[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fEHt2QzC96_6LegayMWh9O5nVl9_Igj511CSO0uy_mVc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":37,"analysis":152,"fingerprints":259},"wp-factcheck","WP Factcheck","1.1.2","Fotso Fonkam","https:\u002F\u002Fprofiles.wordpress.org\u002Fwillfonkam\u002F","\u003Cp>Create an publish fact-checking articles on your platform, with the possibility to other useful information tu the article, like the claim, its source, the verdict and the explainer. The added information will be displayed above the article content to guide the readers, and will also be used to add structured data to the article.\u003C\u002Fp>\n","Publish fact-checking articles on your platform",10,1308,0,"2021-11-06T14:27:00.000Z","5.8.13","5.0","",[19,20,21,22,23],"claim","factchecking","fake-news","verdict","verify","http:\u002F\u002Fwww.iamfotso.cm\u002Fprojects\u002Fwp-factcheck\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-factcheck.zip",85,null,"2026-03-15T14:54:45.397Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":26,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"willfonkam",4,20,30,84,"2026-04-05T14:44:24.746Z",[38,65,88,111,129],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":53,"tags":54,"homepage":59,"download_link":60,"security_score":61,"vuln_count":62,"unpatched_count":13,"last_vuln_date":63,"fetched_at":64},"age-gate","Age Gate","3.7.2","Phil","https:\u002F\u002Fprofiles.wordpress.org\u002Fphilsbury\u002F","\u003Cp>There are many uses for restricting content based on age, be it movie trailers, beer or other adult themes. This plugin allows you to set a restriction on what content can been seen or restricted based on the age of the user.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Ask users to verify their age on page load\u003C\u002Fli>\n\u003Cli>SEO Friendly – common bots and crawlers are omitted from age checks\u003C\u002Fli>\n\u003Cli>Ability to add custom user agents for less common bots\u003C\u002Fli>\n\u003Cli>Shortcode for in content restrictions\u003C\u002Fli>\n\u003Cli>Choose to restrict an entire site, or selected content\u003C\u002Fli>\n\u003Cli>Select a different age on individual content\u003C\u002Fli>\n\u003Cli>Allow certain content to not be age gated under “all content” mode\u003C\u002Fli>\n\u003Cli>Three choices for input; dropdowns, input fields or a simple yes\u002Fno button\u003C\u002Fli>\n\u003Cli>Customise the order of the inputs based on your region (DD MM YYYY or MM DD YYYY)\u003C\u002Fli>\n\u003Cli>Allow a “remember me” check box if desired\u003C\u002Fli>\n\u003Cli>Ability to omit logged in users from being checked\u003C\u002Fli>\n\u003Cli>Add your own logo\u003C\u002Fli>\n\u003Cli>Update the text displayed on the entry form\u003C\u002Fli>\n\u003Cli>Select background colour\u002Fimage, foreground colour and text colour\u003C\u002Fli>\n\u003Cli>Use built in styling out of the box, or your own custom style\u003C\u002Fli>\n\u003Cli>Ability to add legal note or information to the bottom of the form\u003C\u002Fli>\n\u003Cli>Redirect failed logins to a URL of your choice e.g. an alcohol awareness website.\u003C\u002Fli>\n\u003Cli>Ability to use a non caching version\u003C\u002Fli>\n\u003Cli>Various hooks to add even more customisation such as additional form fields\u003C\u002Fli>\n\u003Cli>Compatible with multilingual plugins WPML, Polylang (2.3+), WP Multilang\u003C\u002Fli>\n\u003C\u002Ful>\n","A plugin to check the age of a visitor before view site or specified content",40000,1356527,92,64,"2025-10-22T19:24:00.000Z","6.8.5","6.0.0","7.4",[55,39,56,57,58],"adults-only","age-restriction","age-verification","age-verify","https:\u002F\u002Fagegate.io\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fage-gate.3.7.2.zip",90,5,"2025-04-09 00:00:00","2026-03-15T15:16:48.613Z",{"slug":66,"name":67,"version":68,"author":69,"author_profile":70,"description":71,"short_description":72,"active_installs":73,"downloaded":74,"rating":75,"num_ratings":76,"last_updated":77,"tested_up_to":51,"requires_at_least":78,"requires_php":79,"tags":80,"homepage":85,"download_link":86,"security_score":87,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":64},"bp-verified-member","Verified Member for BuddyPress","1.2.8","Themosaurus","https:\u002F\u002Fprofiles.wordpress.org\u002Fthemosaurus\u002F","\u003Cp>This plugin allows you to verify your BuddyPress members individually or based on WP roles. You can also allow members to request verification directly from their member profile.