[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$flycu0-pqWf4v7Rt3cfYPaFdDvX47pGiNEywvdYfjGko":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":37,"analysis":133,"fingerprints":364},"wp-post-rating","Wp Post Rating","1.2.2","shmidtelson","https:\u002F\u002Fprofiles.wordpress.org\u002Fshmidtelson\u002F","\u003Ch3>WP-POST-RATING is powerful rating plugin with ajax security requests.\u003C\u002Fh3>\n\u003Ch3>Features:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>Very faster\u003Cbr \u002F>\n\u003Cem>Plugin use OOP and Vanilla JS, svg icons and CSS variables\u003C\u002Fem>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Seo-friendly\u003Cbr \u002F>\n\u003Cem>Plugin use Schema for show stars rating in google search results\u003C\u002Fem>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Without jQuery (Native js)\u003Cbr \u002F>\n\u003Cem>Native js is very fast\u003C\u002Fem>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Customize color of stars\u003Cbr \u002F>\n\u003Cem>You can customize color of stars and the second color will generate automatic\u003C\u002Fem>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>MultiLanguages\u003Cbr \u002F>\n+English\u003Cbr \u002F>\n+Russian\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Functional:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Widget for show latest (any sort) votes in sidebar (other place)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Shortcodes:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ccode>[wp_rating]\u003C\u002Fcode> show rating\u003C\u002Fli>\n\u003Cli>\u003Ccode>[wp_rating_total]\u003C\u002Fcode> show total votes for current post\u003C\u002Fli>\n\u003Cli>\u003Ccode>[wp_rating_avg]\u003C\u002Fcode> show total votes for current post\u003C\u002Fli>\n\u003C\u002Ful>\n","WP-POST-RATING is powerful rating plugin with ajax security requests.",10,2053,100,2,"2021-07-18T14:15:00.000Z","5.7.15","4.9.8","7.2",[20,21,22,23,24],"5-star","google-rating","postrating","rating","ratings","https:\u002F\u002Fgithub.com\u002Fshmidtelson\u002Fwp-post-rating","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-post-rating.1.2.2.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},1,30,84,"2026-04-04T03:48:32.865Z",[38,62,82,101,114],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":53,"tags":54,"homepage":57,"download_link":58,"security_score":59,"vuln_count":60,"unpatched_count":28,"last_vuln_date":61,"fetched_at":30},"wp-postratings","WP-PostRatings","1.91.2","Lester Chan","https:\u002F\u002Fprofiles.wordpress.org\u002Fgamerz\u002F","\u003Ch3>Usage\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Open \u003Ccode>wp-content\u002Fthemes\u002F\u003CYOUR THEME NAME>\u002Findex.php\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>You may place it in archive.php, single.php, post.php or page.php also.\u003C\u002Fli>\n\u003Cli>Find: \u003Ccode>\u003C?php while (have_posts()) : the_post(); ?>\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Add Anywhere Below It (The Place You Want The Ratings To Show): \u003Ccode>\u003C?php if(function_exists('the_ratings')) { the_ratings(); } ?>\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cul>\n\u003Cli>If you DO NOT want the ratings to appear in every post\u002Fpage, DO NOT use the code above. Just type in \u003Ccode>[ratings]\u003C\u002Fcode> into the selected post\u002Fpage content and it will embed ratings into that post\u002Fpage only.\u003C\u002Fli>\n\u003Cli>If you want to embed other post ratings use \u003Ccode>[ratings id=\"1\"]\u003C\u002Fcode>, where 1 is the ID of the post\u002Fpage ratings that you want to display.\u003C\u002Fli>\n\u003Cli>If you want to embed other post ratings results, use \u003Ccode>[ratings id=\"1\" results=\"true\"]\u003C\u002Fcode>, where 1 is the ID of the post\u002Fpage ratings results that you want to display.