[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$ffYlvl5d2XJwAJMTeFFWDJrEVXx-ABGve6WogZZAhkGU":3,"$fSTF1iIIo9KDEkX2xGYdf1U9GMSsek2X4QeURUOnIET8":269,"$fdk2TJobbUYHYP6lnBV3aXDlXgm3eTpBU2KdnCzB79hs":273},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"discovery_status":30,"vulnerabilities":31,"developer":58,"crawl_stats":37,"alternatives":66,"analysis":165,"fingerprints":239},"wpfaqblock","WPFAQBlock– FAQ & Accordion Plugin For Gutenberg","1.2.0","Creative Werk Designs","https:\u002F\u002Fprofiles.wordpress.org\u002Fcreativewerkdesigns\u002F","\u003Cp>Easily create FAQs and add them to any page on your site. The responsive accordion display fits seamlessly into any site and provides a great FAQ user experience on any device.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WPFAQBlock includes Gutenberg block and shortcodes, so you can easily display your FAQs on any page, no matter which page editing system you are using.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Create unlimited FAQs\u003C\u002Fli>\n\u003Cli>Create unlimited FAQ categories and tags\u003C\u002Fli>\n\u003Cli>Create unlimited custom templates\u003C\u002Fli>\n\u003Cli>FAQs Search Function\u003C\u002Fli>\n\u003Cli>Easy-to-use Gutenberg blocks to display your FAQs anywhere\u003C\u002Fli>\n\u003Cli>FAQ shortcodes for extra flexibility\u003C\u002Fli>\n\u003Cli>Responsive accordion layout that will fit any site and any device\u003C\u002Fli>\n\u003Cli>Ordering and sorting options for your FAQ page\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>FAQ Blocks\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>WPFAQBlock\u003C\u002Fstrong>: Display all FAQs with search function.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>FAQ Shortcodes\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>[wpfaqblock]: Display all FAQs, or only specific categories using selecting and exclude parameters (both take a comma-separated list of category slugs)\u003C\u002Fli>\n\u003C\u002Ful>\n","WPFAQBlock and accordion plugin with easy to use Gutenberg blocks and shortcodes with FAQ search.",10,17387,0,"2026-03-24T12:19:00.000Z","6.9.4","6.1","7.0",[19,20,21,22,23],"accordion","block-faqs","faq-block","faqs","gutenberg-faq","https:\u002F\u002Fwww.wpfaqblock.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpfaqblock.1.2.0.zip",78,1,"2026-03-20 15:19:54","2026-04-16T10:56:18.058Z","no_bundle",[32],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":37,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":28,"updated_date":43,"references":44,"days_to_patch":37,"patch_diff_files":46,"patch_trac_url":37,"research_status":47,"research_verified":48,"research_rounds_completed":49,"research_plan":50,"research_summary":51,"research_vulnerable_code":52,"research_fix_diff":53,"research_exploit_outline":54,"research_model_used":55,"research_started_at":56,"research_completed_at":57,"research_error":37,"poc_status":37,"poc_video_id":37,"poc_summary":37,"poc_steps":37,"poc_tested_at":37,"poc_wp_version":37,"poc_php_version":37,"poc_playwright_script":37,"poc_exploit_code":37,"poc_has_trace":48,"poc_model_used":37,"poc_verification_depth":37},"CVE-2026-1093","wpfaqblock-faq-accordion-plugin-for-gutenberg-authenticated-contributor-stored-cross-site-scripting-via-class-shortcode-","WPFAQBlock– FAQ & Accordion Plugin For Gutenberg \u003C= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'class' Shortcode Attribute","The WPFAQBlock– FAQ & Accordion Plugin For Gutenberg plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'class' parameter of the 'wpfaqblock' shortcode in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",null,"\u003C=1.1","medium",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2026-05-12 05:30:23",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F3a3147b5-0362-4299-8339-655eaade948e?source=api-prod",[],"researched",false,3,"This research plan outlines the technical steps to exploit **CVE-2026-1093**, a Stored Cross-Site Scripting (XSS) vulnerability in the **WPFAQBlock** plugin.\n\n---\n\n### 1. Vulnerability Summary\nThe **WPFAQBlock** plugin (versions \u003C= 1.1) fails to properly sanitize or escape the `class` attribute of its `[wpfaqblock]` shortcode. When the shortcode is processed, the user-supplied `class` value is concatenated into an HTML tag (likely a `div` or `section`) without being passed through `esc_attr()`. This allows a user with **Contributor** privileges or higher to inject arbitrary HTML and JavaScript into the rendered page.\n\n### 2. Attack Vector Analysis\n*   **Shortcode:** `[wpfaqblock]`\n*   **Vulnerable Attribute:** `class`\n*   **Authentication Required:** Contributor+ (standard WordPress permission to create\u002Fedit posts and use shortcodes).\n*   **Persistence:** Stored (the payload is saved in the `wp_posts` table and executes whenever the post is viewed).\n*   **Sink:** The value of the `class` attribute is reflected in the HTML source of the post on the frontend.\n\n### 3. Code Flow (Inferred)\n1.  **Registration:** The plugin registers the shortcode during the `init` hook using `add_shortcode( 'wpfaqblock', 'render_callback_function' );`.\n2.  **Parsing:** The callback function uses `shortcode_atts()` to merge user-supplied attributes with defaults.\n    ```php\n    \u002F\u002F Predicted logic in callback:\n    $atts = shortcode_atts( array(\n        'class' => '',\n        \u002F\u002F ... other attributes\n    ), $atts );\n    ```\n3.  **Rendering (The Sink):** The plugin constructs the HTML output. It likely echoes or returns a string where the `class` attribute is placed inside double quotes.\n    ```php\n    \u002F\u002F Predicted vulnerable sink:\n    $output = '\u003Cdiv class=\"' . $atts['class'] . '\">'; \u002F\u002F No esc_attr() used here\n    ```\n4.  **Execution:** When a visitor (including an Administrator) views the post, the browser interprets the injected quote (`\"`) as the end of the class attribute, allowing the attacker to add new attributes (like `onmouseover`) or close the tag and start a `\u003Cscript>` block.\n\n### 4. Nonce Acquisition Strategy\nThis vulnerability is triggered by **rendering** a shortcode. In WordPress, shortcodes are parsed automatically when a post is displayed.\n*   **Post Creation:** To inject the shortcode, we will use **WP-CLI**. This bypasses the need for frontend nonces associated with the Gutenberg editor or AJAX-based autosaves.\n*   **Frontend Execution:** No nonce is required to trigger the XSS. The payload executes when any user navigates to the public URL of the post.