\u003C\u002Fp>\n\u003Cp>Verified members will have a twitter-like “verified” badge displayed on the front-end, and you can choose to display an “unverified” badge for those who haven’t been verified yet.\u003C\u002Fp>\n\u003Cp>A dedicated settings tab allows you to choose where you want to display the badges:\u003Cbr \u002F>\n+ Activities\u003Cbr \u002F>\n+ Profiles\u003Cbr \u002F>\n+ Member Lists (e.g.: member directory)\u003Cbr \u002F>\n+ BuddyPress widgets\u003Cbr \u002F>\n+ Private Messages\u003Cbr \u002F>\n+ bbPress Forums\u003Cbr \u002F>\n+ WordPress Comments and Posts\u003C\u002Fp>\n\u003Cp>As well as other settings like the badge color or tooltip.\u003C\u002Fp>\n\u003Cp>This plugin is also compatible with \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbp-better-messages\u002F\" rel=\"ugc\">BP Better Message\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>See the plugin in action in our online demo:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fclassic.gwangi-theme.com\u002Fmembers\u002F\" rel=\"nofollow ugc\">Members Directory\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fclassic.gwangi-theme.com\u002Fmembers\u002Fmichellie\u002F\" rel=\"nofollow ugc\">User Profile and Activity Feed\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin requires \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbuddypress\u002F\" rel=\"ugc\">BuddyPress\u003C\u002Fa>.\u003C\u002Fp>\n","Verify your BuddyPress members and display a twitter-like verified badge on the front-end.",4000,122414,94,15,"2025-05-19T15:57:00.000Z","5.4","5.6",[81,82,83,84,23],"badge","bp","community","member","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbp-verified-member\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbp-verified-member.1.2.8.zip",100,{"slug":89,"name":90,"version":91,"author":92,"author_profile":93,"description":94,"short_description":95,"active_installs":96,"downloaded":97,"rating":87,"num_ratings":98,"last_updated":99,"tested_up_to":100,"requires_at_least":16,"requires_php":53,"tags":101,"homepage":17,"download_link":107,"security_score":108,"vuln_count":109,"unpatched_count":98,"last_vuln_date":110,"fetched_at":64},"hivepress-claim-listings","HivePress Claim Listings","1.1.4","HivePress","https:\u002F\u002Fprofiles.wordpress.org\u002Fhivepress\u002F","\u003Cp>HivePress Claim Listings is an extension for \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fhivepress\u002F\" rel=\"ugc\">HivePress\u003C\u002Fa> plugin. It allows you to charge users for claiming listings.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Flistinghive.hivepress.io\u002F\" rel=\"nofollow ugc\">Demo\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fhelp.hivepress.io\u002F\" rel=\"nofollow ugc\">Docs\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fcommunity.hivepress.io\u002F\" rel=\"nofollow ugc\">Support\u003C\u002Fa>\u003C\u002Fp>\n","Charge users for claiming listings.",3000,45999,1,"2026-01-30T16:48:00.000Z","6.9.4",[102,103,104,105,106],"claim-listings","classifieds","directory","hivepress","listings","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhivepress-claim-listings.1.1.4.zip",77,2,"2025-09-26 00:00:00",{"slug":112,"name":113,"version":114,"author":115,"author_profile":116,"description":117,"short_description":118,"active_installs":119,"downloaded":120,"rating":87,"num_ratings":121,"last_updated":122,"tested_up_to":17,"requires_at_least":123,"requires_php":124,"tags":125,"homepage":17,"download_link":128,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":64},"age-gate-lite","Age Gate Lite","0.0.7","SiD","https:\u002F\u002Fprofiles.wordpress.org\u002Fsiddhu09rocks\u002F","\u003Cp>If your content or products are about cannabis, alcohol, gambling or other adult content.