[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f0kV7zNODrMEFpAdwWcDUSlE9q-0uxM4mUGZZkAFXQSQ":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":38,"analysis":140,"fingerprints":842},"vote-it-up","Vote It Up","1.2.4","multippt","https:\u002F\u002Fprofiles.wordpress.org\u002Fmultippt\u002F","\u003Cp>This plugin adds voting functionality for posts. This function is similar to Reddit or Digg, in that visitors can vote for and against.\u003C\u002Fp>\n\u003Cp>Guests can also vote for posts. This functionality can be disabled as well.\u003C\u002Fp>\n\u003Cp>A widget can be displayed showing the most voted posts on your blog, giving further exposure to your popular posts.\u003C\u002Fp>\n\u003Cp>A brief summary of what the plugin has to offer:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Visitors can vote for your posts, if they are allowed to\u003C\u002Fli>\n\u003Cli>Easy management of post votes\u003C\u002Fli>\n\u003Cli>Two-way voting: People can vote for or against your posts if feature is enabled\u003C\u002Fli>\n\u003Cli>Post authors can be barred from voting their own posts\u003C\u002Fli>\n\u003Cli>Initial vote count feature enables the voting of posts the moment they were published\u003C\u002Fli>\n\u003Cli>Fairly customizable features\u003C\u002Fli>\n\u003Cli>Top voted post widget gives greater exposure of posts your readers like\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Requirements\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\n\u003Cp>A working WordPress install\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>WordPress theme must contain a call to the \u003Ccode>get_header()\u003C\u002Fcode> function\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>WordPress theme must contain the WordPress loop\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Most WordPress installs have these, so you need not worry about these.\u003C\u002Fp>\n\u003Cp>In addition, one must have JavaScript enabled in their browsers in order to vote.\u003C\u002Fp>\n\u003Cp>WordPress 2.8 or above is recommended for this plugin.\u003C\u002Fp>\n\u003Ch3>Customizing\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Votingfunctions.php\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Within \u003Ccode>votingfunctions.php\u003C\u002Fcode>, there are several functions that can shows other information.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>GetVotes($post_ID): Returns the number of votes associated with the post.\n\nUserVoted($post_ID, $user_ID): Returns TRUE if the user already voted for the post, FALSE if the user hasn't voted for the post\n\nGetPostVotes($post_ID): Returns an array of user IDs that have voted for the post.\n\nGetPostSinks($post_ID): Returns an array of user IDs that have voted against the post.\n\nSortVotes(): Returns an array of post IDs and votes. The array is sorted with the post having the most votes at the top of the array.\n\u003C\u002Fcode>\u003C\u002Fpre>\n","The Vote It Up plugin enables visitors to vote for and against posts.",90,75291,20,1,"2014-08-22T04:59:00.000Z","3.9.40","1.5","",[20,21,22,23,24],"ajax","feedback","popularity","post","voting","http:\u002F\u002Fwww.onfry.com\u002Fprojects\u002Fvoteitup\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvote-it-up.1.2.4.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":27,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},3,160,30,84,"2026-04-04T09:12:19.486Z",[39,64,82,100,118],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":47,"downloaded":48,"rating":49,"num_ratings":50,"last_updated":51,"tested_up_to":52,"requires_at_least":53,"requires_php":54,"tags":55,"homepage":59,"download_link":60,"security_score":61,"vuln_count":62,"unpatched_count":28,"last_vuln_date":63,"fetched_at":30},"kk-star-ratings","kk Star Ratings – Rate Post & Collect User Feedbacks","5.4.10.4","properfraction","https:\u002F\u002Fprofiles.wordpress.org\u002Fproperfraction\u002F","\u003Cp>kk Star Ratings is a widely used star rating plugin for wordpress. Here are some highlighted features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>User defined amount of star ratings (5 as default) in your \u003Cstrong>posts\u003C\u002Fstrong>, \u003Cstrong>pages\u003C\u002Fstrong> and publicly accesible \u003Cstrong>custom post types\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Structured data supporting \u003Cstrong>google rich snippets\u003C\u002Fstrong> showing the star ratings in search results which has the potential to drive more traffic to your website.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Widespread coverage of custom hooks.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Full control via options page. You can,\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Enable or disable globally.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Disable star ratings in posts that belong to certain categories.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Choose where to show the star ratings. It can be on the \u003Cstrong>homepage\u003C\u002Fstrong>, in \u003Cstrong>archives\u003C\u002Fstrong>, in \u003Cstrong>posts\u003C\u002Fstrong>, in \u003Cstrong>pages\u003C\u002Fstrong> and\u002For in \u003Cstrong>custom post types\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Control the structured data schema and type.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Restrict votings per unique ip.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Allow voting in archives.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Allow guests to vote.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Customize position within the post content.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Adjust the amount of stars.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>And much more…\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","kk Star Ratings allows blog visitors to involve and interact more effectively with your website by rating posts.",80000,2197646,78,171,"2026-03-04T12:53:00.000Z","6.9.4","5.0","7.4",[56,21,57,58,24],"ajax-ratings","rate-post","star-ratings","https:\u002F\u002Ffeedbackwp.