[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fX5NdJiZhr_NEmv1BuHEh-PUNzonT3ml3H_adj7B2s_w":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":36,"analysis":138,"fingerprints":272},"roses-like-this","Like This","1.6.2","RosemarieP","https:\u002F\u002Fprofiles.wordpress.org\u002Frosemariep\u002F","\u003Cp>A simple ‘I like this’ plugin inspired by the facebook ‘like’ functionality.  For visitors who don’t want to bother with commenting.\u003C\u002Fp>\n","A simple 'I like this' plugin inspired by the facebook 'like' functionality.",2000,139425,98,7,"2017-11-28T13:03:00.000Z","3.6.1","3.0","",[20,21,22],"karma","likes","post","http:\u002F\u002Fr.osey.me\u002Fcode\u002FlikeThis","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Froses-like-this.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"rosemariep",1,30,84,"2026-04-05T09:13:39.206Z",[37,62,83,101,122],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":57,"download_link":58,"security_score":59,"vuln_count":60,"unpatched_count":26,"last_vuln_date":61,"fetched_at":28},"my-favorites","My Favorites","1.4.4","Takashi Matsuyama","https:\u002F\u002Fprofiles.wordpress.org\u002Ftakashimatsuyama\u002F","\u003Cp>Save user’s favorite posts and list them.\u003Cbr \u002F>\nThis plugin is simple. You can save the user’s favorite posts just a install and display them anywhere you want with just a shortcode.\u003Cbr \u002F>\nThe logged-in user’s data is saved in the user meta. Other user’s data is saved to Web Storage (localStorage).\u003C\u002Fp>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Shortcode:\u003C\u002Fstrong> \u003Ccode>[ccc_my_favorite_select_button post_id=\"\" style=\"\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Shortcode:\u003C\u002Fstrong> \u003Ccode>[ccc_my_favorite_list_menu slug=\"\" text=\"\" style=\"\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Shortcode:\u003C\u002Fstrong> \u003Ccode>[ccc_my_favorite_list_results class=\"\" style=\"\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For pages with a shortcode for list view ([ccc_my_favorite_list_results]).\u003C\u002Fp>\n\u003Cp>“Load More” is displayed with “posts_per_page”.\u003Cbr \u002F>\nIt will be displayed when the user has more favorite posts than “posts_per_page”.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Shortcode:\u003C\u002Fstrong> \u003Ccode>[ccc_my_favorite_list_results posts_per_page=\"10\"]\u003C\u002Fcode> default is 100 posts.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can display the post’s “excerpt”.\u003Cbr \u002F>\nThis value is the char length.\u003Cbr \u002F>\nIf not needed, use “no excerpt” or “0”.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Shortcode:\u003C\u002Fstrong> \u003Ccode>[ccc_my_favorite_list_results excerpt=\"30\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you want, you can change the code for list view yourself.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Shortcode:\u003C\u002Fstrong> \u003Ccode>[ccc_my_favorite_list_custom_template style=\"\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For pages with a shortcode for custom list view ([ccc_my_favorite_list_custom_template]).\u003Cbr \u002F>\nAdd the function (\u003Ccode>function ccc_my_favorite_list_custom_template( $my_favorite_post_id ) { }\u003C\u002Fcode>) for your list view to \u003Ccode>your-theme\u002Ffunctions.php\u003C\u002Fcode>.\u003Cbr \u002F>\n    $my_favorite_post_id is array.\u003Cbr \u002F>\n    style=”none” excludes the default CSS for the list.\u003C\u002Fp>\n\u003Cp>Detailed usage is under preparation.