\u003C\u002Fp>\n\u003Cp>Age Gate Lite makes it easier then ever to configure and style an age restriction pop up to protect younger audience.\u003C\u002Fp>\n\u003Cp>It is designed to be user friendly, simple lightweight and only requires users to confirm their age ( Yes \u002F No ).\u003C\u002Fp>\n\u003Cp>This plugin is absolutely, 100% free.\u003C\u002Fp>\n\u003Cp>Success message section included can be used for Email \u002F Newsletter Opt-in or Promotional messages.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Devs 👨‍💻\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Avaliable JS Event Listeners – agl_passed & agl_failed.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003Cscript>\n    document.addEventListener(\"agl_passed\", function() {\n        \u002F\u002F Insert yor code for Age Gate Passed ;\n    });\n\n    document.addEventListener(\"agl_failed\", function() {\n        \u002F\u002F Insert yor code for Age Gate Failed');\n    });\n\u003C\u002Fscript>\n\u003C\u002Fcode>\u003C\u002Fpre>\n","A lightweight, customisable age gate to lock content from younger audience.",2000,14687,6,"2022-07-13T01:28:00.000Z","4.0","5.2.4",[126,39,57,58,127],"age","cannabis","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fage-gate-lite.zip",{"slug":130,"name":131,"version":132,"author":133,"author_profile":134,"description":135,"short_description":136,"active_installs":119,"downloaded":137,"rating":138,"num_ratings":139,"last_updated":140,"tested_up_to":141,"requires_at_least":142,"requires_php":124,"tags":143,"homepage":149,"download_link":150,"security_score":48,"vuln_count":98,"unpatched_count":13,"last_vuln_date":151,"fetched_at":64},"wp-post-disclaimer","WP Post Disclaimer","1.0.4","Krunal Prajapati","https:\u002F\u002Fprofiles.wordpress.org\u002Fkrunalprajapati41\u002F","\u003Cp>Add a disclaimer\u002Fterms\u002Fwarnings about post\u002Fpage\u002Fcustom post type on top, bottom of content as well as inside post content\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Disclaimer on Post\u002FPage or Custom Post Type\u003C\u002Fli>\n\u003Cli>Customized Options\u003C\u002Fli>\n\u003Cli>Custom CSS Option\u003C\u002Fli>\n\u003Cli>Individual Post\u002FPage or Custom Post Type Options\u003C\u002Fli>\n\u003Cli>Font Awesome Icons\u003C\u002Fli>\n\u003Cli>Use with Shortcode\u003C\u002Fli>\n\u003C\u002Ful>\n","Add customizable disclaimers, terms, or warnings to the top, bottom, or within post, page, or custom post type content for WordPress",17730,96,9,"2025-01-07T06:21:00.000Z","6.7.5","3.6",[144,145,146,147,148],"alert","dislaimer","notice","post-disclaimer","warning","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-post-disclaimer\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-post-disclaimer.1.0.4.zip","2024-03-25 00:00:00",{"attackSurface":153,"codeSignals":202,"taintFlows":219,"riskAssessment":247,"analyzedAt":258},{"hooks":154,"ajaxHandlers":194,"restRoutes":199,"shortcodes":200,"cronEvents":201,"entryPointCount":98,"unprotectedCount":98},[155,161,165,169,173,177,181,185,190],{"type":156,"name":157,"callback":158,"file":159,"line":160},"action","admin_enqueue_scripts","wpfc_admin_enqueue","wp-factcheck.php",40,{"type":156,"name":162,"callback":163,"file":159,"line":164},"wp_enqueue_scripts","wpfc_enqueue",41,{"type":156,"name":166,"callback":167,"file":159,"line":168},"init","wpfc_post_types",42,{"type":156,"name":170,"callback":171,"file":159,"line":172},"wp_head","wpfc_struct_data",43,{"type":156,"name":174,"callback":175,"file":159,"line":176},"admin_menu","wpfc_menu",44,{"type":156,"name":178,"callback":179,"file":159,"line":180},"add_meta_boxes","wpfc_meta_boxes",45,{"type":156,"name":182,"callback":183,"file":159,"line":184},"save_post","wpfc_save_metaboxes",46,{"type":186,"name":187,"callback":188,"file":159,"line":189},"filter","the_content","wpfc_content_factcheck",47,{"type":156,"name":191,"callback":192,"file":159,"line":193},"plugins_loaded","wpfc_load_textdomain",48,[195],{"action":196,"nopriv":197,"callback":196,"hasNonce":197,"hasCapCheck":197,"file":159,"line":198},"wpfc_save_settings",false,49,[],[],[],{"dangerousFunctions":203,"sqlUsage":204,"outputEscaping":206,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":218},[],{"prepared":13,"raw":13,"locations":205},[],{"escaped":207,"rawEcho":208,"locations":209},25,3,[210,214,216],{"file":211,"line":212,"context":213},"inc\\meta-boxes.php",108,"raw