[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f-TkicZVzxY1T1HdH6sIEol2PKU0_EuKGzwM50xPs118":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":88,"crawl_stats":38,"alternatives":95,"analysis":190,"fingerprints":653},"wpfront-notification-bar","WPFront Notification Bar","3.5.1","Syam Mohan","https:\u002F\u002Fprofiles.wordpress.org\u002Fsyammohanm\u002F","\u003Cp>Want to display a notification about a promotion or a news? WPFront Notification Bar plugin lets you do that easily.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fwpfront.com\u002Fnotification-bar-pro\u002F\" rel=\"nofollow ugc\">Upgrade to PRO\u003C\u002Fa> to create multiple bars and to use advanced editor.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Display a \u003Cstrong>message\u003C\u002Fstrong> with a \u003Cstrong>button\u003C\u002Fstrong> (optional).\u003C\u002Fli>\n\u003Cli>Processes \u003Cstrong>shortcodes\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>Button will \u003Cstrong>open a URL\u003C\u002Fstrong> or \u003Cstrong>execute JavaScript\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Position\u003C\u002Fstrong> the bar on \u003Cstrong>top\u003C\u002Fstrong> or \u003Cstrong>bottom\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>Can be \u003Cstrong>fixed at position\u003C\u002Fstrong> (Sticky Bar).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Display on Scroll\u003C\u002Fstrong> option.\u003C\u002Fli>\n\u003Cli>Set \u003Cstrong>any height\u003C\u002Fstrong> you want.\u003C\u002Fli>\n\u003Cli>Set the number of \u003Cstrong>seconds before\u003C\u002Fstrong> the \u003Cstrong>bar appears\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>Display a \u003Cstrong>close button\u003C\u002Fstrong> for the visitor.\u003C\u002Fli>\n\u003Cli>Set the number of \u003Cstrong>seconds before auto close\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Colors\u003C\u002Fstrong> are fully \u003Cstrong>customizable\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>Display a \u003Cstrong>Reopen Button\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Select the pages\u002Fposts\u003C\u002Fstrong> you want to display the notification.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Select the user roles\u003C\u002Fstrong> you want to display the notification.\u003C\u002Fli>\n\u003Cli>Set \u003Cstrong>Start\u003C\u002Fstrong> and \u003Cstrong>End dates\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>Hide in \u003Cstrong>Small Devices\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Visit \u003Ca href=\"https:\u002F\u002Fwpfront.com\u002Fwordpress-plugins\u002Fnotification-bar-plugin\u002Fwpfront-notification-bar-troubleshooting\u002F\" rel=\"nofollow ugc\">WPFront Notification Bar Troubleshooting\u003C\u002Fa> page for troubleshooting steps.\u003C\u002Fp>\n\u003Cp>Visit \u003Ca href=\"http:\u002F\u002Fwpfront.com\u002Fnotification-bar-plugin-settings\u002F\" rel=\"nofollow ugc\">WPFront Notification Bar Settings\u003C\u002Fa> page for detailed option descriptions.\u003C\u002Fp>\n","Easily lets you create a bar on top or bottom to display a notification.",50000,1044538,90,131,"2025-12-02T16:51:00.000Z","6.9.4","5.0","7.0",[20,21,22,23,24],"bottom-bar","notification","notification-bar","top-bar","wordpress-notification-bar","http:\u002F\u002Fwpfront.com\u002Fnotification-bar-pro\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpfront-notification-bar.3.5.1.zip",99,4,0,"2024-03-25 00:00:00","2026-03-15T15:16:48.613Z",[33,49,61,75],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"CVE-2024-29819","wpfront-notification-bar-authenticated-editor-stored-cross-site-scripting","WPFront Notification Bar \u003C= 3.3.2 - Authenticated (Editor+) Stored Cross-Site Scripting","The WPFront Notification Bar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via settings in all versions up to, and including, 3.3.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with editor-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.",null,"\u003C=3.3.2","3.4","medium",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-04-01 16:37:53",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F16b37992-a87e-42bb-ab0f-cb32506874e9?source=api-prod",8,{"id":50,"url_slug":51,"title":52,"description":53,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":54,"cvss_vector":55,"vuln_type":44,"published_date":56,"updated_date":57,"references":58,"days_to_patch":60},"CVE-2024-0625","wpfront-notification-bar-authenticated-admin-stored-cross-site-scripting-via-wpfront-notification-bar-optionscustomclass","WPFront Notification Bar \u003C= 3.3.2 - Authenticated (Admin+) Stored Cross-Site Scripting via wpfront-notification-bar-options[custom_class]","The WPFront Notification Bar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘wpfront-notification-bar-options[custom_class]’ parameter in all versions up to, and including, 3.3.