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Development\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Flesterchan\u002Fwp-postratings\" title=\"https:\u002F\u002Fgithub.com\u002Flesterchan\u002Fwp-postratings\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002Flesterchan\u002Fwp-postratings\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Plugin icon by \u003Ca href=\"http:\u002F\u002Fwww.freepik.com\" rel=\"nofollow ugc\">Freepik\u003C\u002Fa> from \u003Ca href=\"http:\u002F\u002Fwww.flaticon.com\" rel=\"nofollow ugc\">Flaticon\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Icons courtesy of \u003Ca href=\"http:\u002F\u002Fwww.famfamfam.com\u002F\" title=\"FamFamFam\" rel=\"nofollow ugc\">FamFamFam\u003C\u002Fa> and \u003Ca href=\"http:\u002F\u002Fwww.everaldo.com\" title=\"Everaldo\" rel=\"nofollow ugc\">Everaldo\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Donations\u003C\u002Fh3>\n\u003Cp>I spent most of my free time creating, updating, maintaining and supporting these plugins, if you really love my plugins and could spare me a couple of bucks, I will really appreciate it. If not feel free to use it without any obligations.\u003C\u002Fp>\n","Adds an AJAX rating system for your WordPress site's content.",30000,2263058,86,179,"2024-07-16T13:07:00.000Z","6.6.5","4.9.6","",[22,55,23,24,56],"postratings","vote","https:\u002F\u002Flesterchan.net\u002Fportfolio\u002Fprogramming\u002Fphp\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-postratings.1.91.2.zip",88,5,"2024-08-01 00:00:00",{"slug":63,"name":64,"version":65,"author":66,"author_profile":67,"description":68,"short_description":69,"active_installs":70,"downloaded":71,"rating":72,"num_ratings":73,"last_updated":74,"tested_up_to":75,"requires_at_least":76,"requires_php":53,"tags":77,"homepage":80,"download_link":81,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"post-ratings","Post Ratings","3.0","digitalnature","https:\u002F\u002Fprofiles.wordpress.org\u002Fdigitalnature\u002F","\u003Cp>\u003Ca href=\"http:\u002F\u002Fwww.dfactory.eu\u002Fplugins\u002Fpost-ratings\u002F\" rel=\"nofollow ugc\">Post Ratings\u003C\u002Fa> is a simple, developer-friendly, straightforward post rating plugin. Relies on post meta to store avg. rating \u002F vote count.\u003C\u002Fp>\n\u003Cp>For more information, check out plugin page at \u003Ca href=\"http:\u002F\u002Fwww.dfactory.eu\u002F\" rel=\"nofollow ugc\">dFactory\u003C\u002Fa> or plugin \u003Ca href=\"http:\u002F\u002Fwww.dfactory.eu\u002Fsupport\u002Fforum\u002Fpost-ratings\u002F\" rel=\"nofollow ugc\">support forum\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Features include:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Allow your site users to rate posts (of any kind)\u003C\u002Fli>\n\u003Cli>Display the average post rating, vote count or weighted (bayesian) rating within your posts\u003C\u002Fli>\n\u003Cli>Display a widget with the top rated posts in your sidebar\u003C\u002Fli>\n\u003Cli>Allow you to create your own rating formula\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Why another rating plugin? Because the existing ones are either outdated, bloated with useless functionality, or just too buggy 🙂\u003C\u002Fp>\n","Simple, developer-friendly, straightforward post rating plugin. Relies on post meta to store avg. rating \u002F vote count.",700,76678,90,23,"2017-11-28T21:37:00.000Z","4.5.33","4.0.0",[78,79,22,23,24],"ajax","post","http:\u002F\u002Fwww.dfactory.eu\u002Fplugins\u002Fpost-ratings\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpost-ratings.3.0.zip",{"slug":83,"name":84,"version":85,"author":86,"author_profile":87,"description":88,"short_description":89,"active_installs":11,"downloaded":90,"rating":13,"num_ratings":91,"last_updated":92,"tested_up_to":93,"requires_at_least":94,"requires_php":53,"tags":95,"homepage":98,"download_link":99,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":100},"pixelpost-importer","Pixelpost Importer","0.1.2","Pierre Bodilis","https:\u002F\u002Fprofiles.wordpress.org\u002Fkerlu\u002F","\u003Cp>Set up your PixelPost database info, and let it work for a while. It’ll import categories, posts and comments. It leaves a new table in the database, used by the provided index.php (see FAQ) to keep the old link alive, by redirecting them to the new uri.