[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fizPSy9lIRDRauWO_emKFfgk7G6oynV4kfw6t-3s5xmg":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":37,"analysis":131,"fingerprints":201},"wp-calais-archive-tagger","WP Calais Archive Tagger","1.5","dangrossman","https:\u002F\u002Fprofiles.wordpress.org\u002Fdangrossman\u002F","\u003Cp>The Calais Archive Tagger plugin automatically goes through your archives and tags every post you’ve written. The plugin uses the Open Calais API to perform semantic analysis of your post text and suggest tags. If a post already contains a suggested tag, that tag isn’t added, but other new tags found are. It takes about 5 minutes to tag 200 posts.\u003C\u002Fp>\n\u003Cp>This plugin requires PHP 5 and the cURL library (both of which are available on most web hosts).\u003C\u002Fp>\n\u003Cp>Also see \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fcalais-auto-tagger\u002F\" rel=\"ugc\">WP Calais Auto Tagger\u003C\u002Fa> for suggesting tags as you write new posts.\u003C\u002Fp>\n","Goes through your archives and adds tags to your posts based on semantic analysis.",10,8873,0,"2012-02-09T18:26:00.000Z","3.3.2","2.3","",[19,20,21,22,23],"semantic-web","semweb","tagger","tagging","tags","http:\u002F\u002Fwww.dangrossman.info\u002Fwp-calais-archive-tagger","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-calais-archive-tagger.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":33,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},3,70,78,30,79,"2026-04-04T19:08:33.521Z",[38,53,74,93,111],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":34,"downloaded":46,"rating":13,"num_ratings":13,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":17,"tags":50,"homepage":51,"download_link":52,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"yql-auto-tagger","YQL Auto Tagger","1.3.1","freekrai","https:\u002F\u002Fprofiles.wordpress.org\u002Ffreekrai\u002F","\u003Cp>With the YQL Auto Tagger plugin, you’ll never have to think of tags for your posts again. The plugin uses the Yahoo Query Language to perform semantic analysis of your post text and suggest tags for you. Add them to your post with just a click.\u003C\u002Fp>\n\u003Cp>This plugin requires PHP 5 and the cURL library (both of which are available on most web hosts).\u003C\u002Fp>\n\u003Cp>Based on the Open Calais Auto Tagger by Dan Grossman – http:\u002F\u002Fwww.dangrossman.info\u003C\u002Fp>\n","The plugin performs an analysis of your post text and suggests tags for you.",9456,"2010-02-02T17:16:00.000Z","2.8.5","2.7",[19,20,21,22,23],"http:\u002F\u002Fwww.rogerstringer.com\u002Fwp-yql-auto-tagger","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fyql-auto-tagger.zip",{"slug":54,"name":55,"version":56,"author":57,"author_profile":58,"description":59,"short_description":60,"active_installs":61,"downloaded":62,"rating":63,"num_ratings":64,"last_updated":65,"tested_up_to":66,"requires_at_least":67,"requires_php":17,"tags":68,"homepage":72,"download_link":73,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"already-existing-tags","Already Existing Tags","2.4","digitalemphasis","https:\u002F\u002Fprofiles.wordpress.org\u002Fdigitalemphasis\u002F","\u003Cp>This plugin detects your ‘already existing tags’ into your post each time you create or edit\u002Fsave one. The found tags will be automatically assigned.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Easy configuration.\u003C\u002Fli>\n\u003Cli>Allow or block manually added tags; the choice is yours.\u003C\u002Fli>\n\u003Cli>You can choose if the plugin examines the title, the content or both.\u003C\u002Fli>\n\u003Cli>You can activate a filter and select which categories will be affected and which ones will be ignored by the plugin.\u003C\u002Fli>\n\u003Cli>Clean uninstall option: If this option is enabled, the plugin will leave absolutely no traces when uninstalling.\u003C\u002Fli>\n\u003Cli>Visit \u003Ca href=\"https:\u002F\u002Fdigitalemphasis.com\" rel=\"nofollow ugc\">digitalemphasis.com\u003C\u002Fa> for more info.