\n\n### 5. Exploitation Strategy\n1.  **Authentication:** Authenticate as a **Contributor** user.\n2.  **Injection:** Use WP-CLI to create a new post containing the malicious shortcode.\n3.  **Payload Selection:**\n    *   Primary Payload (Attribute Breakout): `[wpfaqblock class='\">\u003Cscript>alert(window.origin)\u003C\u002Fscript>']`\n    *   Alternative Payload (Attribute Injection): `[wpfaqblock class='x\" onmouseover=\"alert(1)\" style=\"width:1000px;height:1000px;display:block;']`\n4.  **Triggering:** Navigate to the published post's URL using an **Administrator** session to demonstrate the impact (e.g., cookie theft or admin dashboard access).\n\n### 6. Test Data Setup\n*   **User:** Create a user with the `contributor` role.\n*   **Post:**\n    ```bash\n    wp user create attacker attacker@example.com --role=contributor --user_pass=password\n    wp post create --post_type=post --post_status=publish --post_title=\"FAQ Page\" --post_author=$(wp user get attacker --field=ID) --post_content='[wpfaqblock class=\"\\\">\u003Cscript>confirm(\\\"XSS_EXPLOITED\\\")\u003C\u002Fscript>\"]'\n    ```\n\n### 7. Expected Results\n*   The HTML source of the rendered page should contain:\n    `\u003Cdiv class=\"\">\u003Cscript>confirm(\"XSS_EXPLOITED\")\u003C\u002Fscript>\">` (or similar depending on the exact tag name).\n*   The JavaScript `confirm()` dialog should trigger automatically upon page load.\n\n### 8. Verification Steps\n1.  **Retrieve Post URL:** Use `wp post list` to find the ID of the created post, then get the permalink.\n2.  **Navigate and Audit:** Use `browser_navigate` to visit the post.\n3.  **Inspect Source:** Use `browser_eval` to check for the existence of the injected script tag in the DOM.\n    ```javascript\n    \u002F\u002F Check if the script exists\n    document.body.innerHTML.includes('confirm(\"XSS_EXPLOITED\")')\n    ```\n4.  **Verify Admin Impact:** Log in as an administrator and visit the same URL to confirm the script executes in a high-privileged context.\n\n### 9. Alternative Approaches\nIf the plugin uses a specific Gutenberg block instead of a standard shortcode (common in modern \"Block\" plugins):\n*   **Gutenberg Attribute Injection:** The payload would be injected into the block's JSON attributes. We would still target the `class` or `className` attribute.\n*   **REST API Injection:** If the contributor uses the REST API to save the post, we would send a POST request to `\u002Fwp-json\u002Fwp\u002Fv2\u002Fposts\u002F[ID]` with the shortcode in the `content` field.\n\n**Payload Note:** If the plugin uses `esc_html()` but not `esc_attr()`, the breakout `\">` will still work because `esc_html()` only encodes `\u003C` and `>`, while `esc_attr()` is required to encode quotes. Since the injection point is an attribute (`class=\"...\"`), breaking out of the quotes is the primary goal.","The WPFAQBlock plugin for WordPress (versions \u003C= 1.1) is vulnerable to Stored Cross-Site Scripting (XSS) due to insufficient output escaping on the 'class' attribute within the [wpfaqblock] shortcode. This allow authenticated users with Contributor-level permissions or higher to inject arbitrary JavaScript into pages that executes when viewed by other users, including administrators.","\u002F\u002F Inferred code within the shortcode registration callback\n\u002F\u002F File path likely: wp-content\u002Fplugins\u002Fwpfaqblock\u002Fwpfaqblock.php or similar\n\n$atts = shortcode_atts( array(\n    'class' => '',\n    'id'    => '',\n), $atts );\n\n$output = '\u003Cdiv class=\"' . $atts['class'] . '\">';","--- a\u002Fwpfaqblock.php\n+++ b\u002Fwpfaqblock.php\n@@ -10,7 +10,7 @@\n     $atts = shortcode_atts( array(\n         'class' => '',\n     ), $atts );\n \n-    $output = '\u003Cdiv class=\"' . $atts['class'] . '\">';\n+    $output = '\u003Cdiv class=\"' . esc_attr( $atts['class'] ) . '\">';","The exploit involves an attacker with at least Contributor privileges injecting a malicious script via the plugin's shortcode. 1. Authenticate as a Contributor. 2. Create or edit a post and insert the following shortcode: [wpfaqblock class='\\\">\u003Cscript>alert(document.cookie)\u003C\u002Fscript>']. 3. The plugin fails to sanitize the 'class' attribute and reflects the raw input into the HTML 'class' property. 4. The payload uses a double quote to break out of the HTML attribute and inserts a \u003Cscript> tag. 5. When any user (such as an Administrator) views the published post, the JavaScript payload executes in their browser context.","gemini-3-flash-preview","2026-04-18 00:38:51","2026-04-18 00:39:06",{"slug":59,"display_name":7,"profile_url":8,"plugin_count":60,"total_installs":61,"avg_security_score":62,"avg_patch_time_days":63,"trust_score":64,"computed_at":65},"creativewerkdesigns",7,2510,97,4,98,"2026-05-19T20:01:25.499Z",[67,90,112,130,147],{"slug":68,"name":69,"version":70,"author":71,"author_profile":72,"description":73,"short_description":74,"active_installs":75,"downloaded":76,"rating":77,"num_ratings":78,"last_updated":79,"tested_up_to":15,"requires_at_least":80,"requires_php":81,"tags":82,"homepage":87,"download_link":88,"security_score":89,"vuln_count":13,"unpatched_count":13,"last_vuln_date":37,"fetched_at":29},"quick-and-easy-faqs","Quick and Easy FAQs","1.3.14","Inspiry Themes","https:\u002F\u002Fprofiles.wordpress.org\u002Finspirythemes\u002F","\u003Cp>This plugin provides a quick and easy way add FAQs using custom post type and later on displaying those FAQs using Gutenberg Blocks or shortcodes. For details, Please consult the documentation below.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Easily add FAQs using FAQ custom post type.\u003C\u002Fli>\n\u003Cli>Display FAQs in simple list style, accordion style or toggle style.\u003C\u002Fli>\n\u003Cli>Display FAQs in groups.\u003C\u002Fli>\n\u003Cli>Display FAQs in filterable groups.\u003C\u002Fli>\n\u003Cli>Display FAQs in sorted order by title or date.\u003C\u002Fli>\n\u003Cli>Settings page to customize colors and other stuff.\u003C\u002Fli>\n\u003Cli>Custom CSS box in settings page to override default styles.\u003C\u002Fli>\n\u003Cli>Translation Ready ( Comes with POT file and PO & MO translation files for few main languages )\u003C\u002Fli>\n\u003Cli>RTL ( Right to Left Language ) Support\u003C\u002Fli>\n\u003Cli>Support for Visual Composer Plugin\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Documentation\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Ccode>[faqs]\u003C\u002Fcode> Display all FAQs in simple list style.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ccode>[faqs limit=\"5\"]\u003C\u002Fcode> Display limited number of FAQs.