\u003C\u002Fp>\n\u003Ch3>Discover More\u003C\u002Fh3>\n\u003Cp>This plugin is \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ftakashi-matsuyama\u002Fmy-favorites\" rel=\"nofollow ugc\">developed on GitHub\u003C\u002Fa>\u003C\u002Fp>\n","Save user's favorite posts and list them.",1000,17149,100,15,"2026-01-09T08:29:00.000Z","6.9.4","4.8","5.4.0",[54,55,56,21],"accessibility","favorite-posts","favorites","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmy-favorites\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmy-favorites.1.4.4.zip",99,2,"2024-10-14 00:00:00",{"slug":63,"name":64,"version":65,"author":66,"author_profile":67,"description":68,"short_description":69,"active_installs":70,"downloaded":71,"rating":13,"num_ratings":72,"last_updated":73,"tested_up_to":74,"requires_at_least":75,"requires_php":18,"tags":76,"homepage":80,"download_link":81,"security_score":82,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"solid-post-likes","Solid Post Likes","1.0.8","oacstudio","https:\u002F\u002Fprofiles.wordpress.org\u002Foacstudio\u002F","\u003Cp>This plugin enables you to add a customizable like button to all post types. It supports all custom post types and all WooCommerce product types. Post comments are also supported.\u003C\u002Fp>\n\u003Cp>This button uses the same button for like and dislike. It has been tested with all major page builders.\u003C\u002Fp>\n\u003Cp>Scroll down for demo site link.\u003C\u002Fp>\n\u003Ch3>Feature list\u003C\u002Fh3>\n\u003Ch3>Scope:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Support for all post types.\u003C\u002Fli>\n\u003Cli>Enable\u002FDisable likes per post type.\u003C\u002Fli>\n\u003Cli>Enable\u002FDisable like text and counter.\u003C\u002Fli>\n\u003Cli>Like \u002F Unlike feature on the same button.\u003C\u002Fli>\n\u003Cli>WooCommerce supported.\u003C\u002Fli>\n\u003Cli>Supports all WooCommerce product types (i.e. WooCommerce Subscriptions, WooCommerce Bookings)\u003C\u002Fli>\n\u003Cli>Post comments supported.\u003C\u002Fli>\n\u003Cli>Post comments on custom post types supported.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Design:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>29 icons available for like and dislike.\u003C\u002Fli>\n\u003Cli>Choose different icon for like and dislike.\u003C\u002Fli>\n\u003Cli>Uses Icomoon for Icons.\u003C\u002Fli>\n\u003Cli>Choose different text for like and dislike.\u003C\u002Fli>\n\u003Cli>Set any text for like and unlike.\u003C\u002Fli>\n\u003Cli>Set any icon for like and unlike.\u003C\u002Fli>\n\u003Cli>Control icon and text size.\u003C\u002Fli>\n\u003Cli>Control icon and text color.\u003C\u002Fli>\n\u003Cli>Set icon and text padding to position each element as needed.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Shortcodes:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Free placement of like button via shortcodes.\u003C\u002Fli>\n\u003Cli>Like button shortcode [oacsspl] accepts post_id as argument.\u003C\u002Fli>\n\u003Cli>Show user liked posts via shortcode.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Developer:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Use custom hook for posts.\u003C\u002Fli>\n\u003Cli>Use custom hook for WooCommerce likes.\u003C\u002Fli>\n\u003Cli>Caching support for all full page caching plugins.\u003C\u002Fli>\n\u003Cli>Ajax based like loading.\u003C\u002Fli>\n\u003Cli>Filter available for custom content before and after button.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>More:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>User post like are shown in backend user profile. Useful for admins.\u003C\u002Fli>\n\u003Cli>Disable Likes via post ID.\u003C\u002Fli>\n\u003Cli>Set or remove likes manually.\u003C\u002Fli>\n\u003Cli>Visitors likes can like as well.\u003C\u002Fli>\n\u003Cli>Shows on single posts only.\u003C\u002Fli>\n\u003Cli>Zero configuration required. Just activate and go.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Compatibility:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Compatible with all themes that use WordPress the_content (should be almost all!)