\u003C\u002Fp>\n\u003Cp>Imported posts are imported as posts with an “image” format in wordpress, the image attached to the imported post. A “more” separator is inserted between the image and the post content.\u003C\u002Fp>\n","Import your PixelPost database in WordPress (categories, posts, comments, and ratings).",3042,4,"2015-07-08T12:08:00.000Z","4.2.39","3.3",[96,97,22,55],"importer","pixelpost","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fpixelpost-importer\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpixelpost-importer.1.0.zip","2026-03-15T14:54:45.397Z",{"slug":102,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":11,"downloaded":108,"rating":13,"num_ratings":33,"last_updated":53,"tested_up_to":103,"requires_at_least":109,"requires_php":53,"tags":110,"homepage":111,"download_link":112,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":113},"wp-postratings-my","3.6.1","Calen Fretts","https:\u002F\u002Fprofiles.wordpress.org\u002Ffrettsy\u002F","\u003Cp>Shows users their WP-PostRatings and allows filters.\u003C\u002Fp>\n\u003Ch4>Don’t forget!\u003C\u002Fh4>\n\u003Cp>If you use wp-postratings-my on your site, please leave a comment at the \u003Ca href=\"http:\u002F\u002Finfinity.calenfretts.com\u002Fcategory\u002Fgeek\u002Fwordpress\u002Fwp-postratings-my\u002F\" rel=\"nofollow ugc\">plugin homepage\u003C\u002Fa> to let us know! We love to see it in action around the interglobe.\u003C\u002Fp>\n","Shows users their WP-PostRatings and allows filters.",8443,"2.8",[22,55,23,24,102],"http:\u002F\u002Fhttp:\u002F\u002Finfinity.calenfretts.com\u002Fcategory\u002Fgeek\u002Fwordpress\u002Fwp-postratings-my\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-postratings-my.3.6.1.zip","2026-03-15T10:48:56.248Z",{"slug":115,"name":116,"version":117,"author":118,"author_profile":119,"description":120,"short_description":121,"active_installs":28,"downloaded":122,"rating":13,"num_ratings":14,"last_updated":123,"tested_up_to":124,"requires_at_least":125,"requires_php":53,"tags":126,"homepage":131,"download_link":132,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"msd-google-reviews","MSD Google Review","0.1","Akhileshwar Dayal","https:\u002F\u002Fprofiles.wordpress.org\u002Fakhilnatural\u002F","\u003Cp>The quality and quantity of reviews on Google is one of the most important ranking factors for local SEO. And, when a person scans the search results for a local product or service in Google, the business listings that include customer reviews present greater credibility and, naturally, receive more clicks.\u003Cbr \u002F>\nIt’s important for businesses to get Google reviews. Display Google Review on your wordpress page, post, or widget.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Simple Settings Page\u003C\u002Fli>\n\u003Cli>Clear Documentation\u003C\u002Fli>\n\u003Cli>Minimal Settings\u003C\u002Fli>\n\u003C\u002Ful>\n","The quality and quantity of reviews on Google is one of the most important ranking factors for local SEO. And, when a person scans the search results  &hellip;",5571,"2019-01-27T08:55:00.000Z","5.0.25","4.4.0",[127,128,129,24,130],"google","google-ratings","google-review","review","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmsd-google-reviews","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmsd-google-reviews.0.1.zip",{"attackSurface":134,"codeSignals":211,"taintFlows":303,"riskAssessment":350,"analyzedAt":363},{"hooks":135,"ajaxHandlers":188,"restRoutes":197,"shortcodes":198,"cronEvents":210,"entryPointCount":60,"unprotectedCount":14},[136,142,146,150,154,158,162,166,171,176,180,183],{"type":137,"name":138,"callback":139,"file":140,"line":141},"action","init","loadPluginTextDomain","src\\Plugin.php",44,{"type":137,"name":143,"callback":144,"file":140,"line":145},"widgets_init","closure",58,{"type":137,"name":147,"callback":148,"file":149,"line":59},"admin_enqueue_scripts","initAdminScripts","src\\Service\\Admin\\SettingsHookService.php",{"type":137,"name":151,"callback":152,"file":149,"line":153},"admin_init","setDefaultSettings",94,{"type":137,"name":155,"callback":156,"file":149,"line":157},"admin_post_wpr-update","saveForm",97,{"type":137,"name":159,"callback":160,"file":149,"line":161},"admin_notices","successMessage",98,{"type":137,"name":163,"callback":164,"file":149,"line":165},"admin_menu","addMenuSection",101,{"type":167,"name":168,"callback":169,"priority":11,"file":149,"line":170},"filter","plugin_row_meta","addStarsNearPluginName",104,{"type":137,"name":172,"callback":173,"file":174,"line":175},"wp_enqueue_scripts","initScripts","src\\Service\\SettingsHookService.php",25,{"type":137,"name":177,"callback":178,"file":174,"line":179},"wp_head","render",27,{"type":137,"name":151,"callback":144,"file":181,"line":182},"src\\Views\\Admin\\SettingsView.php",48,{"type":137,"name":184,"callback":185,"file":186,"line":187},"plugins_loaded","run_wp_post_rating","wp-post-rating.php",54,[189,195],{"action":190,"nopriv":191,"callback":192,"hasNonce":193,"hasCapCheck":193,"file":140,"line":194},"wpr_voted",true,"actionVote",false,63,{"action":190,"nopriv":193,"callback":192,"hasNonce":193,"hasCapCheck":193,"file":140,"line":196},64,[],[199,203,206],{"tag":200,"callback":201,"file":140,"line":202},"wp_rating","renderStars",53,{"tag":204,"callback":205,"file":140,"line":187},"wp_rating_total","getRatingTotal",{"tag":207,"callback":208,"file":140,"line":209},"wp_rating_avg","getRatingAvg",55,[],{"dangerousFunctions":212,"sqlUsage":213,"outputEscaping":216,"fileOperations":33,"externalRequests":28,"nonceChecks":301,"capabilityChecks":28,"bundledLibraries":302},[],{"prepared":214,"raw":28,"locations":215},15,[],{"escaped":217,"rawEcho":218,"locations":219},13,39,[220,224,227,229,232,235,237,239,241,242,245,248,250,252,254,256,258,259,260,262,263,265,267,269,271,273,275,277,279,281,283,285,287,289,291,293,295,297,299],{"file":221,"line":222,"context":223},"config\\php-scoper\\twig.inc.php",60,"raw output",{"file":225,"line":226,"context":223},"src\\Service\\AjaxService.php",34,{"file":225,"line":228,"context":223},42,{"file":230,"line":231,"context":223},"src\\Service\\DocumentService.php",11,{"file":233,"line":234,"context":223},"src\\Service\\RatingService.php",74,{"file":236,"line":72,"context":223},"src\\Service\\SettingFormService.php",{"file":238,"line":209,"context":223},"src\\Views\\Admin\\RatingTableView.php",{"file":238,"line":240,"context":223},162,{"file":181,"line":226,"context":223},{"file":243,"line":244,"context":223},"src\\Views\\NonceView.php",22,{"file":246,"line":247,"context":223},"src\\Wordpress\\WPR_Widget.php",38,{"file":246,"line":249,"context":223},40,{"file":246,"line":251,"context":223},43,{"file":246,"line":253,"context":223},45,{"file":246,"line":255,"context":223},92,{"file":246,"line":257,"context":223},93,{"file":246,"line":153,"context":223},{"file":246,"line":161,"context":223},{"file":246,"line":261,"context":223},99,{"file":246,"line":13,"context":223},{"file":246,"line":264,"context":223},102,{"file":246,"line":266,"context":223},103,{"file":246,"line":268,"context":223},108,{"file":246,"line":270,"context":223},109,{"file":246,"line":272,"context":223},110,{"file":246,"line":274,"context":223},114,{"file":246,"line":276,"context":223},115,{"file":246,"line":278,"context":223},116,{"file":246,"line":280,"context":223},123,{"file":246,"line":282,"context":223},126,{"file":246,"line":284,"context":223},127,{"file":246,"line":286,"context":223},128,{"file":246,"line":288,"context":223},137,{"file":246,"line":290,"context":223},140,{"file":246,"line":292,"context":223},141,{"file":246,"line":294,"context":223},142,{"file":246,"line":296,"context":223},150,{"file":246,"line":298,"context":223},151,{"file":246,"line":300,"context":223},152,3,[],[304,321,329,341],{"entryPoint":305,"graph":306,"unsanitizedCount":33,"severity":320},"installPlugin (src\\Service\\MaintenanceService.php:28)",{"nodes":307,"edges":318},[308,313],{"id":309,"type":310,"label":311,"file":312,"line":226},"n0","source","$_SERVER['HTTP_HOST']","src\\Service\\MaintenanceService.php",{"id":314,"type":315,"label":316,"file":312,"line":226,"wp_function":317},"n1","sink","file_get_contents() [SSRF\u002FLFI]","file_get_contents",[319],{"from":309,"to":314,"sanitized":193},"medium",{"entryPoint":322,"graph":323,"unsanitizedCount":33,"severity":320},"\u003CMaintenanceService> (src\\Service\\MaintenanceService.php:0)",{"nodes":324,"edges":327},[325,326],{"id":309,"type":310,"label":311,"file":312,"line":226},{"id":314,"type":315,"label":316,"file":312,"line":226,"wp_function":317},[328],{"from":309,"to":314,"sanitized":193},{"entryPoint":330,"graph":331,"unsanitizedCount":33,"severity":320},"saveForm (src\\Service\\SettingFormService.php:26)",{"nodes":332,"edges":339},[333,335],{"id":309,"type":310,"label":334,"file":236,"line":249},"$_POST",{"id":314,"type":315,"label":336,"file":236,"line":337,"wp_function":338},"wp_redirect() [Open Redirect]",41,"wp_redirect",[340],{"from":309,"to":314,"sanitized":193},{"entryPoint":342,"graph":343,"unsanitizedCount":28,"severity":349},"\u003CSettingFormService> (src\\Service\\SettingFormService.php:0)",{"nodes":344,"edges":347},[345,346],{"id":309,"type":310,"label":334,"file":236,"line":249},{"id":314,"type":315,"label":336,"file":236,"line":337,"wp_function":338},[348],{"from":309,"to":314,"sanitized":191},"low",{"summary":351,"deductions":352},"The \"wp-post-rating\" plugin version 1.2.2 exhibits a mixed security posture. On the positive side, it demonstrates good practices by using prepared statements for all SQL queries, has no known historical vulnerabilities, and makes no external HTTP requests. The absence of bundled libraries also simplifies security management. However, significant concerns arise from the static analysis. Two AJAX handlers are present without any authentication checks, creating a substantial attack surface that could be exploited by unauthenticated users. Furthermore, a concerning 75% of output operations are not properly escaped, leaving the plugin vulnerable to cross-site scripting (XSS) attacks through these unescaped outputs. The taint analysis also indicates three flows with unsanitized paths, although these did not reach a critical or high severity, they still represent potential weaknesses that warrant attention. The plugin's lack of capability checks further exacerbates the risk posed by the unprotected AJAX endpoints and unescaped outputs.",[353,355,358,361],{"reason":354,"points":11},"Unprotected AJAX handlers",{"reason":356,"points":357},"High percentage of unescaped output",8,{"reason":359,"points":360},"Flows with unsanitized paths",6,{"reason":362,"points":60},"No capability checks","2026-03-17T00:30:09.892Z",{"wat":365,"direct":376},{"assetPaths":366,"generatorPatterns":371,"scriptPaths":372,"versionParams":373},[367,368,369,370],"\u002Fwp-content\u002Fplugins\u002Fwp-post-rating\u002Fcss\u002Fmain.css","\u002Fwp-content\u002Fplugins\u002Fwp-post-rating\u002Fjs\u002Fmain.bundle.js","\u002Fwp-content\u002Fplugins\u002Fwp-post-rating\u002Fjs\u002Fadmin.bundle.js","\u002Fwp-content\u002Fplugins\u002Fwp-post-rating\u002Fcss\u002Fadmin.css",[],[368,369],[374,375],"wp-post-rating\u002Fmain.css?ver=","wp-post-rating\u002Fmain.bundle.js?ver=",{"cssClasses":377,"htmlComments":378,"htmlAttributes":379,"restEndpoints":380,"jsGlobals":381,"shortcodeOutput":383},[4],[],[],[],[382],"WPR",[384,385,386],"[wp_rating]","[wp_rating_total]","[wp_rating_avg]"]