[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f9EoTYqWYhgAa3DjEzv4q0M6JifcXh0M1oimcncZSBzU":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":22,"download_link":23,"security_score":24,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":43,"crawl_stats":34,"alternatives":50,"analysis":154,"fingerprints":344},"starbox-voting","Starbox Voting","2.0.4","jigenhe","https:\u002F\u002Fprofiles.wordpress.org\u002Fjigenhe\u002F","\u003Cp>This plugin adds voting functionality for posts. visitors can vote for the post and against.\u003C\u002Fp>\n\u003Cp>The Plugin HomePage on right is wrong , i’ sorry to that, and you can see how it works click \u003Ca href=\"http:\u002F\u002Fwww.sealedbox.cn\u002Fstarbox\u002F\" rel=\"nofollow ugc\">Starbox Voting HomePage\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>If you like this plugin , and translate it to other language , please \u003Ca href=\"http:\u002F\u002Fwww.sealedbox.cn\u002Fstarbox\u002F\" rel=\"nofollow ugc\">let me know\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Change Log\u003C\u002Fp>\n\u003Cp>1.1: Add plugins init setting , set display image as default image.\u003C\u002Fp>\n\u003Cp>1.2: Repaire ajax Request ,no response .\u003C\u002Fp>\n\u003Cp>1.3  Add so Style to choose In \u003Ccode>Setting > Starbox\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>1.4  You can set style by yourself In \u003Ccode>Setting > Starbox\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>1.5  Change error: no effect when change style in backend\u003Cbr \u002F>\n     Add ghosing effect when mouse hover the stars\u003Cbr \u002F>\n     Change Style Setting Page style.\u003C\u002Fp>\n\u003Cp>1.6 Add Language Package\u003C\u002Fp>\n\u003Cp>1.7 Rename every function . to avoid with other plugins\u003C\u002Fp>\n\u003Cp>1.8 Compatible with Windows And Linux\u003C\u002Fp>\n\u003Cp>2.0.2 Fix database create table only have ‘wp_’ prefix .\u003C\u002Fp>\n\u003Cp>2.0.3 Clear code.\u003C\u002Fp>\n\u003Cp>2.0.4 Fix Ie8 Bug:add this right after  : \u003C\u002Fp>\n\u003Ch3>Requirements\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\n\u003Cp>A working WordPress install\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>WordPress theme must contain a call to the \u003Ccode>get_header()\u003C\u002Fcode> function\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>WordPress theme must contain the WordPress loop\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Most WordPress installs have these, so you need not worry about these.\u003C\u002Fp>\n\u003Cp>In addition, one must have JavaScript enabled in their browsers in order to vote.\u003C\u002Fp>\n\u003Ch3>Customizing\u003C\u002Fh3>\n\u003Cp>If the plugin cannot write to the database, you can try manually executing the below SQL queries (you can use phpMyAdmin to do this):\u003C\u002Fp>\n\u003Cpre>\u003Ccode>    CREATE TABLE `wp_starboxvoting` (\n                                  id int(11) NOT NULL auto_increment,\n                                  object_id int(11) NOT NULL,\n                                  ip varchar(64) character set latin1 NOT NULL,\n                                  vote int(11) NOT NULL,\n                              PRIMARY KEY  (`id`)\n                            ) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;\n\u003C\u002Fcode>\u003C\u002Fpre>\n","This plugin adds voting functionality for posts. visitors can vote for the post and against.",10,4665,0,"2009-05-05T09:45:00.000Z","2.7","2.0","",[19,20,21],"popularity","post","voting","http:\u002F\u002Fwww.sealedbox.cn\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fstarbox-voting.zip",64,1,"2011-02-22 00:00:00","2026-03-15T15:16:48.613Z",[29],{"id":30,"url_slug":31,"title":32,"description":33,"plugin_slug":4,"theme_slug":34,"affected_versions":35,"patched_in_version":34,"severity":36,"cvss_score":37,"cvss_vector":38,"vuln_type":39,"published_date":26,"updated_date":40,"references":41,"days_to_patch":34},"WF-f34383c7-1d98-4f8a-aa43-542fe2d9a567-starbox-voting","starbox-voting-full-path-disclosure","Starbox Voting \u003C= 2.0.4 - Full Path Disclosure","The Starbox Voting plugin for WordPress is vulnerable to Sensitive Data Exposure in versions up to, and including, 2.0.4 via error handling. This can allow unauthenticated attackers to extract sensitive data including the full path of the WordPress installation",null,"\u003C=2.0.4","medium",5.