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.",4.4,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","2024-01-24 00:00:00","2024-07-29 21:35:56",[59],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F19a5a9f3-637c-42af-9775-5651a14cf516?source=api-prod",188,{"id":62,"url_slug":63,"title":64,"description":65,"plugin_slug":4,"theme_slug":38,"affected_versions":66,"patched_in_version":67,"severity":41,"cvss_score":68,"cvss_vector":69,"vuln_type":44,"published_date":70,"updated_date":71,"references":72,"days_to_patch":74},"CVE-2021-24601","wpfront-notification-bar-authenticated-stored-cross-site-scripting-2","WPFront Notification Bar \u003C= 2.0.0 - Authenticated Stored Cross-Site Scripting","The WPFront Notification Bar WordPress plugin before 2.1.0.08087 does not properly sanitise and escape its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.","\u003C=2.0.0","2.1.0",5.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","2021-08-09 00:00:00","2024-01-22 19:56:02",[73],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F97396207-4892-4d1a-8740-3000484f1317?source=api-prod",897,{"id":76,"url_slug":77,"title":78,"description":79,"plugin_slug":4,"theme_slug":38,"affected_versions":80,"patched_in_version":81,"severity":41,"cvss_score":82,"cvss_vector":83,"vuln_type":44,"published_date":84,"updated_date":71,"references":85,"days_to_patch":87},"CVE-2021-24518","wpfront-notification-bar-authenticated-stored-cross-site-scripting","WPFront Notification Bar \u003C= 1.9.2 - Authenticated Stored Cross-Site Scripting","The WPFront Notification Bar WordPress plugin before 2.0.0 does not sanitise or escape its Custom CSS setting, allowing high privilege users such as admin to set XSS payload in it even when the unfiltered_html capability is disallowed, leading to an authenticated Stored Cross-Site Scripting issue","\u003C=1.9.2","2.0.0",4.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:H\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","2021-07-11 00:00:00",[86],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F58bdd837-adae-4fa9-9ca3-00633a6a1ede?source=api-prod",926,{"slug":89,"display_name":7,"profile_url":8,"plugin_count":28,"total_installs":90,"avg_security_score":91,"avg_patch_time_days":92,"trust_score":93,"computed_at":94},"syammohanm",280030,98,458,78,"2026-04-03T18:05:16.587Z",[96,117,137,153,172],{"slug":97,"name":98,"version":99,"author":100,"author_profile":101,"description":102,"short_description":103,"active_installs":104,"downloaded":105,"rating":29,"num_ratings":29,"last_updated":106,"tested_up_to":107,"requires_at_least":108,"requires_php":109,"tags":110,"homepage":112,"download_link":113,"security_score":114,"vuln_count":115,"unpatched_count":115,"last_vuln_date":116,"fetched_at":31},"dima-take-action","Dima Take Action","1.0.5","PixelDima","https:\u002F\u002Fprofiles.wordpress.org\u002Fpixeldima\u002F","\u003Cp>Adds a beautiful, customizable take action banner containe a promotion or a news to the top or the bottom of your WordPress site.\u003Cbr \u002F>\nBanner that is dismissable and dismiss is saved by cookie.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Display a \u003Cstrong>message\u003C\u002Fstrong> with a \u003Cstrong>button\u003C\u002Fstrong> (optional).\u003C\u002Fli>\n\u003Cli>Background Image, Gradient color, RGBa Color.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Colors\u003C\u002Fstrong> are fully \u003Cstrong>customizable\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Position\u003C\u002Fstrong> the bar on \u003Cstrong>top\u003C\u002Fstrong> or \u003Cstrong>bottom\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>Set \u003Cstrong>any height\u003C\u002Fstrong> you want.\u003C\u002Fli>\n\u003Cli>Display a \u003Cstrong>close button\u003C\u002Fstrong> for the visitor.\u003C\u002Fli>\n\u003Cli>Cookie Bar.\u003C\u002Fli>\n\u003Cli>Floating Button.\u003C\u002Fli>\n\u003Cli>Responsive.\u003C\u002Fli>\n\u003C\u002Ful>\n","Easily lets you add a Top\u002FButtom Banner to display a notification and promotion.",300,13978,"2018-08-06T22:36:00.000Z","4.9.29","4.0","",[111,20,97,23,24],"banner","http:\u002F\u002Fpixeldima.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdima-take-action.zip",64,1,"2025-04-01 00:00:00",{"slug":118,"name":119,"version":120,"author":121,"author_profile":122,"description":123,"short_description":124,"active_installs":125,"downloaded":126,"rating":127,"num_ratings":115,"last_updated":109,"tested_up_to":128,"requires_at_least":129,"requires_php":130,"tags":131,"homepage":109,"download_link":133,"security_score":134,"vuln_count":115,"unpatched_count":115,"last_vuln_date":135,"fetched_at":136},"gp-notification-bar","Notification Bar, Sticky Notification Bar, Sticky Welcome Bar for any theme","1.1","gingerplugins","https:\u002F\u002Fprofiles.wordpress.org\u002Fgingerplugins\u002F","\u003Cp>\u003Cstrong>Want to display a notification about a promotion or a news? GP Notification Bar plugin lets you do that easily.