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkk-star-ratings.5.4.10.4.zip",96,4,"2024-12-20 16:25:44",{"slug":65,"name":66,"version":67,"author":68,"author_profile":69,"description":70,"short_description":71,"active_installs":72,"downloaded":73,"rating":28,"num_ratings":28,"last_updated":74,"tested_up_to":52,"requires_at_least":53,"requires_php":54,"tags":75,"homepage":69,"download_link":81,"security_score":72,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"instant-emoji-reactions","Instant Emoji Reactions","1.0.2","Usama Khalid","https:\u002F\u002Fprofiles.wordpress.org\u002Fusamakhalid14\u002F","\u003Cp>Add emoji reactions to posts and custom post types, allowing both logged-in and guest users to express their feelings. This plugin enables users to engage with your content using fun and expressive emojis such as Agree, Disagree, Angry, Love, and Laugh. Reactions are stored for each post, providing valuable feedback and interaction metrics. Perfect for blogs, forums, and community-driven websites!\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is licensed under the GPL-2.0+ License. You can freely use, modify, and distribute it under the terms of this license. See the full license at: https:\u002F\u002Fopensource.org\u002Flicenses\u002FGPL-2.0\u003C\u002Fp>\n","Add emoji reactions to posts and custom post types on your WordPress site, enabling both logged-in and guest users to express their feelings.",100,1428,"2025-12-15T06:44:00.000Z",[76,77,78,79,80],"ajax-reactions","emoji-feedback","emoji-reactions","post-reactions","reaction-buttons","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Finstant-emoji-reactions.1.0.2.zip",{"slug":83,"name":84,"version":85,"author":86,"author_profile":87,"description":88,"short_description":89,"active_installs":90,"downloaded":91,"rating":28,"num_ratings":28,"last_updated":92,"tested_up_to":93,"requires_at_least":94,"requires_php":18,"tags":95,"homepage":96,"download_link":97,"security_score":98,"vuln_count":14,"unpatched_count":14,"last_vuln_date":99,"fetched_at":30},"starbox-voting","Starbox Voting","2.0.4","jigenhe","https:\u002F\u002Fprofiles.wordpress.org\u002Fjigenhe\u002F","\u003Cp>This plugin adds voting functionality for posts. visitors can vote for the post and against.\u003C\u002Fp>\n\u003Cp>The Plugin HomePage on right is wrong , i’ sorry to that, and you can see how it works click \u003Ca href=\"http:\u002F\u002Fwww.sealedbox.cn\u002Fstarbox\u002F\" rel=\"nofollow ugc\">Starbox Voting HomePage\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>If you like this plugin , and translate it to other language , please \u003Ca href=\"http:\u002F\u002Fwww.sealedbox.cn\u002Fstarbox\u002F\" rel=\"nofollow ugc\">let me know\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Change Log\u003C\u002Fp>\n\u003Cp>1.1: Add plugins init setting , set display image as default image.\u003C\u002Fp>\n\u003Cp>1.2: Repaire ajax Request ,no response .\u003C\u002Fp>\n\u003Cp>1.3  Add so Style to choose In \u003Ccode>Setting > Starbox\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>1.4  You can set style by yourself In \u003Ccode>Setting > Starbox\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>1.5  Change error: no effect when change style in backend\u003Cbr \u002F>\n     Add ghosing effect when mouse hover the stars\u003Cbr \u002F>\n     Change Style Setting Page style.\u003C\u002Fp>\n\u003Cp>1.6 Add Language Package\u003C\u002Fp>\n\u003Cp>1.7 Rename every function . to avoid with other plugins\u003C\u002Fp>\n\u003Cp>1.8 Compatible with Windows And Linux\u003C\u002Fp>\n\u003Cp>2.0.2 Fix database create table only have ‘wp_’ prefix .\u003C\u002Fp>\n\u003Cp>2.0.3 Clear code.\u003C\u002Fp>\n\u003Cp>2.0.4 Fix Ie8 Bug:add this right after  : \u003C\u002Fp>\n\u003Ch3>Requirements\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\n\u003Cp>A working WordPress install\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>WordPress theme must contain a call to the \u003Ccode>get_header()\u003C\u002Fcode> function\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>WordPress theme must contain the WordPress loop\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Most WordPress installs have these, so you need not worry about these.\u003C\u002Fp>\n\u003Cp>In addition, one must have JavaScript enabled in their browsers in order to vote.\u003C\u002Fp>\n\u003Ch3>Customizing\u003C\u002Fh3>\n\u003Cp>If the plugin cannot write to the database, you can try manually executing the below SQL queries (you can use phpMyAdmin to do this):\u003C\u002Fp>\n\u003Cpre>\u003Ccode>    CREATE TABLE `wp_starboxvoting` (\n                                  id int(11) NOT NULL auto_increment,\n                                  object_id int(11) NOT NULL,\n                                  ip varchar(64) character set latin1 NOT NULL,\n                                  vote int(11) NOT NULL,\n                              PRIMARY KEY  (`id`)\n                            ) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;\n\u003C\u002Fcode>\u003C\u002Fpre>\n","This plugin adds voting functionality for posts. visitors can vote for the post and against.",10,4665,"2009-05-05T09:45:00.000Z","2.7","2.0",[22,23,24],"http:\u002F\u002Fwww.sealedbox.cn\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fstarbox-voting.zip",64,"2011-02-22 00:00:00",{"slug":101,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":28,"downloaded":108,"rating":28,"num_ratings":28,"last_updated":109,"tested_up_to":110,"requires_at_least":111,"requires_php":18,"tags":112,"homepage":116,"download_link":117,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"blim-post-suggestion-and-vote","Blim Post Suggestion and Vote","1.0.4","blheson","https:\u002F\u002Fprofiles.wordpress.org\u002Fblheson\u002F","\u003Col>\n\u003Cli>Blim Post Suggestion and Vote (BPSV) is a plugin that suggests posts based on the category of the current post. \u003C\u002Fli>\n\u003Cli>The plugin comes fully setup, therefore, you are not required to perform any setup after activation. \u003C\u002Fli>\n\u003Cli>However, you can decide to manually, choose among the features offered by BPSV. You simply go to the general settings menu then click on Blim Post Suggestion and Vote.