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:L\u002FI:N\u002FA:N","Exposure of Sensitive Information to an Unauthorized Actor","2024-01-22 19:56:02",[42],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Ff34383c7-1d98-4f8a-aa43-542fe2d9a567?source=api-prod",{"slug":7,"display_name":7,"profile_url":8,"plugin_count":44,"total_installs":45,"avg_security_score":46,"avg_patch_time_days":47,"trust_score":48,"computed_at":49},2,20,75,30,77,"2026-04-05T02:58:19.178Z",[51,70,95,118,135],{"slug":52,"name":53,"version":54,"author":55,"author_profile":56,"description":57,"short_description":58,"active_installs":59,"downloaded":60,"rating":45,"num_ratings":25,"last_updated":61,"tested_up_to":62,"requires_at_least":63,"requires_php":17,"tags":64,"homepage":67,"download_link":68,"security_score":69,"vuln_count":13,"unpatched_count":13,"last_vuln_date":34,"fetched_at":27},"vote-it-up","Vote It Up","1.2.4","multippt","https:\u002F\u002Fprofiles.wordpress.org\u002Fmultippt\u002F","\u003Cp>This plugin adds voting functionality for posts. This function is similar to Reddit or Digg, in that visitors can vote for and against.\u003C\u002Fp>\n\u003Cp>Guests can also vote for posts. This functionality can be disabled as well.\u003C\u002Fp>\n\u003Cp>A widget can be displayed showing the most voted posts on your blog, giving further exposure to your popular posts.\u003C\u002Fp>\n\u003Cp>A brief summary of what the plugin has to offer:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Visitors can vote for your posts, if they are allowed to\u003C\u002Fli>\n\u003Cli>Easy management of post votes\u003C\u002Fli>\n\u003Cli>Two-way voting: People can vote for or against your posts if feature is enabled\u003C\u002Fli>\n\u003Cli>Post authors can be barred from voting their own posts\u003C\u002Fli>\n\u003Cli>Initial vote count feature enables the voting of posts the moment they were published\u003C\u002Fli>\n\u003Cli>Fairly customizable features\u003C\u002Fli>\n\u003Cli>Top voted post widget gives greater exposure of posts your readers like\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Requirements\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\n\u003Cp>A working WordPress install\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>WordPress theme must contain a call to the \u003Ccode>get_header()\u003C\u002Fcode> function\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>WordPress theme must contain the WordPress loop\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Most WordPress installs have these, so you need not worry about these.\u003C\u002Fp>\n\u003Cp>In addition, one must have JavaScript enabled in their browsers in order to vote.\u003C\u002Fp>\n\u003Cp>WordPress 2.8 or above is recommended for this plugin.\u003C\u002Fp>\n\u003Ch3>Customizing\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Votingfunctions.php\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Within \u003Ccode>votingfunctions.php\u003C\u002Fcode>, there are several functions that can shows other information.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>GetVotes($post_ID): Returns the number of votes associated with the post.\n\nUserVoted($post_ID, $user_ID): Returns TRUE if the user already voted for the post, FALSE if the user hasn't voted for the post\n\nGetPostVotes($post_ID): Returns an array of user IDs that have voted for the post.\n\nGetPostSinks($post_ID): Returns an array of user IDs that have voted against the post.\n\nSortVotes(): Returns an array of post IDs and votes. The array is sorted with the post having the most votes at the top of the array.\n\u003C\u002Fcode>\u003C\u002Fpre>\n","The Vote It Up plugin enables visitors to vote for and against posts.",90,75291,"2014-08-22T04:59:00.000Z","3.9.40","1.5",[65,66,19,20,21],"ajax","feedback","http:\u002F\u002Fwww.onfry.com\u002Fprojects\u002Fvoteitup\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvote-it-up.1.2.4.zip",85,{"slug":71,"name":72,"version":73,"author":74,"author_profile":75,"description":76,"short_description":77,"active_installs":78,"downloaded":79,"rating":59,"num_ratings":80,"last_updated":81,"tested_up_to":82,"requires_at_least":83,"requires_php":84,"tags":85,"homepage":90,"download_link":91,"security_score":92,"vuln_count":93,"unpatched_count":13,"last_vuln_date":94,"fetched_at":27},"wordpress-popular-posts","WP Popular Posts","7.3.8","Hector Cabrera","https:\u002F\u002Fprofiles.wordpress.org\u002Fhcabrera\u002F","\u003Cp>WP Popular Posts is a highly customizable plugin that displays your most popular posts.