[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fENCgZsxREaXgU1TOzAepOkV1qdpOMIdYRCJgzU8zf6I":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":40,"analysis":131,"fingerprints":218},"wp-multisite-popular-posts","WP Multisite Most Commented Posts","1.4","termel","https:\u002F\u002Fprofiles.wordpress.org\u002Fmunger41\u002F","\u003Cp>This plugin gives you the ability to display most commented posts on the entire network, using a specific shorcode in posts or pages, or using the widget dedicated to this.\u003Cbr \u002F>\nShortcode example:\u003Cbr \u002F>\n    [wp_mpp max=5 type=ever show_posts=0 show_comments=1]\u003Cbr \u002F>\nUse following shortcode parameters:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cem>max\u003C\u002Fem> : maxium entries to show\u003C\u002Fli>\n\u003Cli>\u003Cem>type\u003C\u002Fem> :\n\u003Cul>\n\u003Cli>\u003Cem>ever\u003C\u002Fem> : all time stat\u003C\u002Fli>\n\u003Cli>\u003Cem>lastmonth\u003C\u002Fem> : last 30 days\u003C\u002Fli>\n\u003Cli>\u003Cem>currentmonth\u003C\u002Fem> : current month\u003C\u002Fli>\n\u003Cli>\u003Cem>lastweek\u003C\u002Fem> : last 7 days\u003C\u002Fli>\n\u003Cli>\u003Cem>currentweek\u003C\u002Fem> : this week\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cem>show_posts\u003C\u002Fem> : display (1) or not (0) total number of posts published accross network\u003C\u002Fli>\n\u003Cli>\u003Cem>show_comments\u003C\u002Fem> : display (1) or not (0) total number of coments for each posts in list.\u003C\u002Fli>\n\u003C\u002Ful>\n","Display network most commented posts with a Widget or a Shortcode.",10,2445,100,1,"2016-10-08T16:16:00.000Z","4.8.28","3.5","",[20,21,22,23,24],"comment","commented","most","multisite","popular","http:\u002F\u002Fwww.termel.fr","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-multisite-popular-posts.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":36,"avg_patch_time_days":37,"trust_score":38,"computed_at":39},"munger41",14,800,84,30,83,"2026-04-04T21:44:59.459Z",[41,61,83,100,117],{"slug":42,"name":43,"version":44,"author":45,"author_profile":46,"description":47,"short_description":48,"active_installs":35,"downloaded":49,"rating":50,"num_ratings":34,"last_updated":51,"tested_up_to":52,"requires_at_least":53,"requires_php":18,"tags":54,"homepage":59,"download_link":60,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"popular-widget","Popular Widget","1.7.0","Hax","https:\u002F\u002Fprofiles.wordpress.org\u002Fhax\u002F","\u003Cp>This is a simple popular posts WordPress widget for your blog. Add and day interval to specify when the posts are considered popular, the default is 365 (one year) you can also filter your post by category. Enjoy!! and please support the plugin. :@)\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Languages http:\u002F\u002Fxparkmedia.com\u002Fplugins\u002Fpopular-widget\u002F#languages\u003C\u002Fli>\n\u003Cli>Support http:\u002F\u002Fxparkmedia.com\u002Fsupport\u002Fplugin\u002Fpopular-widget\u002F\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Day range\u003C\u002Fli>\n\u003Cli>Disable tabs.\u003C\u002Fli>\n\u003Cli>Title length.\u003C\u002Fli>\n\u003Cli>Count Display.\u003C\u002Fli>\n\u003Cli>Excerpt option.\u003C\u002Fli>\n\u003Cli>Excerpt length.\u003C\u002Fli>\n\u003Cli>Category filter.\u003C\u002Fli>\n\u003Cli>Display thumbnails.\u003C\u002Fli>\n\u003Cli>Display recent comments.\u003C\u002Fli>\n\u003Cli>Calculate visits or page views.\u003C\u002Fli>\n\u003Cli>Custom field options for view counts.