\u003C\u002Fli>\n\u003C\u002Ful>\n","Looks for already existing tags within your posts.",600,11266,92,7,"2021-05-23T12:07:00.000Z","5.7.15","4.0",[69,70,71,22,23],"auto-tagger","auto-tagging","automatic-tags","https:\u002F\u002Fdigitalemphasis.com\u002Fwordpress-plugins\u002Falready-existing-tags\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Falready-existing-tags.2.4.zip",{"slug":75,"name":76,"version":77,"author":7,"author_profile":8,"description":78,"short_description":79,"active_installs":80,"downloaded":81,"rating":82,"num_ratings":83,"last_updated":84,"tested_up_to":85,"requires_at_least":49,"requires_php":17,"tags":86,"homepage":89,"download_link":90,"security_score":91,"vuln_count":83,"unpatched_count":83,"last_vuln_date":92,"fetched_at":28},"calais-auto-tagger","WP Calais Auto Tagger","2.0","\u003Cp>With the Calais Auto Tagger plugin, you’ll never have to think of tags for your posts again. The plugin uses the Open Calais API to perform semantic analysis of your post text and suggest tags for you. Add them to your post with just a click.\u003C\u002Fp>\n","The plugin performs semantic analysis of your posts to suggest tags using Open Calais.",40,31404,100,1,"2015-06-10T21:07:00.000Z","4.2.39",[87,88,21,22,23],"semantic","suggest","http:\u002F\u002Fwww.dangrossman.info\u002Fwp-calais-auto-tagger","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcalais-auto-tagger.zip",63,"2025-04-09 00:00:00",{"slug":94,"name":95,"version":96,"author":97,"author_profile":98,"description":99,"short_description":100,"active_installs":101,"downloaded":102,"rating":82,"num_ratings":83,"last_updated":103,"tested_up_to":104,"requires_at_least":105,"requires_php":17,"tags":106,"homepage":109,"download_link":110,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"page-tagger","Page Tagger","0.4.2","hiddentao","https:\u002F\u002Fprofiles.wordpress.org\u002Frandomaniac\u002F","\u003Cp>Page Tagger is a WordPress plugin which lets you tag your pages just like you do with your posts. It adds a tagging widget in the page-editing view in the admin interface. Page Tagger requires PHP 5.\u003C\u002Fp>\n\u003Cp>Detailed information including installation and usage is available at http:\u002F\u002Fwww.hiddentao.com\u002Fcode\u002Fwordpress-page-tagger-plugin\u002F\u003C\u002Fp>\n\u003Ch3>Known Issues\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>None at the moment.\u003C\u002Fli>\n\u003C\u002Ful>\n","Page Tagger is a Wordpress plugin which lets you tag your pages just like you do with your posts. It adds a tagging widget in the page-editing view in &hellip;",2000,64163,"2017-11-28T17:02:00.000Z","3.4.2","2.8.4",[107,108,22,23],"pages","posts","http:\u002F\u002Fwww.hiddentao.com\u002Fcode\u002Fwordpress-page-tagger-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpage-tagger.0.4.2.zip",{"slug":112,"name":113,"version":114,"author":115,"author_profile":116,"description":117,"short_description":118,"active_installs":119,"downloaded":120,"rating":82,"num_ratings":31,"last_updated":121,"tested_up_to":122,"requires_at_least":123,"requires_php":124,"tags":125,"homepage":129,"download_link":130,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"tagpages","TagPages","1.64","Bernhard Riedl","https:\u002F\u002Fprofiles.wordpress.org\u002Fneoxx\u002F","\u003Cp>This plugin is a \u003Ca href=\"https:\u002F\u002Fwww.bernhard-riedl.com\u002F2010\u002F08\u002F01\u002Ftagpages-tags-functionality-for-pages-in-wordpress-30\u002F\" rel=\"nofollow ugc\">follow-up\u003C\u002Fa> to the post which I wrote \u003Ca href=\"https:\u002F\u002Fwww.bernhard-riedl.com\u002F2007\u002F10\u002F06\u002Fwordpress-23-tagging-posts-and-pages\u002F\" rel=\"nofollow ugc\">a few years ago\u003C\u002Fa>. – The idea was (and still is) to equip pages with \u003Ca href=\"https:\u002F\u002Fen.support.wordpress.com\u002Fposts\u002Ftags\u002F\" rel=\"nofollow ugc\">tags\u003C\u002Fa> and include their number in a combined posts and pages \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FFunction_Reference\u002Fwp_tag_cloud\" rel=\"nofollow ugc\">tag-cloud\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>TagPages is fully compatible with \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FAdministration_Over_SSL\" rel=\"nofollow ugc\">https\u002FSSL\u002FTLS-sites\u003C\u002Fa> and WordPress multisite network.