\u003C\u002Fp>\n\u003Ch4>PSA: Plugin has been renamed as WP Popular Posts!\u003C\u002Fh4>\n\u003Cp>See the \u003Ca href=\"https:\u002F\u002Fcabrerahector.com\u002Fwordpress\u002Fwordpress-popular-posts-renamed-to-wp-popular-posts\u002F\" rel=\"nofollow ugc\">announcement\u003C\u002Fa> for more details.\u003C\u002Fp>\n\u003Ch4>Main Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Multiple Popular Posts Lists\u003C\u002Fstrong> – You can have several Popular Posts lists on your blog, each with its own settings!\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Time Range\u003C\u002Fstrong> – List those posts of your blog that have been the most popular ones within a specific time range (eg. last 24 hours, last 7 days, last 30 days, etc)!\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Post-type support\u003C\u002Fstrong> – Want to show other stuff than just posts and pages, eg. Popular \u003Cem>Products\u003C\u002Fem>? \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcabrerahector\u002Fwordpress-popular-posts\u002Fwiki\u002F5.-FAQ#i-want-to-have-a-popular-list-of-my-custom-post-type-how-can-i-do-that\" rel=\"nofollow ugc\">You can\u003C\u002Fa>!\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Thumbnails!\u003C\u002Fstrong> – Display a thumbnail of your posts! (\u003Cem>see the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcabrerahector\u002Fwordpress-popular-posts\u002Fwiki\u002F5.-FAQ#how-does-wordpress-popular-posts-pick-my-posts-thumbnails\" rel=\"nofollow ugc\">FAQ section\u003C\u002Fa> for more details\u003C\u002Fem>.)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Statistics dashboard\u003C\u002Fstrong> – See how your popular posts are doing directly from your admin area.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Sorting options\u003C\u002Fstrong> – Order your popular list by comments, views (default) or average views per day!\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom themes\u003C\u002Fstrong> – Out of the box, WP Popular Posts includes some themes so you can style your popular posts list (see \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcabrerahector\u002Fwordpress-popular-posts\u002Fwiki\u002F6.-Styling-the-list#themes\" rel=\"nofollow ugc\">Widget Themes\u003C\u002Fa> for more details).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Use your own layout!\u003C\u002Fstrong> – WPP is flexible enough to let you customize the look and feel of your popular posts! (see \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcabrerahector\u002Fwordpress-popular-posts\u002Fwiki\u002F5.-FAQ#how-can-i-use-my-own-html-markup-with-your-plugin\" rel=\"nofollow ugc\">customizing WPP’s HTML markup\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcabrerahector\u002Fwordpress-popular-posts\u002Fwiki\u002F6.-Styling-the-list\" rel=\"nofollow ugc\">How to style WP Popular Posts\u003C\u002Fa> for more.)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Performance Tools!\u003C\u002Fstrong> – WP Popular Posts includes a few options to make sure your site’s performance stays as good as ever! (see \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcabrerahector\u002Fwordpress-popular-posts\u002Fwiki\u002F7.-Performance\" rel=\"nofollow ugc\">Performance\u003C\u002Fa> for more details.)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>REST API support\u003C\u002Fstrong> – Embed your popular posts in your (web) app! (see \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcabrerahector\u002Fwordpress-popular-posts\u002Fwiki\u002F8.-REST-API-Endpoints\" rel=\"nofollow ugc\">REST API Endpoints\u003C\u002Fa> for more.)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Elementor support\u003C\u002Fstrong> – Are you building sites with Elementor? There’s a popular posts widget for it too!\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disqus support\u003C\u002Fstrong> – Sort your popular posts by Disqus comments count!