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ccode>[faqs order=\"ASC\" orderby=\"title\"]\u003C\u002Fcode> Display all FAQs in simple list style and order by ascending title.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ccode>[faqs order=\"DESC\" orderby=\"title\"]\u003C\u002Fcode> Display all FAQs in simple list style and order by descending title.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ccode>[faqs style=\"grouped\"]\u003C\u002Fcode> Display all FAQs in simple list style that are separated by groups.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ccode>[faqs filter=\"true\"]\u003C\u002Fcode> Display FAQs in simple list style that are filterable by all available groups.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ccode>[faqs filter=\"group-slug,another-group-slug\"]\u003C\u002Fcode> Display FAQs in simple list style that are filterable by only given group slugs.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ccode>[faqs style=\"toggle\"]\u003C\u002Fcode> Display all FAQs in toggle style.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ccode>[faqs style=\"toggle\" filter=\"true\"]\u003C\u002Fcode> Display all FAQs in toggle style and filterable by all available groups.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ccode>[faqs style=\"toggle-grouped\"]\u003C\u002Fcode> Display all FAQs in toggle style and grouped by all available groups.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ccode>[faqs style=\"toggle\" order=\"ASC\" orderby=\"title\"]\u003C\u002Fcode> Display all FAQs in toggle style and order by ascending title.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ccode>[faqs style=\"toggle\" order=\"DESC\" orderby=\"title\"]\u003C\u002Fcode> Display all FAQs in toggle style and order by descending title.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ccode>[faqs style=\"accordion\"]\u003C\u002Fcode> Display all FAQs in accordion style.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ccode>[faqs style=\"accordion\" filter=\"true\"]\u003C\u002Fcode> Display all FAQs in accordion style and filterable by all available groups.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ccode>[faqs style=\"accordion-grouped\"]\u003C\u002Fcode> Display all FAQs in accordion style and grouped by all available groups.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ccode>[faqs style=\"accordion\" order=\"ASC\" orderby=\"title\"]\u003C\u002Fcode> Display all FAQs in accordion style and order by ascending title.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ccode>[faqs style=\"accordion\" order=\"DESC\" orderby=\"title\"]\u003C\u002Fcode> Display all FAQs in accordion style and order by descending title.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Links\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Finspirythemes\u002Fquick-and-easy-faqs\" rel=\"nofollow ugc\">GitHub Repository\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Truly a quick and easy way to add FAQs to your site.",10000,420878,92,36,"2025-12-04T07:01:00.000Z","6.0","8.3",[83,84,22,85,86],"accordion-faqs","faq","filtered-faqs","gutenberg-faqs","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fquick-and-easy-faqs\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fquick-and-easy-faqs.1.3.14.zip",100,{"slug":91,"name":92,"version":93,"author":94,"author_profile":95,"description":96,"short_description":97,"active_installs":98,"downloaded":99,"rating":100,"num_ratings":101,"last_updated":102,"tested_up_to":15,"requires_at_least":103,"requires_php":104,"tags":105,"homepage":108,"download_link":109,"security_score":110,"vuln_count":27,"unpatched_count":13,"last_vuln_date":111,"fetched_at":29},"easy-accordion-block","Easy Accordion Block","1.4.5","Binsaifullah","https:\u002F\u002Fprofiles.wordpress.org\u002Fbinsaifullah\u002F","\u003Cp>Easy Accordion Block – Create Stunning & Responsive Accordions Effortlessly\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Easy Accordion Block\u003C\u002Fstrong> is a lightweight and powerful \u003Cstrong>Gutenberg block\u003C\u002Fstrong> that allows you to create beautiful \u003Cstrong>accordion sections\u003C\u002Fstrong> or \u003Cstrong>FAQ sections\u003C\u002Fstrong> without writing a single line of code! Built with \u003Cstrong>Gutenberg native components\u003C\u002Fstrong>, this block ensures seamless integration with the WordPress block editor and works flawlessly with any WordPress theme.\u003C\u002Fp>\n\u003Cp>🌟 \u003Cstrong>\u003Ca href=\"https:\u002F\u002Faccordion.gutenbergkits.com\u002Fdemos\" rel=\"nofollow ugc\">View Demo\u003C\u002Fa>\u003C\u002Fstrong> | \u003Cstrong>\u003Ca href=\"https:\u002F\u002Faccordion.gutenbergkits.com\u002Fpricing\" rel=\"nofollow ugc\">Get Pro Version\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>Video Tutorial\u003C\u002Fh3>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FHh3LNLpwzX4?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch3>🚀 Why Choose Easy Accordion Block?\u003C\u002Fh3>\n\u003Cp>✅ \u003Cstrong>Fast & Lightweight\u003C\u002Fstrong> – Loads scripts only on pages where the block is used, ensuring better performance.\u003Cbr \u002F>\n✅ \u003Cstrong>Highly Customizable\u003C\u002Fstrong> – Adjust the accordion’s design, colors, icons, and layout to match your website’s aesthetics.\u003Cbr \u002F>\n✅ \u003Cstrong>No Coding Required\u003C\u002Fstrong> – Drag, drop, and customize accordion items effortlessly within the block editor.\u003Cbr \u002F>\n✅ \u003Cstrong>Works with Any Theme\u003C\u002Fstrong> – Fully compatible with all WordPress themes.\u003Cbr \u002F>\n✅ \u003Cstrong>SEO & Accessibility Friendly\u003C\u002Fstrong> – Designed with best practices for performance and user experience.\u003C\u002Fp>\n\u003Ch3>✨ Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Single & Multiple Accordion Items Opened at Once\u003C\u002Fstrong> – Control how accordion items behave.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Keep Accordion Active on Load\u003C\u002Fstrong> – Set default open items for better user interaction.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Allow Closing All Accordion Items\u003C\u002Fstrong> – Users can collapse all accordions for a cleaner view.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Nested Accordion Support\u003C\u002Fstrong> – Create multi-level accordions effortlessly.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customizable Icons\u003C\u002Fstrong> – Choose from \u003Cstrong>100+ SVG icons\u003C\u002Fstrong> for active and inactive states.