output",{"file":211,"line":215,"context":213},124,{"file":217,"line":168,"context":213},"inc\\structured-data.php",[],[220,239],{"entryPoint":221,"graph":222,"unsanitizedCount":98,"severity":238},"wpfc_save_settings (inc\\save-settings.php:2)",{"nodes":223,"edges":236},[224,230],{"id":225,"type":226,"label":227,"file":228,"line":229},"n0","source","$_POST","inc\\save-settings.php",22,{"id":231,"type":232,"label":233,"file":228,"line":234,"wp_function":235},"n1","sink","update_option() [Settings Manipulation]",26,"update_option",[237],{"from":225,"to":231,"sanitized":197},"low",{"entryPoint":240,"graph":241,"unsanitizedCount":98,"severity":238},"\u003Csave-settings> (inc\\save-settings.php:0)",{"nodes":242,"edges":245},[243,244],{"id":225,"type":226,"label":227,"file":228,"line":229},{"id":231,"type":232,"label":233,"file":228,"line":234,"wp_function":235},[246],{"from":225,"to":231,"sanitized":197},{"summary":248,"deductions":249},"The \"wp-factcheck\" v1.1.2 plugin exhibits a mixed security posture. On the positive side, the plugin demonstrates good practices regarding database security, with 100% of SQL queries using prepared statements and no recorded vulnerabilities in its history. The absence of file operations and external HTTP requests further reduces its potential attack surface.  However, significant concerns arise from the static analysis. The presence of an unprotected AJAX handler represents a critical entry point into the application that lacks any authentication or authorization checks. Furthermore, the taint analysis reveals two flows with unsanitized paths, indicating a potential for the plugin to handle user-supplied data in a way that could lead to exploitation, even though no critical or high severity issues were flagged. The lack of nonce checks and capability checks on the identified AJAX handler is a direct violation of WordPress security best practices.",[250,252,254,256],{"reason":251,"points":11},"Unprotected AJAX handler without auth checks",{"reason":253,"points":62},"Taint flows with unsanitized paths",{"reason":255,"points":62},"Missing nonce checks",{"reason":257,"points":62},"Missing capability checks","2026-03-16T23:39:31.941Z",{"wat":260,"direct":279},{"assetPaths":261,"generatorPatterns":269,"scriptPaths":270,"versionParams":271},[262,263,264,265,266,267,268],"\u002Fwp-content\u002Fplugins\u002Fwp-factcheck\u002Fassets\u002Fcss\u002Ffact-check.css","\u002Fwp-content\u002Fplugins\u002Fwp-factcheck\u002Fassets\u002Fcss\u002Fadmin-style.css","\u002Fwp-content\u002Fplugins\u002Fwp-factcheck\u002Fassets\u002Fjs\u002Fcolor-picker.js","\u002Fwp-content\u002Fplugins\u002Fwp-factcheck\u002Fassets\u002Fjs\u002Fmain.js","\u002Fwp-content\u002Fplugins\u002Fwp-factcheck\u002Fassets\u002Fcss\u002Ffront-fact-check.css","\u002Fwp-content\u002Fplugins\u002Fwp-factcheck\u002Fassets\u002Ffont\u002Ficomoon\u002Ficomoon.css","\u002Fwp-content\u002Fplugins\u002Fwp-factcheck\u002Fassets\u002Ffont\u002Flinearicons\u002Flinearicons.css",[],[264,265],[272,273,274,275,276,277,278],"wp-factcheck\u002Fassets\u002Fcss\u002Ffact-check.css?ver=","wp-factcheck\u002Fassets\u002Fcss\u002Fadmin-style.css?ver=","wp-factcheck\u002Fassets\u002Fjs\u002Fcolor-picker.js?ver=","wp-factcheck\u002Fassets\u002Fjs\u002Fmain.js?ver=","wp-factcheck\u002Fassets\u002Fcss\u002Ffront-fact-check.css?ver=","wp-factcheck\u002Fassets\u002Ffont\u002Ficomoon\u002Ficomoon.css?ver=","wp-factcheck\u002Fassets\u002Ffont\u002Flinearicons\u002Flinearicons.css?ver=",{"cssClasses":280,"htmlComments":294,"htmlAttributes":295,"restEndpoints":297,"jsGlobals":298,"shortcodeOutput":300},[281,282,283,284,285,286,287,288,289,290,291,292,293],"wpfc-factcheck","wpfc-column","wpfc-claim","wpfc-column-content","wpfc-column-title","wpfc-author","wpfc-verdict","wpfc-explainer","wpfc-incorrect","wpfc-unknown","wpfc-correct","wpfc-rating","wpfc-source",[],[296],"data-verdict-type",[],[299],"wpfc_obj",[]]