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Requirements\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>General Features\u003C\u002Fstrong> may be used by anyone with any web server (Apache, NGINX, etc.).\u003C\u002Fp>\n\u003Ch3>Plugin Features\u003C\u002Fh3>\n\u003Ch4>General Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Suggests posts\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Col>\n\u003Cli>As the heading implies, the plugin gets a post related by category to the current post and suggests to reader\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cul>\n\u003Cli>Upvote and Downvote\u003Cbr \u002F>\nReaders can upvote or downvote on various posts.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>BPSV Resources\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fblheson\u002Fblim-post-suggestion-and-vote\" rel=\"nofollow ugc\">BPSV GitHub repo\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n","A simple plugin that suggests post and offer vote feature",5405,"2023-01-28T18:08:00.000Z","6.0.11","4.0",[21,113,114,115,24],"post-suggestion","posts","vote","https:\u002F\u002Fbusinesstosales.com\u002Fcontact.html","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblim-post-suggestion-and-vote.1.0.4.zip",{"slug":119,"name":120,"version":121,"author":122,"author_profile":123,"description":124,"short_description":125,"active_installs":126,"downloaded":127,"rating":11,"num_ratings":128,"last_updated":129,"tested_up_to":52,"requires_at_least":130,"requires_php":54,"tags":131,"homepage":135,"download_link":136,"security_score":137,"vuln_count":138,"unpatched_count":28,"last_vuln_date":139,"fetched_at":30},"wordpress-popular-posts","WP Popular Posts","7.3.8","Hector Cabrera","https:\u002F\u002Fprofiles.wordpress.org\u002Fhcabrera\u002F","\u003Cp>WP Popular Posts is a highly customizable plugin that displays your most popular posts.\u003C\u002Fp>\n\u003Ch4>PSA: Plugin has been renamed as WP Popular Posts!\u003C\u002Fh4>\n\u003Cp>See the \u003Ca href=\"https:\u002F\u002Fcabrerahector.com\u002Fwordpress\u002Fwordpress-popular-posts-renamed-to-wp-popular-posts\u002F\" rel=\"nofollow ugc\">announcement\u003C\u002Fa> for more details.\u003C\u002Fp>\n\u003Ch4>Main Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Multiple Popular Posts Lists\u003C\u002Fstrong> – You can have several Popular Posts lists on your blog, each with its own settings!\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Time Range\u003C\u002Fstrong> – List those posts of your blog that have been the most popular ones within a specific time range (eg. last 24 hours, last 7 days, last 30 days, etc)!\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Post-type support\u003C\u002Fstrong> – Want to show other stuff than just posts and pages, eg. Popular \u003Cem>Products\u003C\u002Fem>? \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcabrerahector\u002Fwordpress-popular-posts\u002Fwiki\u002F5.-FAQ#i-want-to-have-a-popular-list-of-my-custom-post-type-how-can-i-do-that\" rel=\"nofollow ugc\">You can\u003C\u002Fa>!\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Thumbnails!\u003C\u002Fstrong> – Display a thumbnail of your posts! (\u003Cem>see the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcabrerahector\u002Fwordpress-popular-posts\u002Fwiki\u002F5.-FAQ#how-does-wordpress-popular-posts-pick-my-posts-thumbnails\" rel=\"nofollow ugc\">FAQ section\u003C\u002Fa> for more details\u003C\u002Fem>.)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Statistics dashboard\u003C\u002Fstrong> – See how your popular posts are doing directly from your admin area.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Sorting options\u003C\u002Fstrong> – Order your popular list by comments, views (default) or average views per day!\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom themes\u003C\u002Fstrong> – Out of the box, WP Popular Posts includes some themes so you can style your popular posts list (see \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcabrerahector\u002Fwordpress-popular-posts\u002Fwiki\u002F6.-Styling-the-list#themes\" rel=\"nofollow ugc\">Widget Themes\u003C\u002Fa> for more details).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Use your own layout!\u003C\u002Fstrong> – WPP is flexible enough to let you customize the look and feel of your popular posts! (see \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcabrerahector\u002Fwordpress-popular-posts\u002Fwiki\u002F5.-FAQ#how-can-i-use-my-own-html-markup-with-your-plugin\" rel=\"nofollow ugc\">customizing WPP’s HTML markup\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcabrerahector\u002Fwordpress-popular-posts\u002Fwiki\u002F6.-Styling-the-list\" rel=\"nofollow ugc\">How to style WP Popular Posts\u003C\u002Fa> for more.)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Performance Tools!\u003C\u002Fstrong> – WP Popular Posts includes a few options to make sure your site’s performance stays as good as ever! (see \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcabrerahector\u002Fwordpress-popular-posts\u002Fwiki\u002F7.-Performance\" rel=\"nofollow ugc\">Performance\u003C\u002Fa> for more details.)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>REST API support\u003C\u002Fstrong> – Embed your popular posts in your (web) app! (see \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcabrerahector\u002Fwordpress-popular-posts\u002Fwiki\u002F8.-REST-API-Endpoints\" rel=\"nofollow ugc\">REST API Endpoints\u003C\u002Fa> for more.)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Elementor support\u003C\u002Fstrong> – Are you building sites with Elementor? There’s a popular posts widget for it too!\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disqus support\u003C\u002Fstrong> – Sort your popular posts by Disqus comments count!\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Polylang & WPML 3.2+ support\u003C\u002Fstrong> – Show the translated version of your popular posts!