297,298],"\u002Fwp-content\u002Fplugins\u002Fprofiles-manager-for-buddypress\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fprofiles-manager-for-buddypress\u002Fjs\u002Fscripts.js",[],[298],[302,303],"profiles-manager-for-buddypress\u002Fcss\u002Fstyle.css?ver=","profiles-manager-for-buddypress\u002Fjs\u002Fscripts.js?ver=",{"cssClasses":305,"htmlComments":309,"htmlAttributes":318,"restEndpoints":319,"jsGlobals":320,"shortcodeOutput":321},[306,307,308,145],"bpm_settings","bpm_profile","bpm_commerce",[310,311,312,313,314,315,316,317],"\u003C!-- Activate the plugin for use! -->","\u003C!-- BUILD THE BACKEND MENU -->","\u003C!-- INCLUDE FRONT END -->","\u003C!-- Get visitor\u002Fmembers membership level -->","\u003C!-- Check the database to see if the membership level is matched in the database -->","\u003C!-- Get message to be displayed when the user is updating a profile page that no one will see. -->","\u003C!-- Get an array of public hidden profile items. -->","\u003C!-- Display message for the member updating his\u002Fher Profile. -->",[145],[],[306,307,308],[322],"[bpm-form]"]