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Add Any Block as Accordion Content\u003C\u002Fstrong> – Embed images, videos, or even other blocks inside accordion items.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Smart Styling Options\u003C\u002Fstrong> – Adjust \u003Cstrong>colors, margins, padding\u003C\u002Fstrong>, and use \u003Cstrong>theme color palettes\u003C\u002Fstrong> for seamless design integration.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Unlimited Accordion Items\u003C\u002Fstrong> – Add as many accordions as you need.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Fully Responsive\u003C\u002Fstrong> – Looks great on \u003Cstrong>desktop, tablet, and mobile\u003C\u002Fstrong> devices.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Accessibility Enabled\u003C\u002Fstrong> – Ensures a better user experience for all visitors.  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Whether you’re building \u003Cstrong>FAQs, product feature sections, or collapsible content areas\u003C\u002Fstrong>, \u003Cstrong>Easy Accordion Block\u003C\u002Fstrong> makes it simple and efficient.\u003C\u002Fp>\n\u003Cp>👉 \u003Cstrong>Download now and start creating beautiful accordions in seconds!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>🌟 Pro Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Schema Markup\u003C\u002Fli>\n\u003Cli>Badge\u003C\u002Fli>\n\u003Cli>Image Accordion\u003C\u002Fli>\n\u003Cli>Load More\u003C\u002Fli>\n\u003Cli>Search\u003C\u002Fli>\n\u003Cli>All Open\u002FClose\u003C\u002Fli>\n\u003Cli>Linked\u003C\u002Fli>\n\u003Cli>Disable Accordion\u003C\u002Fli>\n\u003Cli>QA Style\u003C\u002Fli>\n\u003Cli>Content Folding\u003C\u002Fli>\n\u003Cli>3 Activator Events (Click, Hover, Autoplay)\u003C\u002Fli>\n\u003Cli>Check List Layout\u003C\u002Fli>\n\u003Cli>Step Layout\u003C\u002Fli>\n\u003Cli>Sub heading\u003C\u002Fli>\n\u003Cli>Heading icon\u003C\u002Fli>\n\u003Cli>Header Bar\u003C\u002Fli>\n\u003Cli>Custom Icon\u002FImage\u003C\u002Fli>\n\u003C\u002Ful>\n","Easy Accordion Block allows you to create an accordion or a FAQs section in Gutenberg editor easily.",7000,88474,88,16,"2026-03-31T06:53:00.000Z","6.6","7.4",[19,106,21,22,107],"accordion-block","gutenberg-block","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feasy-accordion-block.1.4.5.zip",99,"2024-11-01 00:00:00",{"slug":113,"name":114,"version":115,"author":116,"author_profile":117,"description":118,"short_description":119,"active_installs":120,"downloaded":121,"rating":122,"num_ratings":123,"last_updated":124,"tested_up_to":15,"requires_at_least":125,"requires_php":104,"tags":126,"homepage":128,"download_link":129,"security_score":89,"vuln_count":13,"unpatched_count":13,"last_vuln_date":37,"fetched_at":29},"faqly-ultimate-faq","FAQly – Ultimate FAQ","1.1.8","drakearthur","https:\u002F\u002Fprofiles.wordpress.org\u002Fdrakearthur\u002F","\u003Cp>Having an FAQ section or knowledge base on your site is essential for improving user experience and reducing support inquiries. FAQly – Ultimate FAQ Plugin makes it easy to create, manage, and display FAQs anywhere on your website using blocks, patterns, or shortcodes.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fdemo.seothemesexpert.com\u002Ffaqly-pro\u002F\" rel=\"nofollow ugc\">Live Demo\u003C\u002Fa>  | \u003Ca href=\"https:\u002F\u002Fdemo.seothemesexpert.com\u002Fdocumentation\u002Ffaqly-pro\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.seothemesexpert.com\u002Fproducts\u002Fthe-ultimate-faq-wordpress-plugin\" rel=\"nofollow ugc\">Upgrade to Pro!\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>With FAQly, you can:\u003C\u002Fstrong>\u003Cbr \u002F>\n• Create unlimited FAQ sections with categories and tags\u003Cbr \u002F>\n• Display FAQs in beautiful accordion layouts\u003Cbr \u002F>\n• Add schema markup automatically for better SEO\u003Cbr \u002F>\n• Enable search functionality for quick answers\u003Cbr \u002F>\n• Track FAQ engagement with built-in analytics\u003Cbr \u002F>\n• Customize styles to match your website design\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Perfect for:\u003C\u002Fstrong>\u003Cbr \u002F>\n• Business websites needing product\u002Fservice FAQs\u003Cbr \u002F>\n• Knowledge bases and help centers\u003Cbr \u002F>\n• Support documentation\u003Cbr \u002F>\n• Course and membership sites\u003Cbr \u002F>\n• Any website looking to reduce support tickets\u003C\u002Fp>\n\u003Cp>FAQly is lightweight, user-friendly, and integrates seamlessly with popular page builders and WordPress themes. Whether you’re a beginner or advanced user, you’ll find FAQly incredibly easy to set up and use.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Why Choose FAQly?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>✔️ Simple & Easy to Use – Create and manage FAQs effortlessly.\u003Cbr \u002F>\n✔️ Flexible Display Options – Use Gutenberg blocks, patterns, or shortcodes.\u003Cbr \u002F>\n✔️ Works with Popular Builders – Fully compatible with Elementor, WPBakery, and more.\u003Cbr \u002F>\n✔️ Mobile-Friendly & Responsive – Adapts seamlessly to any screen size.\u003C\u002Fp>\n\u003Cp>🚀 \u003Cstrong>Key Features\u003C\u002Fstrong>\u003Cbr \u002F>\n✅ Unlimited FAQs – Create and organize an unlimited number of FAQs.\u003Cbr \u002F>\n✅ Accordion Layout – Neat, collapsible design for easy readability.\u003Cbr \u002F>\n✅ Advanced Sorting & Ordering – Organize FAQs by categories, tags, or custom order.\u003Cbr \u002F>\n✅ Built-in FAQ Schema – Helps search engines recognize and display your FAQs.\u003Cbr \u002F>\n✅ Customization Options – Adjust FAQ elements like titles, categories, and styles.\u003Cbr \u002F>\n✅ FAQ Statistics – Track views to identify the most popular FAQs.\u003C\u002Fp>\n\u003Cp>🔍 \u003Cstrong>Advanced FAQ Search\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Improve navigation with a powerful search feature that helps visitors find answers quickly.\u003Cbr \u002F>\n🔹 Add a search bar anywhere using shortcodes.\u003Cbr \u002F>\n🔹 Live search results appear instantly as users type.