\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WordPress Multisite support\u003C\u002Fstrong> – Each site on the network can have its own popular posts list!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Other Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Shortcode support\u003C\u002Fstrong> – Use the [wpp] shortcode to showcase your most popular posts on pages, too! For usage and instructions, please refer to the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwordpress-popular-posts\u002F#installation\" rel=\"ugc\">Installation section\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Template tags\u003C\u002Fstrong> – Don’t feel like using blocks? No problem! You can still embed your most popular entries on your theme using the \u003Ccode>wpp_get_mostpopular()\u003C\u002Fcode> template tag. Additionally, the \u003Ccode>wpp_get_views()\u003C\u002Fcode> template tag allows you to retrieve the views count for a particular post. For usage and instructions, please refer to the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwordpress-popular-posts\u002F#installation\" rel=\"ugc\">Installation section\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Localization\u003C\u002Fstrong> – \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcabrerahector\u002Fwordpress-popular-posts\u002Fwiki\u002F5.-FAQ#i-want-to-translate-your-plugin-into-my-language--help-you-update-a-translation-what-do-i-need-to-do\" rel=\"nofollow ugc\">Translate WPP into your own language\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-postratings\u002F\" rel=\"ugc\">WP-PostRatings\u003C\u002Fa> support\u003C\u002Fstrong> – Show your visitors how your readers are rating your posts!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>PSA: The classic WP Popular Posts widget has reached End-of-Life\u003C\u002Fh4>\n\u003Cp>The classic WP Popular Posts widget doesn’t work very well \u002F at all with the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fdocumentation\u002Farticle\u002Fblock-based-widgets-editor\u002F\" rel=\"ugc\">block-based Widgets editor\u003C\u002Fa> introduced with WordPress 5.8.\u003C\u002Fp>\n\u003Cp>This new Widgets editor expects \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fdocumentation\u002Farticle\u002Fblocks-list\u002F\" rel=\"ugc\">WordPress blocks\u003C\u002Fa> instead of regular WordPress widgets. If you’re using the classic WP Popular Posts widget please replace it with the \u003Ca href=\"https:\u002F\u002Fcabrerahector.com\u002Fwordpress\u002Fwordpress-popular-posts-5-3-improved-php-8-support-retina-display-support-and-more\u002F#block-editor-support\" rel=\"nofollow ugc\">WP Popular Posts block\u003C\u002Fa> instead – it has the same features and functionality as the “classic” widget so you won’t be missing anything at all. See the \u003Ca href=\"https:\u002F\u002Fcabrerahector.com\u002Fwordpress\u002Fmigrating-from-the-classic-popular-posts-widget\u002F\" rel=\"nofollow ugc\">Migration Guide\u003C\u002Fa> for more details.\u003C\u002Fp>\n\u003Cp>Bjorn from wplearninglab.com was kind enough to create a video explaining how to use the new block for all of you visual learners:\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Fmtzk6yNEaFs?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>If you cannot (or do not want to) use WordPress blocks on your website then please replace your classic widget with the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcabrerahector\u002Fwordpress-popular-posts\u002Fwiki\u002F1.-Using-WPP-on-posts-&-pages#the-wpp-shortcode\" rel=\"nofollow ugc\">[wpp] shortcode\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Support the Project!\u003C\u002Fh4>\n\u003Cp>If you’d like to support my work and efforts to creating and maintaining more open source projects your donations and messages of support mean a lot!\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fko-fi.com\u002Fcabrerahector\" rel=\"nofollow ugc\">Buy me a coffee\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.paypal.com\u002Fpaypalme\u002Fcabrerahector\" rel=\"nofollow ugc\">PayPal\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WP Popular Posts\u003C\u002Fstrong> is now also on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcabrerahector\u002Fwordpress-popular-posts\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>!\u003C\u002Fp>\n\u003Cp>Looking for a \u003Cstrong>Recent Posts\u003C\u002Fstrong> widget just as featured-packed as WP Popular Posts? \u003Cstrong>Try \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Frecently\u002F\" rel=\"ugc\">Recently\u003C\u002Fa>\u003C\u002Fstrong>!\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Flame graphic by freevector\u002FVecteezy.com.\u003C\u002Fli>\n\u003C\u002Ful>\n","A highly customizable, easy-to-use popular posts plugin!",100000,8599922,248,"2026-02-17T18:42:00.000Z","6.2",[132,22,114,133,134],"popular","top","widget","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwordpress-popular-posts\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwordpress-popular-posts.7.3.8.zip",94,7,"2025-01-03 10:02:32",{"attackSurface":141,"codeSignals":179,"taintFlows":602,"riskAssessment":827,"analyzedAt":841},{"hooks":142,"ajaxHandlers":175,"restRoutes":176,"shortcodes":177,"cronEvents":178,"entryPointCount":28,"unprotectedCount":28},[143,149,155,159,163,167,171],{"type":144,"name":145,"callback":146,"file":147,"line":148},"filter","whitelist_options","voteitup_alter_whitelist_options","voteconfig.php",13,{"type":150,"name":151,"callback":152,"file":153,"line":154},"action","wp_head","VoteItUp_header","voteitup.php",271,{"type":150,"name":156,"callback":157,"file":153,"line":158},"get_footer","VoteItUp_footer",272,{"type":150,"name":160,"callback":161,"file":153,"line":162},"admin_menu","VoteItUp_options",273,{"type":150,"name":164,"callback":165,"file":153,"line":166},"init","widget_MostVotedAllTime_init",274,{"type":150,"name":168,"callback":169,"file":153,"line":170},"the_post","DisplayVotesPrepareHook",281,{"type":150,"name":172,"callback":173,"file":153,"line":174},"the_content","DisplayVotesHook",282,[],[],[],[],{"dangerousFunctions":180,"sqlUsage":181,"outputEscaping":293,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":601},[],{"prepared":182,"raw":183,"locations":184},8,51,[185,189,192,194,197,200,202,204,206,208,210,212,214,216,218,220,222,224,227,229,230,232,234,236,238,240,242,244,246,248,250,252,254,256,258,260,262,264,266,268,270,272,274,276,279,281,283,285,287,289,291],{"file":186,"line":187,"context":188},"importdb.php",88,"$wpdb->get_var() with