\u003C\u002Fli>\n\u003Cli>Multisite compatible.\u003C\u002Fli>\n\u003Cli>WPML compatible.\u003C\u002Fli>\n\u003Cli>Tested with all major page builders.\u003C\u002Fli>\n\u003Cli>Ready for localization .mo \u002F .po included.\u003C\u002Fli>\n\u003Cli>Works great on phones and tablets.\u003C\u002Fli>\n\u003Cli>All major browsers supported Chrome, Firefox, Safari, Opera, Edge, and Internet Explorer\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Known Incompatibilities:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>The Twenty Twenty-Three Default WordPress Theme does not work with the comment likes. Post likes work.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Documentation and Support\u003C\u002Fh3>\n\u003Cp>More documentation:\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Foacstudio.de\u002Fknowledgebase-category\u002Fsolid-post-likes\u002Finstallation\" rel=\"nofollow ugc\">https:\u002F\u002Foacstudio.de\u002Fknowledgebase-category\u002Fsolid-post-likes\u002Finstallation\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Demo site: \u003Ca href=\"https:\u002F\u002Fspl-demo.oacstudio.de\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fspl-demo.oacstudio.de\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>user: demo@oacstudio.de\u003Cbr \u002F>\npass: demo@oacstudio.de1\u003C\u002Fp>\n","A like button for all post types. Solid and simple.",600,10310,8,"2024-07-24T09:17:00.000Z","6.5.8","4.0",[77,78,79],"like","like-button","post-likes","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsolid-post-likes","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsolid-post-likes.1.0.8.zip",92,{"slug":84,"name":85,"version":86,"author":87,"author_profile":88,"description":89,"short_description":90,"active_installs":91,"downloaded":92,"rating":26,"num_ratings":26,"last_updated":18,"tested_up_to":74,"requires_at_least":93,"requires_php":18,"tags":94,"homepage":98,"download_link":99,"security_score":47,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":100},"lotos-likes","Lotos Likes","1.8","Excellent Dynamics","https:\u002F\u002Fprofiles.wordpress.org\u002Fexcellentdynamics\u002F","\u003Cp>Add “like” functionality to your posts and pages. Display your most liked posts via widget.\u003C\u002Fp>\n","Add \"like\" functionality to your posts and pages",200,4220,"4.2",[95,21,22,96,97],"hearts","shortcode","template-tag","https:\u002F\u002Fexcellentdynamics.biz\u002Fwordpress-plugins\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flotos-likes.4.8.zip","2026-03-15T10:48:56.248Z",{"slug":102,"name":103,"version":104,"author":105,"author_profile":106,"description":107,"short_description":108,"active_installs":109,"downloaded":110,"rating":26,"num_ratings":26,"last_updated":111,"tested_up_to":112,"requires_at_least":113,"requires_php":18,"tags":114,"homepage":120,"download_link":121,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"bainternet-user-ranks","Bainternet User Ranks","1.5.2","Bainternet","https:\u002F\u002Fprofiles.wordpress.org\u002Fbainternet\u002F","\u003Cp>Create and display user rank titles based on there post count, comment count or both.\u003C\u002Fp>\n\u003Cp>This is aimed at multi Author,User blogs which you can create rank levels in your blog based on author post count, comment count or both. Its ranking system similar to a forum.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Add as many Titles as you want and the minimum point to reach that Title.\u003C\u002Fli>\n\u003Cli>Set the point count for each post.\u003C\u002Fli>\n\u003Cli>Set the point count for each comment.\u003C\u002Fli>\n\u003Cli>Display Title, points or both.\u003C\u002Fli>\n\u003Cli>Insert automagicaly.(NEW)\u003C\u002Fli>\n\u003Cli>User rank ShortCode.