\u003C\u002Fp>\n\u003Cp>🚀 \u003Cstrong>Premium Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>3 Layout Options – Horizontal, Vertical, & Multi-Column\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>17+ Pre-Designed Beautiful Themes\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Advanced Typography & Styling Controls\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Compatible with Almost Any Type of Content\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Flexible Activator Events & Display Modes\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>One-Click Expand\u002FCollapse All Button\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>14+ Stylish Expand & Collapse Icon Sets\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>AJAX-Powered FAQ Search\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Import & Export FAQs Easily\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>WooCommerce Product FAQ Integration\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Accordion Support for Taxonomies & Custom Post Types\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Built-In FAQ Schema for SEO\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>WP Classic Editor (WYSIWYG) Support for Accordion Content\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Option to Open Multiple Accordions Simultaneously\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Multi-Level \u002F Nested Accordion Support\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>25+ Smooth Animations & Transition Effects\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>AJAX Pagination for FAQs\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Interactive Hover Effects for Engaging UI\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Custom Icons option\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>➡️ \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.seothemesexpert.com\u002Fproducts\u002Fthe-ultimate-faq-wordpress-plugin\" rel=\"nofollow ugc\">Upgrade to Pro!\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>FAQly works out of the box with popular translation plugins like WPML, Loco Translate, and Polylang, making it easy to create multilingual FAQs.\u003C\u002Fp>\n\u003Cp>🎨 Get Our Compatible WordPress Theme Bundle\u003C\u002Fp>\n\u003Cp>Looking for a perfect theme to complement FAQly? Check out our professionally designed WordPress themes that are fully compatible with FAQly – Ultimate FAQ Plugin.\u003C\u002Fp>\n\u003Cp>➡️ \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.seothemesexpert.com\u002Fproducts\u002Fwordpress-theme-bundle\" rel=\"nofollow ugc\">Get Theme Bundle\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>Libraries Used\u003C\u002Fh3>\n\u003Cp>This plugin utilizes the following third-party libraries:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Bootstrap v5.2.3\u003C\u002Fstrong> – A popular front-end framework used for responsive layout and UI components. Bootstrap is used in this plugin to style the admin and frontend elements, such as accordions and grids.\n\u003Cul>\n\u003Cli>\u003Cstrong>Source:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fgetbootstrap.com\" rel=\"nofollow ugc\">Bootstrap by The Bootstrap Team\u003C\u002Fa>  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>License:\u003C\u002Fstrong> MIT License (\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ftwbs\u002Fbootstrap\u002Fblob\u002Fmain\u002FLICENSE\" rel=\"nofollow ugc\">View License\u003C\u002Fa>)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Installation Guide for FAQly – Ultimate FAQ Plugin\u003C\u002Fh3>\n\u003Cp>Follow these simple steps to install the FAQly – Ultimate FAQ Plugin:\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>Method 1: Install via WordPress Plugin Directory\u003Cbr \u002F>\no Go to your WordPress Dashboard.\u003Cbr \u002F>\no Navigate to Plugins > Add New\u003Cbr \u002F>\no In the search bar, type “FAQly – Ultimate FAQ Plugin” and press Enter\u003Cbr \u002F>\no Click Install Now on the FAQly – Ultimate FAQ Plugin.\u003Cbr \u002F>\no After installation, click Activate to enable the plugin.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Method 2: Manual Installation via ZIP File\u003Cbr \u002F>\no Download the FAQly – Ultimate FAQ Plugin ZIP file from the WordPress Plugin Repository\u003Cbr \u002F>\no Go to your WordPress Dashboard > Plugins > Add New.\u003Cbr \u002F>\no Click Upload Plugin, then select the downloaded ZIP file.\u003Cbr \u002F>\no Click Install Now, then Activate the plugin.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>If you need any further assistance, feel free to check our documentation or reach out for support.\u003C\u002Fp>\n","FAQly – Ultimate FAQ Plugin: A plugin to manage FAQs and display them as an accordion using a shortcode.",1000,18903,76,5,"2026-04-04T12:37:00.000Z","5.2",[19,84,21,127,22],"faq-shortcode","https:\u002F\u002Fwww.seothemesexpert.com\u002Fproducts\u002Fbest-wordpress-faq-plugin-free","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffaqly-ultimate-faq.1.1.8.zip",{"slug":131,"name":132,"version":133,"author":134,"author_profile":135,"description":136,"short_description":137,"active_installs":13,"downloaded":138,"rating":13,"num_ratings":13,"last_updated":139,"tested_up_to":140,"requires_at_least":16,"requires_php":17,"tags":141,"homepage":108,"download_link":144,"security_score":145,"vuln_count":13,"unpatched_count":13,"last_vuln_date":37,"fetched_at":146},"advance-faq-block","Advance Faq Block","1.0.2","Sydur Rahman","https:\u002F\u002Fprofiles.wordpress.org\u002Fmdrejon\u002F","\u003Cp>The Advance FAQ Block is a WordPress plugin that allows you to easily create and manage Frequently Asked Questions (FAQs) on your website using the Gutenberg block editor. With this plugin, you can add a customizable FAQ section to any page or post on your site.\u003C\u002Fp>\n\u003Cp>The plugin provides a Gutenberg block for the FAQ section, which you can drag and drop onto any page or post. Once added, you can easily add, edit, and delete FAQ items using a simple interface within the block.\u003C\u002Fp>\n\u003Cp>Overall, the Advance FAQ Block plugin is a great tool for anyone looking to add an FAQ section to their WordPress site. It’s easy to use, customizable, and provides a professional look and feel that can help to build trust with your visitors.\u003C\u002Fp>\n\u003Ch3>Privacy Policy\u003C\u002Fh3>\n\u003Cp>Advance Faq Block uses \u003Ca href=\"https:\u002F\u002Fappsero.com\" rel=\"nofollow ugc\">Appsero\u003C\u002Fa> SDK to collect some telemetry data upon user’s confirmation. This helps us to troubleshoot problems faster & make product improvements.\u003C\u002Fp>\n\u003Cp>Appsero SDK \u003Cstrong>does not gather any data by default.\u003C\u002Fstrong> The SDK only starts gathering basic telemetry data \u003Cstrong>when a user allows it via the admin notice\u003C\u002Fstrong>. We collect the data to ensure a great user experience for all our users.