\u003C\u002Fli>\n\u003C\u002Ful>\n","Display the most commented or most viewed posts in a tabbed widget, filter the post by date range or by category. It also includes a tags tab.",128545,90,"2017-11-28T18:45:00.000Z","4.6.0","3.0.0",[55,56,57,24,58],"box","most-commented","most-viewed","widget","http:\u002F\u002Fxparkmedia.com\u002Fplugins\u002Fpopular-widget\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpopular-widget.zip",{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":11,"downloaded":69,"rating":70,"num_ratings":71,"last_updated":72,"tested_up_to":73,"requires_at_least":74,"requires_php":18,"tags":75,"homepage":80,"download_link":81,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":82},"disqus-popular-threads-widget","Disqus Popular Threads Widget","1.2","Ron Zvagelsky","https:\u002F\u002Fprofiles.wordpress.org\u002Frzvagelsky\u002F","\u003Cp>Integrates with the Disqus API to show your most popular threads (most commented posts). Can be added via sidebar widget, template tag, or shortcode.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fpresshive.com\u002Fplugins\u002Fdisqus-popular-threads-widget-for-wordpress\u002F\" rel=\"nofollow ugc\">\u003Cstrong>For more information or to request additional features, please visit the plugin page\u003C\u002Fstrong>\u003C\u002Fa>\u003C\u002Fp>\n","Shows your most commented posts from Disqus via widget, shortcode, or template tag.",4666,60,2,"2013-05-24T20:04:00.000Z","3.5.2","3.2",[76,77,78,56,79],"comments","disqus","most-popular","popular-posts","http:\u002F\u002Fpresshive.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisqus-popular-threads-widget.zip","2026-03-15T14:54:45.397Z",{"slug":84,"name":85,"version":86,"author":87,"author_profile":88,"description":89,"short_description":90,"active_installs":91,"downloaded":92,"rating":93,"num_ratings":14,"last_updated":94,"tested_up_to":73,"requires_at_least":95,"requires_php":18,"tags":96,"homepage":98,"download_link":99,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"most-popular-posts","Most Popular Posts","1.6.2","wesg","https:\u002F\u002Fprofiles.wordpress.org\u002Fwesg\u002F","\u003Cp>Most Popular Posts is a basic widget for your sidebar that creates a list of links to the top posts on your blog according to the number of comments on the post. You can customize many aspects of the plugin to fit in your blog.\u003C\u002Fp>\n\u003Cp>Updates include including and excluding categories, reverse the order of comments and incorporation of WordPress widget standards.\u003C\u002Fp>\n\u003Cp>For a complete list of the changes from each version, please visit \u003Ca href=\"http:\u002F\u002Fwww.wesg.ca\u002F2008\u002F08\u002Fwordpress-widget-most-popular\u002F#changelog\" rel=\"nofollow ugc\">the plugin homepage\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>For examples and tips on using the plugin, please check \u003Ca href=\"http:\u002F\u002Fwww.wesg.ca\u002F2008\u002F08\u002Fwordpress-widget-most-popular\u002F#examples\" rel=\"nofollow ugc\">the examples\u003C\u002Fa> on the plugin homepage.\u003C\u002Fp>\n\u003Ch4>Usage\u003C\u002Fh4>\n\u003Cp>Used exclusively as a widget at the current time.\u003C\u002Fp>\n","This is a very simple widget that displays a link to the top commented posts on your blog.",300,51094,40,"2013-02-14T04:23:00.000Z","2.8",[76,78,97,58],"sidebar","http:\u002F\u002Fwww.wesg.ca\u002F2008\u002F08\u002Fwordpress-widget-most-popular\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmost-popular-posts.1.6.2.zip",{"slug":101,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":11,"downloaded":108,"rating":13,"num_ratings":71,"last_updated":18,"tested_up_to":109,"requires_at_least":110,"requires_php":18,"tags":111,"homepage":114,"download_link":115,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":116},"anppopular-post","anpPopular Post","1.0.6","antocara","https:\u002F\u002Fprofiles.wordpress.org\u002Fantocara\u002F","\u003Cp>Widget to display a list of the most commented posts up to 10 or most viewed posts. The posts will be shown in a scale of colors and length according to the number of comments you have.