\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Polylang & WPML 3.2+ support\u003C\u002Fstrong> – Show the translated version of your popular posts!\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WordPress Multisite support\u003C\u002Fstrong> – Each site on the network can have its own popular posts list!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Other Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Shortcode support\u003C\u002Fstrong> – Use the [wpp] shortcode to showcase your most popular posts on pages, too! For usage and instructions, please refer to the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwordpress-popular-posts\u002F#installation\" rel=\"ugc\">Installation section\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Template tags\u003C\u002Fstrong> – Don’t feel like using blocks? No problem! You can still embed your most popular entries on your theme using the \u003Ccode>wpp_get_mostpopular()\u003C\u002Fcode> template tag. Additionally, the \u003Ccode>wpp_get_views()\u003C\u002Fcode> template tag allows you to retrieve the views count for a particular post. For usage and instructions, please refer to the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwordpress-popular-posts\u002F#installation\" rel=\"ugc\">Installation section\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Localization\u003C\u002Fstrong> – \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcabrerahector\u002Fwordpress-popular-posts\u002Fwiki\u002F5.-FAQ#i-want-to-translate-your-plugin-into-my-language--help-you-update-a-translation-what-do-i-need-to-do\" rel=\"nofollow ugc\">Translate WPP into your own language\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-postratings\u002F\" rel=\"ugc\">WP-PostRatings\u003C\u002Fa> support\u003C\u002Fstrong> – Show your visitors how your readers are rating your posts!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>PSA: The classic WP Popular Posts widget has reached End-of-Life\u003C\u002Fh4>\n\u003Cp>The classic WP Popular Posts widget doesn’t work very well \u002F at all with the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fdocumentation\u002Farticle\u002Fblock-based-widgets-editor\u002F\" rel=\"ugc\">block-based Widgets editor\u003C\u002Fa> introduced with WordPress 5.8.\u003C\u002Fp>\n\u003Cp>This new Widgets editor expects \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fdocumentation\u002Farticle\u002Fblocks-list\u002F\" rel=\"ugc\">WordPress blocks\u003C\u002Fa> instead of regular WordPress widgets. If you’re using the classic WP Popular Posts widget please replace it with the \u003Ca href=\"https:\u002F\u002Fcabrerahector.com\u002Fwordpress\u002Fwordpress-popular-posts-5-3-improved-php-8-support-retina-display-support-and-more\u002F#block-editor-support\" rel=\"nofollow ugc\">WP Popular Posts block\u003C\u002Fa> instead – it has the same features and functionality as the “classic” widget so you won’t be missing anything at all. See the \u003Ca href=\"https:\u002F\u002Fcabrerahector.com\u002Fwordpress\u002Fmigrating-from-the-classic-popular-posts-widget\u002F\" rel=\"nofollow ugc\">Migration Guide\u003C\u002Fa> for more details.\u003C\u002Fp>\n\u003Cp>Bjorn from wplearninglab.com was kind enough to create a video explaining how to use the new block for all of you visual learners:\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Fmtzk6yNEaFs?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>If you cannot (or do not want to) use WordPress blocks on your website then please replace your classic widget with the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcabrerahector\u002Fwordpress-popular-posts\u002Fwiki\u002F1.-Using-WPP-on-posts-&-pages#the-wpp-shortcode\" rel=\"nofollow ugc\">[wpp] shortcode\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Support the Project!\u003C\u002Fh4>\n\u003Cp>If you’d like to support my work and efforts to creating and maintaining more open source projects your donations and messages of support mean a lot!