\u003C\u002Fp>\n\u003Cp>Integrating Appsero SDK \u003Cstrong>DOES NOT IMMEDIATELY\u003C\u002Fstrong> start gathering data, \u003Cstrong>without confirmation from users in any case.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Learn more about how \u003Ca href=\"https:\u002F\u002Fappsero.com\u002Fprivacy-policy\u002F\" rel=\"nofollow ugc\">Appsero collects and uses this data\u003C\u002Fa>.\u003C\u002Fp>\n","The Advance FAQ Block is a WordPress plugin that allows you to easily create and manage Frequently Asked Questions (FAQs) on your website using the Gu &hellip;",951,"2023-04-14T09:16:00.000Z","6.2.9",[21,22,142,107,143],"frequently-asked-questions","gutenberg-faq-block","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadvance-faq-block.zip",85,"2026-04-06T09:54:40.288Z",{"slug":148,"name":149,"version":150,"author":151,"author_profile":152,"description":153,"short_description":154,"active_installs":155,"downloaded":156,"rating":77,"num_ratings":157,"last_updated":158,"tested_up_to":15,"requires_at_least":80,"requires_php":104,"tags":159,"homepage":161,"download_link":162,"security_score":163,"vuln_count":60,"unpatched_count":13,"last_vuln_date":164,"fetched_at":29},"ultimate-faqs","Ultimate FAQ Accordion Plugin","2.4.9","Rustaurius","https:\u002F\u002Fprofiles.wordpress.org\u002Frustaurius\u002F","\u003Cp>Having an FAQ section or knowledge base on your site is essential to make sure you are not losing customers and to reduce your support load.\u003C\u002Fp>\n\u003Cp>With the Ultimate FAQ plugin and its simple UI, you can quickly create FAQs and add them to your site using the included blocks, patterns or shortcodes. It works with WordPress’s built-in editor as well as third-party editors like \u003Cstrong>Elementor\u003C\u002Fstrong> and is translation-ready, with many already available \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fultimate-faqs\u002F\" rel=\"nofollow ugc\">here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>All this in an accordion layout that is automatically responsive and adapts your FAQs to any site!\u003C\u002Fp>\n\u003Cp>👩‍💻 \u003Ca href=\"https:\u002F\u002Fwww.etoilewebdesign.com\u002Fultimate-faq-demo\u002F\" rel=\"nofollow ugc\">Demo\u003C\u002Fa> | 🌟 \u003Ca href=\"https:\u002F\u002Fwww.etoilewebdesign.com\u002Fplugins\u002Fultimate-faq\u002F\" rel=\"nofollow ugc\">Premium\u003C\u002Fa> | ℹ️ \u003Ca href=\"https:\u002F\u002Fwww.etoilewebdesign.com\u002F\u002Fsupport-center\u002F\" rel=\"nofollow ugc\">Support\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Add an unlimited number of FAQ entries, categories, tags and pages.\u003C\u002Fli>\n\u003Cli>Display your FAQs anywhere with the included Gutenberg blocks and shortcodes.\u003C\u002Fli>\n\u003Cli>FAQ accordion layout that automatically adapts to fit in any site and on any device.\u003C\u002Fli>\n\u003Cli>Works with third-party editors like Elementor.\u003C\u002Fli>\n\u003Cli>Easily translate FAQ entries using WPML, Loco Translate, Polylang, etc. With many translations already available \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fultimate-faqs\u002F\" rel=\"nofollow ugc\">here\u003C\u002Fa>!\u003C\u002Fli>\n\u003Cli>Automatically adds FAQ and FAQPage structured data.\u003C\u002Fli>\n\u003Cli>Advanced FAQ and category sorting and ordering options.\u003C\u002Fli>\n\u003Cli>Zero coding!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FULAq7e-JyL8?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch3>Get Set Up in No Time!\u003C\u002Fh3>\n\u003Cp>When you first activate the Ultimate FAQ plugin, it will automatically run a walk-through, which will help you create your FAQs and add them to a page.\u003C\u002Fp>\n\u003Ch3>Google Optimized\u003C\u002Fh3>\n\u003Cp>The plugin includes full FAQPage and FAQ schema structured data markup, in LD+JSON format. So, when your page is indexed, Google will know it’s an FAQ page and can list it accordingly in search results.\u003C\u002Fp>\n\u003Ch3>Multiple Languages? We’ve got you covered!\u003C\u002Fh3>\n\u003Cp>Your FAQs are created using a post type. This means it works out of the box with language plugins like WPML, Loco Translate and Polylang. There are also many community translations already available \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fultimate-faqs\u002F\" rel=\"nofollow ugc\">here\u003C\u002Fa>. And, of course, we include an up-to-date .pot for good measure, in case you like to create your own custom translations for your FAQs.\u003C\u002Fp>\n\u003Ch3>FAQ Customization Options\u003C\u002Fh3>\n\u003Cp>We’ve included (in the free version!) advanced customization features that let you choose what elements show for each FAQ (e.g. categories, tags, author, date, etc.), set the order of your FAQs and categories, fine tune accordion behavior, add your own custom CSS and more!\u003C\u002Fp>\n\u003Ch3>FAQ Statistics\u003C\u002Fh3>\n\u003Cp>Statistics and view counts are automatically enabled, so you can easily keep track of which FAQs are the most popular.\u003C\u002Fp>\n\u003Ch3>FAQ Comments\u003C\u002Fh3>\n\u003Cp>We’ve included the ability for you to enable comments on FAQs, giving you a platform to communicate with your users\u002Fcustomers and help improve not only your knowledge base, but your overall product or service. The FAQ comments make use of WordPress’s built-in comment engine, which means seamless integration and you can use WordPress’s comment and moderation settings to fine tune the experience.\u003C\u002Fp>\n\u003Ch3>Use AI to Generate FAQs\u003C\u002Fh3>\n\u003Cp>You no longer need to manually create all your FAQs. Let the plugin do the heavy lifting for you! We now offer Open AI integration, via which the plugin will automatically generate new FAQs for you. You just need to specify which page or post should be used and the plugin will automatically create the FAQ based on the content of it. You can also choose to automatically assign an FAQ to a category. You then get a chance to review the generated content before publishing it to your site.\u003C\u002Fp>\n\u003Ch4>Premium AI-generated FAQs\u003C\u002Fh4>\n\u003Cp>In the premium version you will get access to create up to 20 AI-generated FAQs at a time as well as to specify multiple pages and\u002For posts from which the content should be pulled to generate the FAQs.\u003C\u002Fp>\n\u003Cp>\u003Cem>Privacy note: The plugin sends post or page content to our server, which is forwarded to Open AI when using the AI FAQ generation feature. No other data is sent to external sources.