\u003Cbr \u002F>\nYou just have to activate the plugin from the WordPress options panel, install the widget in any sidebar, footer or other area that supports widgets.\u003Cbr \u002F>\nanpPopular Post has a number of options to configure as:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The title of the widget\u003C\u002Fli>\n\u003Cli>The number of posts to display (max 10)\u003C\u002Fli>\n\u003Cli>Color palette to choose from four different options, standard, red, green, blue\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>anpPopular Post is configured for use in multi language to be available in:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Spanish \u003C\u002Fli>\n\u003Cli>English\u003C\u002Fli>\n\u003C\u002Ful>\n","Widget to display a list of the most commented posts. The posts are displayed on a color scale of colors.",3121,"3.4.2","3.0",[20,112,79,113,58],"most-comment","posts","http:\u002F\u002Fwww.anpstudio.com\u002F2012\u002F09\u002Fanppopular-post-nuevo-plugin-para-mostrar-los-post-mas-comentados-de-una-forma-muy-grafica\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fanppopular-post.1.0.6.zip","2026-03-15T10:48:56.248Z",{"slug":118,"name":119,"version":120,"author":121,"author_profile":122,"description":123,"short_description":124,"active_installs":11,"downloaded":125,"rating":28,"num_ratings":28,"last_updated":126,"tested_up_to":127,"requires_at_least":95,"requires_php":18,"tags":128,"homepage":129,"download_link":130,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"simple-popular-posts","Simple Popular Posts","1.0","jimmysun","https:\u002F\u002Fprofiles.wordpress.org\u002Fjimmysun\u002F","\u003Cp>Simple Popular Posts is a plugin that creates a widget for you to put on your sidebar. The widget shows the most popular posts on your blog, based on the number of comments.\u003C\u002Fp>\n\u003Cp>It is a very simple and basic plugin. It only has 3 options:\u003Cbr \u002F>\n– the widget title\u003Cbr \u002F>\n– the number of posts you want to show\u003Cbr \u002F>\n– whether you want to show the number of comments or not\u003C\u002Fp>\n\u003Cp>Based on the Most Popular Posts plugin by Wes Goodhoofd (http:\u002F\u002Fwww.wesg.ca\u002F2008\u002F08\u002Fwordpress-widget-most-popular\u002F)\u003C\u002Fp>\n","Creates a very simple and basic widget for your sidebar to display most popular posts on your blog based on the number of comments only.",3001,"2010-05-16T15:16:00.000Z","2.9.2",[76,78,84,79,58],"http:\u002F\u002Fwww.jimmysun.net\u002Fteknologi\u002Fwordpress\u002Fwordpress-plugin-simple-popular-posts","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-popular-posts.zip",{"attackSurface":132,"codeSignals":152,"taintFlows":202,"riskAssessment":203,"analyzedAt":217},{"hooks":133,"ajaxHandlers":144,"restRoutes":145,"shortcodes":146,"cronEvents":151,"entryPointCount":14,"unprotectedCount":28},[134,140],{"type":135,"name":136,"callback":137,"file":138,"line":139},"action","widgets_init","anonymous","wp-multisite-popular-posts.php",326,{"type":135,"name":141,"callback":142,"file":138,"line":143},"init","wp_mpp_load_lang",336,[],[],[147],{"tag":148,"callback":149,"file":138,"line":150},"wp_mpp","wp_multisite_popular_posts_shortcode_fn",22,[],{"dangerousFunctions":153,"sqlUsage":157,"outputEscaping":159,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":201},[154],{"fn":155,"file":138,"line":139,"context":156},"create_function","add_action('widgets_init', create_function('', 'return register_widget(\"wp_multisite_popular_posts\")",{"prepared":28,"raw":28,"locations":158},[],{"escaped":160,"rawEcho":161,"locations":162},5,24,[163,166,168,169,170,172,173,174,176,177,179,181,182,184,185,186,187,188,190,191,193,195,197,199],{"file":138,"line":164,"context":165},54,"raw