\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fko-fi.com\u002Fcabrerahector\" rel=\"nofollow ugc\">Buy me a coffee\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.paypal.com\u002Fpaypalme\u002Fcabrerahector\" rel=\"nofollow ugc\">PayPal\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WP Popular Posts\u003C\u002Fstrong> is now also on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcabrerahector\u002Fwordpress-popular-posts\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>!\u003C\u002Fp>\n\u003Cp>Looking for a \u003Cstrong>Recent Posts\u003C\u002Fstrong> widget just as featured-packed as WP Popular Posts? \u003Cstrong>Try \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Frecently\u002F\" rel=\"ugc\">Recently\u003C\u002Fa>\u003C\u002Fstrong>!\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Flame graphic by freevector\u002FVecteezy.com.\u003C\u002Fli>\n\u003C\u002Ful>\n","A highly customizable, easy-to-use popular posts plugin!",100000,8599922,248,"2026-02-17T18:42:00.000Z","6.9.4","6.2","7.4",[86,19,87,88,89],"popular","posts","top","widget","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwordpress-popular-posts\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwordpress-popular-posts.7.3.8.zip",94,7,"2025-01-03 10:02:32",{"slug":96,"name":97,"version":98,"author":99,"author_profile":100,"description":101,"short_description":102,"active_installs":103,"downloaded":104,"rating":105,"num_ratings":106,"last_updated":107,"tested_up_to":82,"requires_at_least":108,"requires_php":84,"tags":109,"homepage":113,"download_link":114,"security_score":115,"vuln_count":116,"unpatched_count":13,"last_vuln_date":117,"fetched_at":27},"kk-star-ratings","kk Star Ratings – Rate Post & Collect User Feedbacks","5.4.10.4","properfraction","https:\u002F\u002Fprofiles.wordpress.org\u002Fproperfraction\u002F","\u003Cp>kk Star Ratings is a widely used star rating plugin for wordpress. Here are some highlighted features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>User defined amount of star ratings (5 as default) in your \u003Cstrong>posts\u003C\u002Fstrong>, \u003Cstrong>pages\u003C\u002Fstrong> and publicly accesible \u003Cstrong>custom post types\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Structured data supporting \u003Cstrong>google rich snippets\u003C\u002Fstrong> showing the star ratings in search results which has the potential to drive more traffic to your website.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Widespread coverage of custom hooks.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Full control via options page. You can,\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Enable or disable globally.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Disable star ratings in posts that belong to certain categories.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Choose where to show the star ratings. It can be on the \u003Cstrong>homepage\u003C\u002Fstrong>, in \u003Cstrong>archives\u003C\u002Fstrong>, in \u003Cstrong>posts\u003C\u002Fstrong>, in \u003Cstrong>pages\u003C\u002Fstrong> and\u002For in \u003Cstrong>custom post types\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Control the structured data schema and type.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Restrict votings per unique ip.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Allow voting in archives.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Allow guests to vote.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Customize position within the post content.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Adjust the amount of stars.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>And much more…\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","kk Star Ratings allows blog visitors to involve and interact more effectively with your website by rating posts.",80000,2197646,78,171,"2026-03-04T12:53:00.000Z","5.0",[110,66,111,112,21],"ajax-ratings","rate-post","star-ratings","https:\u002F\u002Ffeedbackwp.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkk-star-ratings.5.4.10.4.zip",96,4,"2024-12-20 16:25:44",{"slug":119,"name":120,"version":121,"author":122,"author_profile":123,"description":124,"short_description":125,"active_installs":126,"downloaded":127,"rating":13,"num_ratings":13,"last_updated":128,"tested_up_to":129,"requires_at_least":130,"requires_php":17,"tags":131,"homepage":133,"download_link":134,"security_score":69,"vuln_count":13,"unpatched_count":13,"last_vuln_date":34,"fetched_at":27},"wp-ranking-pro","WP-Ranking PRO","1.0.3","plugmize","https:\u002F\u002Fprofiles.wordpress.org\u002Fplugmize\u002F","\u003Cp>“WP-Ranking PRO” is a widget plugin with advanced features to display the ranking of popular articles in each elements and period on your blog.