variable interpolation",{"file":190,"line":191,"context":188},"voteinstall.php",71,{"file":193,"line":182,"context":188},"voteoptions.php",{"file":195,"line":196,"context":188},"votingfunctions_v1.php",21,{"file":195,"line":198,"context":199},26,"$wpdb->query() with variable interpolation",{"file":195,"line":201,"context":188},38,{"file":195,"line":203,"context":199},43,{"file":195,"line":205,"context":188},58,{"file":195,"line":207,"context":188},59,{"file":195,"line":209,"context":188},60,{"file":195,"line":211,"context":188},61,{"file":195,"line":213,"context":188},115,{"file":195,"line":215,"context":188},132,{"file":195,"line":217,"context":188},178,{"file":195,"line":219,"context":188},179,{"file":195,"line":221,"context":188},206,{"file":195,"line":223,"context":188},207,{"file":195,"line":225,"context":226},225,"$wpdb->get_results() with variable interpolation",{"file":195,"line":228,"context":188},247,{"file":195,"line":128,"context":188},{"file":195,"line":231,"context":188},249,{"file":195,"line":233,"context":188},250,{"file":195,"line":235,"context":199},291,{"file":195,"line":237,"context":199},292,{"file":195,"line":239,"context":199},293,{"file":195,"line":241,"context":199},294,{"file":195,"line":243,"context":188},331,{"file":195,"line":245,"context":188},332,{"file":195,"line":247,"context":199},363,{"file":195,"line":249,"context":199},364,{"file":195,"line":251,"context":226},383,{"file":195,"line":253,"context":188},414,{"file":195,"line":255,"context":188},415,{"file":195,"line":257,"context":188},416,{"file":195,"line":259,"context":188},417,{"file":195,"line":261,"context":199},564,{"file":195,"line":263,"context":199},573,{"file":195,"line":265,"context":199},582,{"file":195,"line":267,"context":226},606,{"file":195,"line":269,"context":188},632,{"file":195,"line":271,"context":188},633,{"file":195,"line":273,"context":188},634,{"file":195,"line":275,"context":188},635,{"file":277,"line":278,"context":188},"votingfunctions_v3.php",123,{"file":277,"line":280,"context":188},142,{"file":277,"line":282,"context":226},155,{"file":277,"line":284,"context":199},361,{"file":277,"line":286,"context":199},369,{"file":277,"line":288,"context":199},370,{"file":277,"line":290,"context":199},379,{"file":277,"line":292,"context":199},380,{"escaped":62,"rawEcho":225,"locations":294},[295,297,299,300,301,303,304,306,307,309,310,313,314,316,317,318,319,320,321,322,323,325,326,328,329,330,331,332,333,334,335,336,338,341,342,343,344,345,346,347,348,349,351,353,355,357,358,359,360,361,362,363,364,365,366,368,370,372,374,376,377,379,382,383,384,385,386,387,388,389,390,391,392,393,394,395,396,397,398,400,401,403,406,407,408,409,410,411,412,413,414,415,417,419,420,421,422,423,424,426,427,428,429,432,433,434,435,436,437,438,439,440,441,443,444,445,446,447,448,449,450,451,452,453,455,456,457,458,460,462,463,464,466,467,468,469,471,473,474,475,477,478,479,481,482,484,486,487,488,490,491,492,493,495,496,497,498,500,502,503,504,506,507,508,509,511,512,513,514,515,517,518,519,520,522,524,525,526,527,529,530,531,532,533,535,536,537,539,541,542,543,545,547,549,551,553,555,557,559,560,561,563,564,565,566,567,569,571,573,575,577,579,581,583,585,586,587,589,590,591,592,593,595,597,599],{"file":186,"line":196,"context":296},"raw output",{"file":186,"line":298,"context":296},68,{"file":186,"line":27,"context":296},{"file":186,"line":217,"context":296},{"file":302,"line":211,"context":296},"skin.php",{"file":302,"line":211,"context":296},{"file":302,"line":305,"context":296},74,{"file":302,"line":305,"context":296},{"file":302,"line":308,"context":296},75,{"file":302,"line":308,"context":296},{"file":311,"line":312,"context":296},"skins\\bar\\skin.php",32,{"file":311,"line":312,"context":296},{"file":311,"line":315,"context":296},36,{"file":311,"line":315,"context":296},{"file":311,"line":315,"context":296},{"file":311,"line":315,"context":296},{"file":311,"line":315,"context":296},{"file":311,"line":315,"context":296},{"file":311,"line":315,"context":296},{"file":311,"line":315,"context":296},{"file":311,"line":324,"context":296},40,{"file":311,"line":203,"context":296},{"file":311,"line":327,"context":296},47,{"file":311,"line":327,"context":296},{"file":311,"line":327,"context":296},{"file":311,"line":327,"context":296},{"file":311,"line":327,"context":296},{"file":311,"line":327,"context":296},{"file":311,"line":183,"context":296},{"file":311,"line":205,"context":296},{"file":311,"line":205,"context":296},{"file":311,"line":337,"context":296},80,{"file":339,"line":340,"context":296},"skins\\orange_ticker\\skin.php",37,{"file":339,"line":201,"context":296},{"file":339,"line":201,"context":296},{"file":339,"line":201,"context":296},{"file":339,"line":201,"context":296},{"file":339,"line":201,"context":296},{"file":339,"line":201,"context":296},{"file":339,"line":201,"context":296},{"file":339,"line":201,"context":296},{"file":339,"line":350,"context":296},48,{"file":339,"line":352,"context":296},49,{"file":339,"line":354,"context":296},56,{"file":339,"line":356,"context":296},67,{"file":339,"line":298,"context":296},{"file":339,"line":308,"context":296},{"file":339,"line":187,"context":296},{"file":339,"line":11,"context":296},{"file":339,"line":11,"context":296},{"file":339,"line":11,"context":296},{"file":339,"line":11,"context":296},{"file":339,"line":11,"context":296},{"file":339,"line":11,"context":296},{"file":339,"line":367,"context":296},99,{"file":339,"line":369,"context":296},101,{"file":339,"line":371,"context":296},108,{"file":339,"line":373,"context":296},117,{"file":339,"line":375,"context":296},119,{"file":339,"line":375,"context":296},{"file":339,"line":378,"context":296},149,{"file":380,"line":381,"context":296},"skins\\percent