(NEW)\u003C\u002Fli>\n\u003Cli>Get top Ranked ShortCode.(NEW)\u003C\u002Fli>\n\u003Cli>Get top Ranked Template Tag.(NEW)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>any feedback or suggestions are welcome.\u003C\u002Fp>\n\u003Cp>check out my \u003Ca href=\"http:\u002F\u002Fen.bainternet.info\u002Fcategory\u002Fplugins\" rel=\"nofollow ugc\">other plugins\u003C\u002Fa>\u003C\u002Fp>\n","Create and display user rank titles based on there post count, comment count or both.",10,7552,"2016-12-13T13:52:00.000Z","4.7.0","2.9.2",[115,116,117,118,119],"forum-like-ranking","post-and-comments-ranking","user-karma","user-ranking","user-titles","http:\u002F\u002Fwww.bainternet.info","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbainternet-user-ranks.1.5.2.zip",{"slug":123,"name":124,"version":125,"author":126,"author_profile":127,"description":128,"short_description":129,"active_installs":109,"downloaded":130,"rating":47,"num_ratings":32,"last_updated":131,"tested_up_to":132,"requires_at_least":133,"requires_php":18,"tags":134,"homepage":18,"download_link":137,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"simple-custom-post-likes","Simple custom post likes","1.0","richymilo","https:\u002F\u002Fprofiles.wordpress.org\u002Frichymilo\u002F","\u003Cp>Appends a custom likes box that allows a user to like any post type from the front end.\u003Cbr \u002F>\nOnly one like is allowed per user\u002Fip address.\u003Cbr \u002F>\nOnce a user has liked the post type they can unlike it again by clicking on the same button.\u003Cbr \u002F>\nPlugin runs by using meta data and ajax.\u003C\u002Fp>\n\u003Cp>The Plugin is configured via the admin page which is listed as a sub-menu item under “Settings”.\u003Cbr \u002F>\nThe element that the box should be appended to as well as the post type to target should be selected.\u003C\u002Fp>\n","Appends a custom likes box that allows a user to like any post type from the front end.",1776,"2015-03-12T06:34:00.000Z","4.1.42","3.0.1",[135,136,21],"custom-post-types","featured","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-custom-post-likes.zip",{"attackSurface":139,"codeSignals":198,"taintFlows":257,"riskAssessment":258,"analyzedAt":271},{"hooks":140,"ajaxHandlers":186,"restRoutes":195,"shortcodes":196,"cronEvents":197,"entryPointCount":60,"unprotectedCount":60},[141,147,151,155,160,164,168,173,177,181],{"type":142,"name":143,"callback":144,"file":145,"line":146},"action","publish_post","likeThisSetUpPostLikes","likethis.php",133,{"type":142,"name":148,"callback":149,"file":145,"line":150},"wp_enqueue_scripts","likeThisJsIncludes",134,{"type":142,"name":152,"callback":153,"priority":109,"file":154,"line":60},"manage_posts_custom_column","likeThisDisplayPostLikes","manage_posts.php",{"type":156,"name":157,"callback":158,"file":154,"line":159},"filter","manage_posts_columns","likeThisAddColumns",12,{"type":156,"name":161,"callback":162,"file":154,"line":163},"manage_edit-post_sortable_columns","likeThisSortableLikes",19,{"type":156,"name":165,"callback":166,"file":154,"line":167},"request","likeThisOrderBy",25,{"type":142,"name":169,"callback":170,"file":171,"line":172},"admin_menu","like_this_create_menu","options.php",3,{"type":142,"name":174,"callback":175,"file":171,"line":176},"activated_plugin","like_this_add_settings",4,{"type":142,"name":178,"callback":179,"file":171,"line":180},"admin_init","register_mysettings",5,{"type":142,"name":182,"callback":183,"file":184,"line":185},"widgets_init","anonymous","widget.php",118,[187,192],{"action":188,"nopriv":189,"callback":190,"hasNonce":189,"hasCapCheck":189,"file":145,"line":191},"like_this_like_post",false,"likeThisCheckHeaders",137,{"action":188,"nopriv":193,"callback":190,"hasNonce":189,"hasCapCheck":189,"file":145,"line":194},true,138,[],[],[],{"dangerousFunctions":199,"sqlUsage":203,"outputEscaping":205,"fileOperations":26,"externalRequests":26,"nonceChecks":26,"capabilityChecks":26,"bundledLibraries":256},[200],{"fn":201,"file":184,"line":185,"context":202},"create_function","add_action('widgets_init', create_function('', 