\u003C\u002Fp>\n\u003Ch4>Main Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Time Range\u003C\u002Fstrong> – It displays the ranking within the specified period of time.(eg. 24 h, 1 week, 1 month, 1 year, all, etc.)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Mobile-friendly\u003C\u002Fstrong> – Make an aggregate individually in the PC and mobile(smartphone, tablet, etc.). Mobile accesses is distinguished by the user agent and a rank is made.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Ranking Cache\u003C\u002Fstrong> – The ranking data has the ability to cache a certain period of time.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Shortcode support.\u003C\u002Fstrong> – You can make your own page on ranking.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>PHP code support.\u003C\u002Fstrong> – By the specify the ranking information to be displayed in the PHP code, you can make any rankings page.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multi-widget\u003C\u002Fstrong> support.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom-widgets capable\u003C\u002Fstrong> – Them rankings can freely customize title, characters, various articles, various categories, various tags, period, equipment or HTML tags, and more.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Display a thumbnail of your posts.\u003C\u002Fstrong> It is possible to select a thumbnail to display.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Exclusion from the aggregation target.\u003C\u002Fstrong> – You can exclude access from a particular environment from the aggregation target.(eg. the origin of access, HTTP referers, user agents, logged-in users.)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Post-type\u003C\u002Fstrong> support!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Other Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Summary of rankings can be \u003Cstrong>displayed on the dashboard\u003C\u002Fstrong> (wp-admin).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic clearance of log.\u003C\u002Fstrong> – Data is accumulated by a data base, but I have the function from which the log which accumulated can be eliminated automatically.\u003C\u002Fli>\n\u003Cli>Rebuild cache\u003C\u002Fli>\n\u003Cli>Clear cache\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>There is following function.\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Periods: 24 h, 1 week, 1 month, 1 year, all, and more\u003C\u002Fli>\n\u003Cli>Exclusions: the origin of access, HTTP referers, user agents, logged-in users\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Language support\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Japanese\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>English\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n","\"WP-Ranking PRO\" totals a page view, and into which a popular article can be formed by various elements or periods.",60,3569,"2017-10-20T19:48:00.000Z","4.8.28","4.5",[86,19,20,87,132],"ranking","https:\u002F\u002Fplugmize.jp\u002Fproduct\u002Fwp-ranking-pro","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-ranking-pro.1.0.3.zip",{"slug":136,"name":137,"version":138,"author":139,"author_profile":140,"description":141,"short_description":142,"active_installs":11,"downloaded":143,"rating":144,"num_ratings":145,"last_updated":146,"tested_up_to":147,"requires_at_least":148,"requires_php":17,"tags":149,"homepage":17,"download_link":153,"security_score":69,"vuln_count":13,"unpatched_count":13,"last_vuln_date":34,"fetched_at":27},"gp-post-like","Gp post Like","1.0","Ganesh Paygude","https:\u002F\u002Fprofiles.wordpress.org\u002Fganeshpaygude\u002F","\u003Cp>Allow user add post like button above or below post content\u003C\u002Fp>\n\u003Cp>Major features in Gp post Like include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Setting option checkbox  Allow user add post like button above or below post content\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Arbitrary