\u003C\u002Fem>\u003C\u002Fp>\n\u003Ch3>Powerful FAQ Search (Requires Premium)\u003C\u002Fh3>\n\u003Cp>Have a lot of FAQs? Our powerful search engine eliminates the need for your customers to scroll through endless FAQ entries to find the info they need.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Add the FAQ search form anywhere on your site via block, pattern or shortcode.\u003C\u002Fli>\n\u003Cli>It uses asynchronous requests to search your whole database of FAQs in real time, without having to reload the page. \u003C\u002Fli>\n\u003Cli>It comes with an option to display your FAQs on page load, so you can use one block for everything. No duplicates. No mess. Super easy for your users!\u003C\u002Fli>\n\u003Cli>Enable the \u003Cstrong>highlighting\u003C\u002Fstrong> and \u003Cstrong>auto-complete\u003C\u002Fstrong> options for an even better FAQ search experience. \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>WooCommerce FAQ Support (Requires Premium)\u003C\u002Fh3>\n\u003Cp>With our built-in WooCommerce integration, you can easily add FAQs to your product pages.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Adds an FAQs tab to product pages.\u003C\u002Fli>\n\u003Cli>Uses the same adaptive FAQ layout for seamless integration with any theme.\u003C\u002Fli>\n\u003Cli>Options to automatically or manually add FAQs to a product.\n\u003Cul>\n\u003Cli>Automatically: Just create an FAQ category that matches the name of a category or product from your WooCommerce.\u003C\u002Fli>\n\u003Cli>Manually: Go to the WooCommerce product edit screen and add the FAQs you want.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Let People Submit Their Own FAQ Ideas (Requires Premium)\u003C\u002Fh3>\n\u003Cp>Want to give your customers the power to make your knowledge base better? Add an FAQ submission form anywhere on your site using the included block or shortcode, so people can give new FAQ ideas and even optionally include a suggested answer.\u003C\u002Fp>\n\u003Ch3>Need More? We’ve Got You Covered with the Ultimate FAQ Premium Version!\u003C\u002Fh3>\n\u003Cp>Enhance your user experience by customizing the Ultimate FAQ plugin to your exact needs with the following premium features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Additional FAQ layouts\u003C\u002Fli>\n\u003Cli>15 icon sets for the FAQ toggle symbol\u003C\u002Fli>\n\u003Cli>WP Forms Integration that automatically loads matching FAQs as people type in the form.\u003C\u002Fli>\n\u003Cli>Drag and drop FAQ ordering\u003C\u002Fli>\n\u003Cli>Social media sharing for your FAQs\u003C\u002Fli>\n\u003Cli>FAQ animation options\u003C\u002Fli>\n\u003Cli>Add custom fields to your FAQs (e.g. links, text areas, dates, files, etc.)\u003C\u002Fli>\n\u003Cli>SEO-Friendly FAQ pretty permalinks\u003C\u002Fli>\n\u003Cli>FAQ export and import via spreadsheet\u003C\u002Fli>\n\u003Cli>Export all FAQs to a PDF (e.g. to create a user manual)\u003C\u002Fli>\n\u003Cli>Advanced FAQ styling options\u003C\u002Fli>\n\u003Cli>FAQ labelling options\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FfLory4igOWs?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>For further information and purchasing options, please visit our \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.etoilewebdesign.com\u002Fplugins\u002Fultimate-faq\u002F\" rel=\"nofollow ugc\">WordPress FAQ plugin\u003C\u002Fa>\u003C\u002Fstrong> homepage.\u003C\u002Fp>\n\u003Ch3>Want to Try Out the Ultimate FAQ Premium Version for Free?\u003C\u002Fh3>\n\u003Cp>We’re happy to offer a free 7-day trial of the premium version of the Ultimate FAQ plugin, which you can use to test out features like the FAQ search form, custom fields and styling options!**\u003C\u002Fp>\n\u003Ch3>Customize Your FAQs with the Included Template System\u003C\u002Fh3>\n\u003Cp>The Ultimate FAQ plugin front end is built on a series of templates that can be customized by creating your own version of the template files (to modify and\u002For overwrite the existing ones). This gives you a powerful and non-destructive way to customize the look and functionality to your exact needs. More info about this can be found \u003Ca href=\"https:\u002F\u002Fdoc.etoilewebdesign.com\u002Fplugins\u002Fultimate-faq\u002Fdeveloper\u002F\" rel=\"nofollow ugc\">in our documentation\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>For FAQ help and support\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdoc.etoilewebdesign.com\u002Fplugins\u002Fultimate-faq\u002Fuser\u002F\" rel=\"nofollow ugc\">Ultimate FAQ documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Our FAQ pages \u003Ca href=\"https:\u002F\u002Fdoc.etoilewebdesign.com\u002Fplugins\u002Fultimate-faq\u002Fuser\u002Ffaq\" rel=\"nofollow ugc\">here\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fultimate-faqs\u002Ffaq\u002F\" rel=\"ugc\">here\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdoc.etoilewebdesign.com\u002Fplugins\u002Fultimate-faq\u002Fuser\u002Fgetting-started\u002Finstall\" rel=\"nofollow ugc\">Ultimate FAQ installation guide and information about the walk-through\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fplaylist?list=PLEndQUuhlvSrNdfu5FKa1uGHsaKZxgdWt\" rel=\"nofollow ugc\">Ultimate FAQ tutorial videos\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fultimate-faqs\u002F\" rel=\"ugc\">The Ultimate FAQ support forum\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.etoilewebdesign.com\u002Fsupport-center\u002F\" rel=\"nofollow ugc\">Our Support Center\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Full-featured FAQ and accordion plugin with advanced search, simple UI and easy-to-use FAQ blocks and shortcodes.",30000,2244113,433,"2026-04-15T19:17:00.000Z",[84,21,127,22,160],"woocommerce-faq","https:\u002F\u002Fwww.etoilewebdesign.com\u002Fplugins\u002Fultimate-faq\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fultimate-faqs.2.4.9.zip",89,"2026-04-08 