'return register_widget(\"MostLikedPosts\");'));",{"prepared":32,"raw":26,"locations":204},[],{"escaped":60,"rawEcho":167,"locations":206},[207,210,212,214,216,218,220,222,224,226,228,230,232,234,236,238,239,240,242,244,246,248,250,252,254],{"file":145,"line":208,"context":209},73,"raw output",{"file":145,"line":211,"context":209},117,{"file":154,"line":213,"context":209},6,{"file":171,"line":215,"context":209},35,{"file":171,"line":217,"context":209},39,{"file":171,"line":219,"context":209},42,{"file":171,"line":221,"context":209},47,{"file":171,"line":223,"context":209},50,{"file":171,"line":225,"context":209},56,{"file":171,"line":227,"context":209},59,{"file":171,"line":229,"context":209},65,{"file":171,"line":231,"context":209},68,{"file":184,"line":233,"context":209},16,{"file":184,"line":235,"context":209},18,{"file":184,"line":237,"context":209},46,{"file":184,"line":221,"context":209},{"file":184,"line":225,"context":209},{"file":184,"line":241,"context":209},86,{"file":184,"line":243,"context":209},91,{"file":184,"line":245,"context":209},93,{"file":184,"line":247,"context":209},95,{"file":184,"line":249,"context":209},101,{"file":184,"line":251,"context":209},106,{"file":184,"line":253,"context":209},108,{"file":184,"line":255,"context":209},110,[],[],{"summary":259,"deductions":260},"The \"roses-like-this\" plugin version 1.6.2 exhibits a concerning security posture primarily due to its unprotected AJAX handlers.  With two identified AJAX entry points and neither implementing any form of authentication or authorization checks, these handlers represent a significant attack surface.  Any attacker could potentially trigger these functions without prior verification, leading to unintended actions or data manipulation within the WordPress environment.  While the plugin demonstrates good practice by utilizing prepared statements for its single SQL query and has no recorded vulnerabilities or critical taint flows, the absence of security checks on its primary entry points overshadows these strengths. The presence of the `create_function` is also a notable concern, as it's considered a deprecated and potentially insecure function that can be exploited if not handled with extreme care, though no specific exploitable taint flow was identified from it in this analysis. The extremely low percentage of properly escaped output (7%) is another critical weakness, suggesting a high probability of Cross-Site Scripting (XSS) vulnerabilities being present.  Overall, the plugin's lack of basic security hygiene on its AJAX handlers and pervasive unescaped output creates a substantial risk for users, despite its clean vulnerability history.",[261,263,265,267,269],{"reason":262,"points":109},"AJAX handlers without authentication checks",{"reason":264,"points":72},"Low output escaping percentage",{"reason":266,"points":180},"Use of dangerous 'create_function'",{"reason":268,"points":180},"AJAX handlers without capability checks",{"reason":270,"points":180},"AJAX handlers without nonce checks","2026-03-16T18:38:51.937Z",{"wat":273,"direct":280},{"assetPaths":274,"generatorPatterns":276,"scriptPaths":277,"versionParams":278},[275],"\u002Fwp-content\u002Fplugins\u002Froses-like-this\u002FlikesScript.js",[],[275],[279],"roses-like-this\u002FlikesScript.js?ver=",{"cssClasses":281,"htmlComments":283,"htmlAttributes":284,"restEndpoints":286,"jsGlobals":288,"shortcodeOutput":290},[282],"likeThis",[],[285],"data-post-id",[287],"\u002Fwp-json\u002Fwp\u002Fv2\u002Fposts",[289],"like_this_ajax_object",[]]