section\u003C\u002Fh3>\n\u003Ch3>A brief Markdown Example\u003C\u002Fh3>\n","Allow user add post like button above or below post content.",2210,100,3,"2018-02-06T06:37:00.000Z","4.9.29","3.2",[150,151,152,21],"like","post-like","post-voting","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgp-post-like.1.0.zip",{"attackSurface":155,"codeSignals":174,"taintFlows":212,"riskAssessment":324,"analyzedAt":343},{"hooks":156,"ajaxHandlers":170,"restRoutes":171,"shortcodes":172,"cronEvents":173,"entryPointCount":13,"unprotectedCount":13},[157,163,166],{"type":158,"name":159,"callback":160,"file":161,"line":162},"action","plugins_loaded","start_plugin","starbox.php",76,{"type":158,"name":164,"callback":165,"file":161,"line":92},"admin_menu","add_option_page",{"type":158,"name":167,"callback":168,"file":161,"line":169},"admin_notices","anonymous",223,[],[],[],[],{"dangerousFunctions":175,"sqlUsage":180,"outputEscaping":193,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":211},[176],{"fn":177,"file":161,"line":178,"context":179},"create_function",225,"create_function(",{"prepared":25,"raw":116,"locations":181},[182,185,189,191],{"file":161,"line":183,"context":184},186,"$wpdb->get_var() with variable interpolation",{"file":186,"line":187,"context":188},"star_view.php",81,"$wpdb->get_results() with variable interpolation",{"file":186,"line":190,"context":188},101,{"file":186,"line":192,"context":188},117,{"escaped":13,"rawEcho":194,"locations":195},6,[196,200,202,205,207,209],{"file":197,"line":198,"context":199},"ajax.php",27,"raw output",{"file":201,"line":11,"context":199},"js\\function.js.php",{"file":203,"line":204,"context":199},"options.php",87,{"file":186,"line":206,"context":199},12,{"file":186,"line":208,"context":199},14,{"file":186,"line":210,"context":199},15,[],[213,230,239,287,312],{"entryPoint":214,"graph":215,"unsanitizedCount":25,"severity":229},"\u003Cajax> (ajax.php:0)",{"nodes":216,"edges":226},[217,221],{"id":218,"type":219,"label":220,"file":197,"line":198},"n0","source","$_POST['id']",{"id":222,"type":223,"label":224,"file":197,"line":198,"wp_function":225},"n1","sink","echo() [XSS]","echo",[227],{"from":218,"to":222,"sanitized":228},false,"low",{"entryPoint":231,"graph":232,"unsanitizedCount":25,"severity":229},"\u003Cfunction.js> (js\\function.js.php:0)",{"nodes":233,"edges":237},[234,236],{"id":218,"type":219,"label":235,"file":201,"line":145},"$_SERVER",{"id":222,"type":223,"label":224,"file":201,"line":11,"wp_function":225},[238],{"from":218,"to":222,"sanitized":228},{"entryPoint":240,"graph":241,"unsanitizedCount":116,"severity":229},"starbox_option_admin (options.php:10)",{"nodes":242,"edges":278},[243,246,249,254,257,259,262,265,267,270,273,275],{"id":218,"type":219,"label":244,"file":203,"line":245},"$_POST['button']",18,{"id":222,"type":247,"label":248,"file":203,"line":245},"transform","→ implode_starbox_style()",{"id":250,"type":223,"label":251,"file":186,"line":252,"wp_function":253},"n2","update_option() [Settings Manipulation]",133,"update_option",{"id":255,"type":219,"label":256,"file":203,"line":245},"n3","$_POST['overlay']",{"id":258,"type":247,"label":248,"file":203,"line":245},"n4",{"id":260,"type":223,"label":251,"file":186,"line":261,"wp_function":253},"n5",134,{"id":263,"type":219,"label":264,"file":203,"line":245},"n6","$_POST['classname']",{"id":266,"type":247,"label":248,"file":203,"line":245},"n7",{"id":268,"type":223,"label":251,"file":186,"line":269,"wp_function":253},"n8",135,{"id":271,"type":219,"label":272,"file":203,"line":245},"n9","$_POST['ghost']",{"id":274,"type":247,"label":248,"file":203,"line":245},"n10",{"id":276,"type":223,"label":251,"file":186,"line":277,"wp_function":253},"n11",136,[279,280,281,282,283,284,285,286],{"from":218,"to":222,"sanitized":228},{"from":222,"to":250,"sanitized":228},{"from":255,"to":258,"sanitized":228},{"from":258,"to":260,"sanitized":228},{"from":263,"to":266,"sanitized":228},{"from":266,"to":268,"sanitized":228},{"from":271,"to":274,"sanitized":228},{"from":274,"to":276,"sanitized":228},{"entryPoint":288,"graph":289,"unsanitizedCount":116,"severity":229},"\u003Coptions> (options.php:0)",{"nodes":290,"edges":303},[291,292,293,294,295,296,297,298,299,300,301,302],{"id":218,"type":219,"label":244,"file":203,"line":245},{"id":222,