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Plugin’s website:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fwww.bernhard-riedl.com\u002Fprojects\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.bernhard-riedl.com\u002Fprojects\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Author’s website:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fwww.bernhard-riedl.com\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.bernhard-riedl.com\u002F\u003C\u002Fa>\u003C\u002Fp>\n","Adds post-tags functionality for pages.",1000,47139,"2017-11-09T06:11:00.000Z","4.9.29","3.0","5.3",[126,22,23,127,128],"tag","taxonomies","taxonomy","https:\u002F\u002Fwww.bernhard-riedl.com\u002Fprojects\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftagpages.zip",{"attackSurface":132,"codeSignals":148,"taintFlows":158,"riskAssessment":184,"analyzedAt":200},{"hooks":133,"ajaxHandlers":140,"restRoutes":145,"shortcodes":146,"cronEvents":147,"entryPointCount":83,"unprotectedCount":83},[134],{"type":135,"name":136,"callback":137,"file":138,"line":139},"action","admin_menu","calais_archive_init","calais_archive_tagger.php",14,[141],{"action":142,"nopriv":143,"callback":142,"hasNonce":143,"hasCapCheck":143,"file":138,"line":144},"calais_archive_run",false,90,[],[],[],{"dangerousFunctions":149,"sqlUsage":150,"outputEscaping":152,"fileOperations":13,"externalRequests":83,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":157},[],{"prepared":13,"raw":13,"locations":151},[],{"escaped":13,"rawEcho":83,"locations":153},[154],{"file":138,"line":155,"context":156},69,"raw output",[],[159,176],{"entryPoint":160,"graph":161,"unsanitizedCount":83,"severity":175},"calais_archive (calais_archive_tagger.php:19)",{"nodes":162,"edges":173},[163,168],{"id":164,"type":165,"label":166,"file":138,"line":167},"n0","source","$_POST['calais-api-key']",22,{"id":169,"type":170,"label":171,"file":138,"line":167,"wp_function":172},"n1","sink","update_option() [Settings Manipulation]","update_option",[174],{"from":164,"to":169,"sanitized":143},"low",{"entryPoint":177,"graph":178,"unsanitizedCount":83,"severity":175},"\u003Ccalais_archive_tagger> (calais_archive_tagger.php:0)",{"nodes":179,"edges":182},[180,181],{"id":164,"type":165,"label":166,"file":138,"line":167},{"id":169,"type":170,"label":171,"file":138,"line":167,"wp_function":172},[183],{"from":164,"to":169,"sanitized":143},{"summary":185,"deductions":186},"The wp-calais-archive-tagger v1.5 plugin presents a mixed security profile.  On the positive side, it does not appear to have any recorded vulnerabilities or known CVEs, which is a strong indicator of a relatively stable code base. Furthermore, it does not utilize dangerous functions, perform file operations, or make external HTTP requests in a way that inherently suggests risk. The use of prepared statements for SQL queries also mitigates a common class of vulnerabilities.\n\nHowever, significant concerns are raised by the static analysis. The presence of one AJAX handler without authentication checks creates a direct attack vector. The taint analysis revealing two flows with unsanitized paths, even without critical or high severity, suggests potential for unexpected behavior or data manipulation if these paths are triggered. The most alarming finding is the complete lack of output escaping, meaning any data processed or displayed by the plugin could be vulnerable to cross-site scripting (XSS) attacks. The absence of nonce checks and capability checks on the exposed AJAX endpoint further exacerbates these risks.\n\nIn conclusion, while the plugin's vulnerability history is clean and it avoids certain high-risk coding practices, the combination of an unprotected AJAX endpoint, unsanitized taint flows, and critically, a complete absence of output escaping, creates a substantial security risk. The plugin is not hardened against common web attack vectors, making it a target for exploitation.",[187,189,192,195,198],{"reason":188,"points":64},"Unprotected AJAX handler",{"reason":190,"points":191},"Taint flows with unsanitized paths",5,{"reason":193,"points":194},"No output escaping",8,{"reason":196,"points":197},"Missing nonce checks",6,{"reason":199,"points":197},"Missing capability checks","2026-03-16T23:41:59.219Z",{"wat":202,"direct":207},{"assetPaths":203,"generatorPatterns":204,"scriptPaths":205,"versionParams":206},[],[],[],[],{"cssClasses":208,"htmlComments":209,"htmlAttributes":210,"restEndpoints":211,"jsGlobals":212,"shortcodeOutput":213},[],[],[],[],[],[]]