output",{"file":138,"line":167,"context":165},55,{"file":138,"line":167,"context":165},{"file":138,"line":167,"context":165},{"file":138,"line":171,"context":165},59,{"file":138,"line":70,"context":165},{"file":138,"line":70,"context":165},{"file":138,"line":175,"context":165},64,{"file":138,"line":175,"context":165},{"file":138,"line":178,"context":165},71,{"file":138,"line":180,"context":165},73,{"file":138,"line":180,"context":165},{"file":138,"line":183,"context":165},77,{"file":138,"line":183,"context":165},{"file":138,"line":38,"context":165},{"file":138,"line":38,"context":165},{"file":138,"line":36,"context":165},{"file":138,"line":189,"context":165},87,{"file":138,"line":189,"context":165},{"file":138,"line":192,"context":165},88,{"file":138,"line":194,"context":165},117,{"file":138,"line":196,"context":165},123,{"file":138,"line":198,"context":165},134,{"file":138,"line":200,"context":165},137,[],[],{"summary":204,"deductions":205},"The 'wp-multisite-popular-posts' plugin v1.4 presents a mixed security posture. On the positive side, it has a very small attack surface with only one shortcode and no AJAX handlers, REST API routes, or cron events that are exposed to external input. Furthermore, all SQL queries are properly prepared, and there are no file operations or external HTTP requests, which are common vectors for vulnerabilities. The absence of known CVEs and past vulnerabilities is also a strong indicator of good security practices historically.\n\nHowever, significant concerns arise from the static analysis. The presence of the `create_function` dangerous function is a critical red flag, as it can be exploited for code injection if user-supplied data is passed to it without proper sanitization. The low percentage of properly escaped output (17%) is another major risk, suggesting that cross-site scripting (XSS) vulnerabilities are highly probable, allowing attackers to inject malicious scripts into the site. The complete lack of nonce checks and capability checks on its entry points, combined with the dangerous function, creates a substantial risk of unauthorized actions or information disclosure, especially given the plugin's focus on popular posts which might involve sensitive data or settings.\n\nWhile the plugin has a clean vulnerability history, this does not negate the critical flaws identified in the current code. The reliance on `create_function` and the widespread unescaped output are significant security weaknesses that require immediate attention. The overall risk is moderate to high due to the potential for severe impacts like code execution and XSS, despite the limited attack surface and lack of known historical vulnerabilities.",[206,209,212,215],{"reason":207,"points":208},"Presence of dangerous function 'create_function'",15,{"reason":210,"points":211},"Low percentage of properly escaped output (17%)",8,{"reason":213,"points":214},"Missing nonce checks on entry points",7,{"reason":216,"points":214},"Missing capability checks on entry points","2026-03-17T00:44:32.160Z",{"wat":219,"direct":225},{"assetPaths":220,"generatorPatterns":222,"scriptPaths":223,"versionParams":224},[221],"\u002Fwp-content\u002Fplugins\u002Fwp-multisite-popular-posts\u002Fcss\u002Fwp-multisite-popular-posts.css",[],[],[],{"cssClasses":226,"htmlComments":229,"htmlAttributes":230,"restEndpoints":233,"jsGlobals":234,"shortcodeOutput":235},[227,228],"wp_multisite_popular_posts","wp_widget_plugin_box",[],[231,232],"id=\"wp_multisite_popular_posts_widget\"","name=\"wp_multisite_popular_posts_widget\"",[],[],[236,237,238],"[wp_mpp]","[wp_mpp max=\"10\" type=\"lastmonth\"]","[wp_mpp max=\"5\" type=\"currentmonth\"]"]