"type":247,"label":248,"file":203,"line":245},{"id":250,"type":223,"label":251,"file":186,"line":252,"wp_function":253},{"id":255,"type":219,"label":256,"file":203,"line":245},{"id":258,"type":247,"label":248,"file":203,"line":245},{"id":260,"type":223,"label":251,"file":186,"line":261,"wp_function":253},{"id":263,"type":219,"label":264,"file":203,"line":245},{"id":266,"type":247,"label":248,"file":203,"line":245},{"id":268,"type":223,"label":251,"file":186,"line":269,"wp_function":253},{"id":271,"type":219,"label":272,"file":203,"line":245},{"id":274,"type":247,"label":248,"file":203,"line":245},{"id":276,"type":223,"label":251,"file":186,"line":277,"wp_function":253},[304,305,306,307,308,309,310,311],{"from":218,"to":222,"sanitized":228},{"from":222,"to":250,"sanitized":228},{"from":255,"to":258,"sanitized":228},{"from":258,"to":260,"sanitized":228},{"from":263,"to":266,"sanitized":228},{"from":266,"to":268,"sanitized":228},{"from":271,"to":274,"sanitized":228},{"from":274,"to":276,"sanitized":228},{"entryPoint":313,"graph":314,"unsanitizedCount":25,"severity":323},"\u003Cstar_view> (star_view.php:0)",{"nodes":315,"edges":321},[316,318],{"id":218,"type":219,"label":235,"file":186,"line":317},115,{"id":222,"type":223,"label":319,"file":186,"line":192,"wp_function":320},"get_results() [SQLi]","get_results",[322],{"from":218,"to":222,"sanitized":228},"high",{"summary":325,"deductions":326},"The starbox-voting v2.0.4 plugin exhibits several concerning security weaknesses despite a seemingly low attack surface and no external dependencies. The static analysis reveals a significant lack of proper output escaping, with 100% of identified outputs not being properly escaped. This is a critical vulnerability that could lead to Cross-Site Scripting (XSS) attacks, allowing attackers to inject malicious scripts into the site. Furthermore, the use of the `create_function` is a deprecated and potentially insecure practice.  The taint analysis also highlights an issue with unsanitized paths, indicating a potential for insecure file operations or data manipulation, even though no explicit file operations were detected. The plugin's history of a medium-severity 'Exposure of Sensitive Information' CVE, which remains unpatched, adds to the overall risk profile. While the absence of AJAX handlers, REST API routes, shortcodes, and cron events limits direct attack vectors, the identified code quality issues and historical vulnerability suggest a developer who may not prioritize robust security practices. The combination of unescaped output, potential unsanitized data flow, and a past unpatched vulnerability presents a notable risk to any WordPress site using this plugin.",[327,329,332,335,337,339,341],{"reason":328,"points":210},"0% properly escaped output",{"reason":330,"points":331},"Use of dangerous function 'create_function'",5,{"reason":333,"points":334},"Taint flow with unsanitized paths",8,{"reason":336,"points":210},"Unpatched medium severity CVE",{"reason":338,"points":331},"20% SQL queries using prepared statements",{"reason":340,"points":93},"No nonce checks",{"reason":342,"points":93},"No capability checks","2026-03-17T00:26:29.314Z",{"wat":345,"direct":361},{"assetPaths":346,"generatorPatterns":353,"scriptPaths":354,"versionParams":355},[347,348,349,350,351,352],"\u002Fwp-content\u002Fplugins\u002Fstarbox-voting\u002Fcss\u002Fstarbox.css","\u002Fwp-content\u002Fplugins\u002Fstarbox-voting\u002Fcss\u002Foption_style.css","\u002Fwp-content\u002Fplugins\u002Fstarbox-voting\u002Fjs\u002Fprototype.js","\u002Fwp-content\u002Fplugins\u002Fstarbox-voting\u002Fjs\u002Fscriptaculous.js","\u002Fwp-content\u002Fplugins\u002Fstarbox-voting\u002Fjs\u002Fstarbox.js","\u002Fwp-content\u002Fplugins\u002Fstarbox-voting\u002Fjs\u002Ffunction.js.php",[],[351,352],[356,357,358,359,360],"starbox.css?ver=","prototype.js?ver=","scriptaculous.js?ver=","starbox.js?ver=","function.js.php?ver=",{"cssClasses":362,"htmlComments":364,"htmlAttributes":367,"restEndpoints":373,"jsGlobals":374,"shortcodeOutput":375},[363],"starbox",[365,366],"You can see more information at : http:\u002F\u002Fwww.sealedbox.cn\u002Fstarbox\u002F","**** Change Log ****",[368,369,370,371,372],"starbox_button","starbox_overlay","starbox_class","starbox_ghost","starbox_version",[],[],[]]