\\skin.php",42,{"file":380,"line":381,"context":296},{"file":380,"line":381,"context":296},{"file":380,"line":381,"context":296},{"file":380,"line":381,"context":296},{"file":380,"line":381,"context":296},{"file":380,"line":381,"context":296},{"file":380,"line":381,"context":296},{"file":380,"line":327,"context":296},{"file":380,"line":183,"context":296},{"file":380,"line":354,"context":296},{"file":380,"line":354,"context":296},{"file":380,"line":354,"context":296},{"file":380,"line":354,"context":296},{"file":380,"line":354,"context":296},{"file":380,"line":354,"context":296},{"file":380,"line":207,"context":296},{"file":380,"line":399,"context":296},65,{"file":380,"line":399,"context":296},{"file":380,"line":402,"context":296},91,{"file":404,"line":405,"context":296},"skins\\text\\skin.php",33,{"file":404,"line":201,"context":296},{"file":404,"line":201,"context":296},{"file":404,"line":201,"context":296},{"file":404,"line":201,"context":296},{"file":404,"line":201,"context":296},{"file":404,"line":201,"context":296},{"file":404,"line":201,"context":296},{"file":404,"line":201,"context":296},{"file":404,"line":381,"context":296},{"file":404,"line":416,"context":296},45,{"file":404,"line":418,"context":296},50,{"file":404,"line":418,"context":296},{"file":404,"line":418,"context":296},{"file":404,"line":418,"context":296},{"file":404,"line":418,"context":296},{"file":404,"line":418,"context":296},{"file":404,"line":425,"context":296},54,{"file":404,"line":211,"context":296},{"file":404,"line":211,"context":296},{"file":404,"line":36,"context":296},{"file":430,"line":431,"context":296},"skins\\ticker\\skin.php",31,{"file":430,"line":340,"context":296},{"file":430,"line":340,"context":296},{"file":430,"line":340,"context":296},{"file":430,"line":340,"context":296},{"file":430,"line":340,"context":296},{"file":430,"line":340,"context":296},{"file":430,"line":340,"context":296},{"file":430,"line":340,"context":296},{"file":430,"line":381,"context":296},{"file":430,"line":442,"context":296},46,{"file":430,"line":183,"context":296},{"file":430,"line":183,"context":296},{"file":430,"line":183,"context":296},{"file":430,"line":183,"context":296},{"file":430,"line":183,"context":296},{"file":430,"line":183,"context":296},{"file":430,"line":425,"context":296},{"file":430,"line":209,"context":296},{"file":430,"line":209,"context":296},{"file":430,"line":27,"context":296},{"file":147,"line":454,"context":296},55,{"file":147,"line":209,"context":296},{"file":147,"line":211,"context":296},{"file":147,"line":298,"context":296},{"file":147,"line":459,"context":296},69,{"file":147,"line":461,"context":296},77,{"file":147,"line":49,"context":296},{"file":147,"line":371,"context":296},{"file":147,"line":465,"context":296},114,{"file":147,"line":215,"context":296},{"file":147,"line":215,"context":296},{"file":147,"line":215,"context":296},{"file":147,"line":470,"context":296},145,{"file":472,"line":324,"context":296},"voteinterface.php",{"file":472,"line":203,"context":296},{"file":472,"line":442,"context":296},{"file":153,"line":476,"context":296},63,{"file":153,"line":98,"context":296},{"file":153,"line":459,"context":296},{"file":153,"line":480,"context":296},70,{"file":153,"line":49,"context":296},{"file":153,"line":483,"context":296},81,{"file":153,"line":485,"context":296},82,{"file":153,"line":470,"context":296},{"file":153,"line":470,"context":296},{"file":153,"line":489,"context":296},151,{"file":153,"line":489,"context":296},{"file":153,"line":489,"context":296},{"file":153,"line":489,"context":296},{"file":153,"line":494,"context":296},153,{"file":153,"line":494,"context":296},{"file":153,"line":494,"context":296},{"file":153,"line":494,"context":296},{"file":153,"line":499,"context":296},158,{"file":153,"line":501,"context":296},167,{"file":153,"line":501,"context":296},{"file":153,"line":501,"context":296},{"file":153,"line":505,"context":296},169,{"file":153,"line":505,"context":296},{"file":153,"line":505,"context":296},{"file":153,"line":217,"context":296},{"file":153,"line":510,"context":296},184,{"file":153,"line":510,"context":296},{"file":153,"line":510,"context":296},{"file":153,"line":510,"context":296},{"file":153,"line":510,"context":296},{"file":153,"line":516,"context":296},188,{"file":153,"line":516,"context":296},{"file":153,"line":516,"context":296},{"file":153,"line":516,"context":296},{"file":153,"line":521,"context":296},189,{"file":153,"line":523,"context":296},192,{"file":153,"line":523,"context":296},{"file":153,"line":523,"context":296},{"file":153,"line":523,"context":296},{"file":153,"line":528,"context":296},193,{"file":153,"line":221,"context":296},{"file":153,"line":221,"context":296},{"file":153,"line":221,"context":296},{"file":153,"line":221,"context":296},{"file":153,"line":534,"context":296},210,{"file":153,"line":534,"context":296},{"file":153,"line":534,"context":296},{"file":153,"line":538,"context":296},211,{"file":153,"line":540,"context":296},214,{"file":153,"line":540,"context":296},{"file":153,"line":540,"context":296},{"file":153,"line":544,"context":296},215,{"file":153,"line":546,"context":296},239,{"file":153,"line":548,"context":296},240,{"file":153,"line":550,"context":296},242,{"file":153,"line":552,"context":296},261,{"file":195,"line":554,"context":296},479,{"file":195,"line":556,"context":296},480,{"file":195,"line":558,"context":296},481,{"file":195,"line":558,"context":296},{"file":195,"line":558,"context":296},{"file":195,"line":562,"context":296},483,{"file":195,"line":562,"context":296},{"file":195,"line":562,"context":296},{"file":195,"line":562,"context":296},{"file":195,"line":562,"context":296},{"file":195,"line":568,"context":296},487,{"file":195,"line":570,"context":296},489,{"file":195,"line":572,"context":296},680,{"file":195,"line":574,"context":296},721,{"file":277,"line":576,"context":296},256,{"file":277,"line":578,"context":296},258,{"file":277,"line":580,"context":296},303,{"file":277,"line":582,"context":296},304,{"file":277,"line":584,"context":296},305,{"file":277,"line":584,"context":296},{"file":277,"line":584,"context":296},{"file":277,"line":588,"context":296},306,{"file":277,"line":588,"context":296},{"file":277,"line":588,"context":296},{"file":277,"line":588,"context":296},{"file":277,"line":588,"context":296},{"file":277,"line":594,"context":296},310,{"file":277,"line":596,"context":296},312,{"file":277,"line":598,"context":296},456,{"file":277,"line":600,"context":296},490,[],[603,625,635,645,655,665,675,685,695,705,715,739,752,762,777,787,800,811],{"entryPoint":604,"graph":605,"unsanitizedCount":14,"severity":624},"LoadVote (skins\\bar\\skin.php:25)",{"nodes":606,"edges":620},[607,611,615],{"id":608,"type":609,"label":610,"file":311,"line":442},"n0","source","$_SERVER['REMOTE_ADDR']",{"id":612,"type":613,"label":614,"file":311,"line":442},"n1","transform","→ GuestVoted()",{"id":616,"type":617,"label":618,"file":277,"line":280,"wp_function":619},"n2","sink","get_var() [SQLi]","get_var",[621,623],{"from":608,"to":612,"sanitized":622},false,{"from":612,"to":616,"sanitized":622},"high",{"entryPoint":626,"graph":627,"unsanitizedCount":14,"severity":624},"\u003Cskin> (skins\\bar\\skin.php:0)",{"nodes":628,"edges":632},[629,630,631],{"id":608,"type":609,"label":610,"file":311,"line":442},{"id":612,"type":613,"label":614,"file":311,"line":442},{"id":616,"type":617,"label":618,"file":277,"line":280,"wp_function":619},[633,634],{"from":608,"to":612,"sanitized":622},{"from":612,"to":616,"sanitized":622},{"entryPoint":636,"graph":637,"unsanitizedCount":14,"severity":624},"LoadVote (skins\\orange_ticker\\skin.php:25)",{"nodes":638,"edges":642},[639,640,641],{"id":608,"type":609,"label":610,"file":339,"line":36},{"id":612,"type":613,"label":614,"file":339,"line":36},{"id":616,"type":617,"label":618,"file":277,"line":280,"wp_function":619},[643,644],{"from":608,"to":612,"sanitized":622},{"from":612,"to":616,"sanitized":622},{"entryPoint":646,"graph":647,"unsanitizedCount":14,"severity":624},"\u003Cskin> (skins\\orange_ticker\\skin.php:0)",{"nodes":648,"edges":652},[649,650,651],{"id":608,"type":609,"label":610,"file":339,"line":36},{"id":612,"type":613,"label":614,"file":339,"line":36},{"id":616,"type":617,"label":618,"file":277,"line":280,"wp_function":619},[653,654],{"from":608,"to":612,"sanitized":622},{"from":612,"to":616,"sanitized":622},{"entryPoint":656,"graph":657,"unsanitizedCount":14,"severity":624},"LoadVote (skins\\percent\\skin.php:25)",{"nodes":658,"edges":662},[659,660,661],{"id":608,"type":609,"label":610,"file":380,"line":454},{"id":612,"type":613,"label":614,"file":380,"line":454},{"id":616,"type":617,"label":618,"file":277,"line":280,"wp_function":619},[663,664],{"from":608,"to":612,"sanitized":622},{"from":612,"to":616,"sanitized":622},{"entryPoint":666,"graph":667,"unsanitizedCount":14,"severity":624},"\u003Cskin> (skins\\percent\\skin.php:0)",{"nodes":668,"edges":672},[669,670,671],{"id":608,"type":609,"label":610,"file":380,"line":454},{"id":612,"type":613,"label":614,"file":380,"line":454},{"id":616,"type":617,"label":618,"file":277,"line":280,"wp_function":619},[673,674],{"from":608,"to":612,"sanitized":622},{"from":612,"to":616,"sanitized":622},{"entryPoint":676,"graph":677,"unsanitizedCount":14,"severity":624},"LoadVote (skins\\text\\skin.php:27)",{"nodes":678,"edges":682},[679,680,681],{"id":608,"type":609,"label":610,"file":404,"line":352},{"id":612,"type":613,"label":614,"file":404,"line":352},{"id":616,"type":617,"label":618,"file":277,"line":280,"wp_function":619},[683,684],{"from":608,"to":612,"sanitized":622},{"from":612,"to":616,"sanitized":622},{"entryPoint":686,"graph":687,"unsanitizedCount":14,"severity":624},"\u003Cskin> (skins\\text\\skin.php:0)",{"nodes":688,"edges":692},[689,690,691],{"id":608,"type":609,"label":610,"file":404,"line":352},{"id":612,"type":613,"label":614,"file":404,"line":352},{"id":616,"type":617,"label":618,"file":277,"line":280,"wp_function":619},[693,694],{"from":608,"to":612,"sanitized":622},{"from":612,"to":616,"sanitized":622},{"entryPoint":696,"graph":697,"unsanitizedCount":14,"severity":624},"LoadVote (skins\\ticker\\skin.php:25)",{"nodes":698,"edges":702},[699,700,701],{"id":608,"type":609,"label":610,"file":430,"line":418},{"id":612,"type":613,"label":614,"file":430,"line":418},{"id":616,"type":617,"label":618,"file":277,"line":280,"wp_function":619},[703,704],{"from":608,"to":612,"sanitized":622},{"from":612,"to":616,"sanitized":622},{"entryPoint":706,"graph":707,"unsanitizedCount":14,"severity":624},"\u003Cskin> (skins\\ticker\\skin.php:0)",{"nodes":708,"edges":712},[709,710,711],{"id":608,"type":609,"label":610,"file":430,"line":418},{"id":612,"type":613,"label":614,"file":430,"line":418},{"id":616,"type":617,"label":618,"file":277,"line":280,"wp_function":619},[713,714],{"from":608,"to":612,"sanitized":622},{"from":612,"to":616,"sanitized":622},{"entryPoint":716,"graph":717,"unsanitizedCount":738,"severity":624},"\u003Cvoteinterface> (voteinterface.php:0)",{"nodes":718,"edges":734},[719,722,725,727,730],{"id":608,"type":609,"label":720,"file":472,"line":721},"$_GET (x3)",12,{"id":612,"type":617,"label":723,"file":472,"line":324,"wp_function":724},"echo() [XSS]","echo",{"id":616,"type":609,"label":726,"file":472,"line":324},"$_GET (x2)",{"id":728,"type":613,"label":729,"file":472,"line":324},"n3","→ GetVotes()",{"id":731,"type":617,"label":732,"file":277,"line":405,"wp_function":733},"n4","get_row() [SQLi]","get_row",[735,736,737],{"from":608,"to":612,"sanitized":622},{"from":616,"to":728,"sanitized":622},{"from":728,"to":731,"sanitized":622},5,{"entryPoint":740,"graph":741,"unsanitizedCount":751,"severity":624},"DisplayVotes (voteitup.php:127)",{"nodes":742,"edges":748},[743,746,747],{"id":608,"type":609,"label":744,"file":153,"line":745},"$_SERVER['REMOTE_ADDR'] (x2)",166,{"id":612,"type":613,"label":614,"file":153,"line":745},{"id":616,"type":617,"label":618,"file":277,"line":280,"wp_function":619},[749,750],{"from":608,"to":612,"sanitized":622},{"from":612,"to":616,"sanitized":622},2,{"entryPoint":753,"graph":754,"unsanitizedCount":751,"severity":624},"\u003Cvoteitup> (voteitup.php:0)",{"nodes":755,"edges":759},[756,757,758],{"id":608,"type":609,"label":744,"file":153,"line":745},{"id":612,"type":613,"label":614,"file":153,"line":745},{"id":616,"type":617,"label":618,"file":277,"line":280,"wp_function":619},[760,761],{"from":608,"to":612,"sanitized":622},{"from":612,"to":616,"sanitized":622},{"entryPoint":763,"graph":764,"unsanitizedCount":14,"severity":624},"VoteBulkEdit (votingfunctions_v1.php:516)",{"nodes":765,"edges":774},[766,769,771],{"id":608,"type":609,"label":767,"file":195,"line":768},"$_POST['post']",540,{"id":612,"type":613,"label":770,"file":195,"line":768},"→ ResetVote()",{"id":616,"type":617,"label":772,"file":277,"line":292,"wp_function":773},"query() [SQLi]","query",[775,776],{"from":608,"to":612,"sanitized":622},{"from":612,"to":616,"sanitized":622},{"entryPoint":778,"graph":779,"unsanitizedCount":14,"severity":624},"\u003Cvotingfunctions_v1> (votingfunctions_v1.php:0)",{"nodes":780,"edges":784},[781,782,783],{"id":608,"type":609,"label":767,"file":195,"line":768},{"id":612,"type":613,"label":770,"file":195,"line":768},{"id":616,"type":617,"label":772,"file":277,"line":292,"wp_function":773},[785,786],{"from":608,"to":612,"sanitized":622},{"from":612,"to":616,"sanitized":622},{"entryPoint":788,"graph":789,"unsanitizedCount":14,"severity":624},"GuestVote (votingfunctions_v3.php:194)",{"nodes":790,"edges":797},[791,794,796],{"id":608,"type":609,"label":792,"file":277,"line":793},"$_SERVER",204,{"id":612,"type":613,"label":795,"file":277,"line":793},"→ UserVoted()",{"id":616,"type":617,"label":618,"file":277,"line":278,"wp_function":619},[798,799],{"from":608,"to":612,"sanitized":622},{"from":612,"to":616,"sanitized":622},{"entryPoint":801,"graph":802,"unsanitizedCount":14,"severity":624},"VoteBulkEdit (votingfunctions_v3.php:327)",{"nodes":803,"edges":808},[804,806,807],{"id":608,"type":609,"label":767,"file":277,"line":805},349,{"id":612,"type":613,"label":770,"file":277,"line":805},{"id":616,"type":617,"label":772,"file":277,"line":292,"wp_function":773},[809,810],{"from":608,"to":612,"sanitized":622},{"from":612,"to":616,"sanitized":622},{"entryPoint":812,"graph":813,"unsanitizedCount":751,"severity":624},"\u003Cvotingfunctions_v3> (votingfunctions_v3.php:0)",{"nodes":814,"edges":822},[815,816,817,818,819,820],{"id":608,"type":609,"label":792,"file":277,"line":793},{"id":612,"type":613,"label":795,"file":277,"line":793},{"id":616,"type":617,"label":618,"file":277,"line":278,"wp_function":619},{"id":728,"type":609,"label":767,"file":277,"line":805},{"id":731,"type":613,"label":770,"file":277,"line":805},{"id":821,"type":617,"label":772,"file":277,"line":292,"wp_function":773},"n5",[823,824,825,826],{"from":608,"to":612,"sanitized":622},{"from":612,"to":616,"sanitized":622},{"from":728,"to":731,"sanitized":622},{"from":731,"to":821,"sanitized":622},{"summary":828,"deductions":829},"The \"vote-it-up\" v1.2.4 plugin presents a mixed security posture.  On the positive side, the plugin has no recorded vulnerabilities (CVEs), suggesting a history of good security practices or perhaps limited prior scrutiny.  It also boasts a clean attack surface with no apparent AJAX handlers, REST API routes, shortcodes, or cron events exposed, and importantly, no external HTTP requests, which significantly reduces the avenues for exploitation.\n\nHowever, the static analysis reveals several concerning areas.  A very low percentage of SQL queries are properly prepared (14%), indicating a high risk of SQL injection vulnerabilities.  Furthermore, an alarmingly low 2% of output is properly escaped, pointing to a high likelihood of Cross-Site Scripting (XSS) vulnerabilities. The taint analysis is particularly worrying, with 18 out of 18 flows identified as having unsanitized paths, all flagged as high severity. This suggests that user-supplied data is not being adequately validated or cleaned before being used in sensitive operations. The complete absence of nonce checks and capability checks on any potential entry points is another major concern, as it means that unauthorized users could potentially trigger actions within the plugin.\n\nIn conclusion, while the plugin's minimal attack surface and lack of historical CVEs are strengths, the prevalent issues with SQL query preparation, output escaping, and unsanitized data flows in the taint analysis are critical weaknesses. The absence of security checks like nonces and capabilities further exacerbates these risks.  The plugin's current state, despite no recorded CVEs, indicates a significant potential for exploitation.",[830,833,835,837,839],{"reason":831,"points":832},"High percentage of SQL queries not using prepared statements",15,{"reason":834,"points":721},"Very low percentage of output properly escaped",{"reason":836,"points":832},"High severity unsanitized taint flows",{"reason":838,"points":90},"No nonce checks found",{"reason":840,"points":90},"No capability checks found","2026-03-17T05:37:53.252Z",{"wat":843,"direct":855},{"assetPaths":844,"generatorPatterns":852,"scriptPaths":853,"versionParams":854},[845,846,847,848,849,850,851],"\u002Fwp-content\u002Fplugins\u002Fvote-it-up\u002Fvotestyles.css","\u002Fwp-content\u002Fplugins\u002Fvote-it-up\u002Fvoterajax.js","\u002Fwp-content\u002Fplugins\u002Fvote-it-up\u002Fvoteitup.css","\u002Fwp-content\u002Fplugins\u002Fvote-it-up\u002Fuserregister.js","\u002Fwp-content\u002Fplugins\u002Fvote-it-up\u002Fclosebutton.png","\u002Fwp-content\u002Fplugins\u002Fvote-it-up\u002Fvotedown.png","\u002Fwp-content\u002Fplugins\u002Fvote-it-up\u002Fvoteup.png",[],[846,848],[],{"cssClasses":856,"htmlComments":870,"htmlAttributes":871,"restEndpoints":877,"jsGlobals":878,"shortcodeOutput":890},[857,858,859,860,861,862,863,864,865,866,867,868,869],"regcontainer","regcontainerbackground","regpopup","regclosebutton","votewrapper","barcontainer","barfill","bartext","tickercontainer","tickertext","imagecontainer","votedown","voteup",[],[872,873,874,875,876],"javascript:regclose()","javascript:vote('votecount","javascript:sink('votecount","javascript:vote_ticker(","javascript:sink_ticker(",[],[879,880,881,882,883,884,885,886,887,888,889],"VoteItUp_ExtPath","voteitupint_path","voteitup_path","currentPostObject","user_ID","guest_votes","vote_text","use_votetext","allow_sinks","voteiu_skin","user_login",[]]