14:25:15",{"attackSurface":166,"codeSignals":200,"taintFlows":208,"riskAssessment":228,"analyzedAt":238},{"hooks":167,"ajaxHandlers":193,"restRoutes":194,"shortcodes":195,"cronEvents":199,"entryPointCount":27,"unprotectedCount":13},[168,174,177,181,185,190],{"type":169,"name":170,"callback":171,"file":172,"line":173},"action","admin_enqueue_scripts","wpfaqblock_load_custom_wp_admin_style","includes\u002Fclass-wpfaqblock-plugin-settings.php",40,{"type":169,"name":170,"callback":175,"file":172,"line":176},"wpfaqblock_selectively_enqueue_admin_script",41,{"type":169,"name":178,"callback":179,"file":172,"line":180},"wp_enqueue_scripts","wpfaqblock_frontend_script",42,{"type":169,"name":182,"callback":183,"file":172,"line":184},"init","wpfaqblock_register_post",43,{"type":169,"name":186,"callback":187,"file":188,"line":189},"enqueue_block_assets","wpfaqblock_stylesheet","wpfaqblock.php",52,{"type":169,"name":182,"callback":191,"file":188,"line":192},"wpfaqblock_wp_faq_block_block_init",70,[],[],[196],{"tag":4,"callback":197,"file":172,"line":198},"wpfaqblock_shortcode",44,[],{"dangerousFunctions":201,"sqlUsage":202,"outputEscaping":204,"fileOperations":27,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":207},[],{"prepared":13,"raw":13,"locations":203},[],{"escaped":205,"rawEcho":13,"locations":206},18,[],[],[209],{"entryPoint":210,"graph":211,"unsanitizedCount":13,"severity":227},"\u003Ctemplate-1> (includes\u002Ftemplates\u002Ftemplate-1.php:0)",{"nodes":212,"edges":224},[213,219],{"id":214,"type":215,"label":216,"file":217,"line":218},"n0","source","$_GET['wpfaqblocksearch']","includes\u002Ftemplates\u002Ftemplate-1.php",35,{"id":220,"type":221,"label":222,"file":217,"line":218,"wp_function":223},"n1","sink","echo() [XSS]","echo",[225],{"from":214,"to":220,"sanitized":226},true,"low",{"summary":229,"deductions":230},"The wpfaqblock plugin, version 1.2.0, exhibits a mixed security posture.  On the positive side, the static analysis reveals strong adherence to secure coding practices, with 100% of SQL queries using prepared statements and 100% of output properly escaped. The attack surface is also relatively small, with only one shortcode identified as an entry point, and importantly, no unprotected entry points were found in this scan.\n\nHowever, several significant concerns are raised by the provided data. The plugin has a history of vulnerabilities, with one currently unpatched medium severity Cross-Site Scripting (XSS) vulnerability. The fact that this vulnerability was discovered relatively recently (March 2026) and remains unpatched is a major red flag. Furthermore, the static analysis indicates a complete absence of nonce checks and capability checks. While the current scan didn't find any exploitable taint flows, the lack of these fundamental WordPress security mechanisms creates a significant risk that future vulnerabilities could be introduced or existing ones exploited more easily.\n\nIn conclusion, while wpfaqblock 1.2.0 demonstrates good practices in SQL handling and output escaping, the presence of an unpatched medium XSS vulnerability and the complete lack of nonce and capability checks significantly undermine its overall security. Users should exercise caution and prioritize patching or updating the plugin to address the known vulnerability. The absence of basic security checks suggests potential for future security weaknesses.",[231,234,236],{"reason":232,"points":233},"Unpatched medium severity CVE",15,{"reason":235,"points":123},"Missing nonce checks",{"reason":237,"points":123},"Missing capability checks","2026-04-16T12:41:50.549Z",{"wat":240,"direct":250},{"assetPaths":241,"generatorPatterns":244,"scriptPaths":245,"versionParams":247},[242,243],"\u002Fwp-content\u002Fplugins\u002Fwpfaqblock\u002Fassets\u002Fcss\u002Fall.css","\u002Fwp-content\u002Fplugins\u002Fwpfaqblock\u002Fassets\u002Fcss\u002Fwpfaqblock-stylesheet.css",[],[246],"\u002Fwp-content\u002Fplugins\u002Fwpfaqblock\u002Fassets\u002Fjs\u002Fwpfaqblock-script.js",[248,249],"wpfaqblock-style","wpfaqblock-script",{"cssClasses":251,"htmlComments":256,"htmlAttributes":257,"restEndpoints":265,"jsGlobals":266,"shortcodeOutput":267},[252,253,254,255],"wpfaqblock_wrap","wpfaqblock_accordian_wrap","wpfaqblock_heading","wpfaqblock_content",[],[258,259,260,261,262,263,264],"data-faqaccordion","data-faqdisplayall","data-faqorder","data-faqorderby","data-faqplaceholder","data-faqsearch","data-faqtitle",[],[4],[268],"[wpfaqblock]",{"error":226,"url":270,"statusCode":271,"statusMessage":272,"message":272},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fwpfaqblock\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":123,"versions":274},[275,281,289,297,305],{"version":6,"download_url":25,"svn_tag_url":276,"released_at":37,"has_diff":48,"diff_files_changed":277,"diff_lines":37,"trac_diff_url":278,"vulnerabilities":279,"is_current":226},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwpfaqblock\u002Ftags\u002F1.2.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwpfaqblock%2Ftags%2F1.1.1&new_path=%2Fwpfaqblock%2Ftags%2F1.2.0",[280],{"id":33,"url_slug":34,"title":35,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":37},{"version":282,"download_url":283,"svn_tag_url":284,"released_at":37,"has_diff":48,"diff_files_changed":285,"diff_lines":37,"trac_diff_url":286,"vulnerabilities":287,"is_current":48},"1.1.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpfaqblock.1.1.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwpfaqblock\u002Ftags\u002F1.1.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwpfaqblock%2Ftags%2F1.1&new_path=%2Fwpfaqblock%2Ftags%2F1.1.1",[288],{"id":33,"url_slug":34,"title":35,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":37},{"version":290,"download_url":291,"svn_tag_url":292,"released_at":37,"has_diff":48,"diff_files_changed":293,"diff_lines":37,"trac_diff_url":294,"vulnerabilities":295,"is_current":48},"1.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpfaqblock.1.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwpfaqblock\u002Ftags\u002F1.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwpfaqblock%2Ftags%2F1.0.1&new_path=%2Fwpfaqblock%2Ftags%2F1.1",[296],{"id":33,"url_slug":34,"title":35,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":37},{"version":298,"download_url":299,"svn_tag_url":300,"released_at":37,"has_diff":48,"diff_files_changed":301,"diff_lines":37,"trac_diff_url":302,"vulnerabilities":303,"is_current":48},"1.0.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpfaqblock.1.0.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwpfaqblock\u002Ftags\u002F1.0.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fwpfaqblock%2Ftags%2F1.0.0&new_path=%2Fwpfaqblock%2Ftags%2F1.0.1",[304],{"id":33,"url_slug":34,"title":35,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":37},{"version":306,"download_url":307,"svn_tag_url":308,"released_at":37,"has_diff":48,"diff_files_changed":309,"diff_lines":37,"trac_diff_url":37,"vulnerabilities":310,"is_current":48},"1.0.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpfaqblock.1.0.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwpfaqblock\u002Ftags\u002F1.0.0\u002F",[],[311],{"id":33,"url_slug":34,"title":35,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":37}]