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Display a \u003Cstrong>message\u003C\u002Fstrong> with or without \u003Cstrong>button\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>Button will \u003Cstrong>open a URL\u003C\u002Fstrong> in \u003Cstrong>same tab\u003C\u002Fstrong> or in \u003Cstrong>new window\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Position\u003C\u002Fstrong> the bar on \u003Cstrong>top\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>Can be \u003Cstrong>fixed at position\u003C\u002Fstrong> (Sticky Bar).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Display on Scroll\u003C\u002Fstrong> option.\u003C\u002Fli>\n\u003Cli>Display a \u003Cstrong>close button\u003C\u002Fstrong> for the visitor.\u003C\u002Fli>\n\u003Cli>Set the number of \u003Cstrong>seconds before auto close\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Colors\u003C\u002Fstrong> are fully \u003Cstrong>customizable\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>Set \u003Cstrong>End date\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003C\u002Ful>\n","Easily it allows you to create a bar on top or bottom to display a notification or promotion",40,3938,100,"6.6.5","3.1","5.4",[132,20,21,22,23],"bar","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgp-notification-bar.1.1.zip",79,"2025-03-31 00:00:00","2026-03-15T10:48:56.248Z",{"slug":138,"name":139,"version":140,"author":141,"author_profile":142,"description":143,"short_description":144,"active_installs":29,"downloaded":145,"rating":29,"num_ratings":29,"last_updated":146,"tested_up_to":16,"requires_at_least":147,"requires_php":148,"tags":149,"homepage":109,"download_link":152,"security_score":127,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"convboost-sticky-notification-bar","ConvBoost Sticky Notification Bar","0.0.9","numeriweb","https:\u002F\u002Fprofiles.wordpress.org\u002Fnumeriweb\u002F","\u003Cp>ConvBoost Sticky Notification Bar helps you add a clean \u003Cstrong>sticky bar\u003C\u002Fstrong> to your website (top or bottom of the screen) to highlight promotions, announcements, shipping updates, or any important message.\u003C\u002Fp>\n\u003Cp>It’s built to stay \u003Cstrong>simple\u003C\u002Fstrong>, \u003Cstrong>clear\u003C\u002Fstrong>, and \u003Cstrong>lightweight\u003C\u002Fstrong>: configure your bar in minutes, keep the output minimal, and avoid over-complicated builders. When you do want to fine-tune design, the \u003Cstrong>live admin preview\u003C\u002Fstrong> helps you iterate faster.\u003C\u002Fp>\n\u003Ch3>Why users choose ConvBoost\u003C\u002Fh3>\n\u003Cp>Most sticky bar plugins force a slow loop: edit \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> save \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> open your site \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> refresh \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> repeat.\u003Cbr \u002F>\nConvBoost focuses on a faster, simpler workflow:\u003Cbr \u002F>\n* Clear, beginner-friendly settings\u003Cbr \u002F>\n* Lightweight output and minimal overhead\u003Cbr \u002F>\n* Live preview to speed up styling (without guesswork)\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Lightweight and quick to configure\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Live preview in the admin\u003C\u002Fstrong> (see changes instantly while you edit)\u003C\u002Fli>\n\u003Cli>Show the bar on \u003Cstrong>desktop\u003C\u002Fstrong>, \u003Cstrong>mobile\u003C\u002Fstrong>, or both\u003C\u002Fli>\n\u003Cli>Place the bar at the \u003Cstrong>top or bottom\u003C\u002Fstrong> of your pages\u003C\u002Fli>\n\u003Cli>Optional: \u003Cstrong>push the page down\u003C\u002Fstrong> when using a top bar (so it doesn’t cover your header)\u003C\u002Fli>\n\u003Cli>Choose the inner width: \u003Cstrong>full width\u003C\u002Fstrong> or \u003Cstrong>boxed\u003C\u002Fstrong> (set a custom width like 600px)\u003C\u002Fli>\n\u003Cli>Optional \u003Cstrong>two-line layout on mobile\u003C\u002Fstrong> (message + button can wrap neatly)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Scheduling\u003C\u002Fstrong> (start\u002Fend date & time, minute precision)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Content exclusions\u003C\u002Fstrong> (hide on areas like homepage, archives, search, and 404s)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Message\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Add your message easily\u003C\u002Fli>\n\u003Cli>Standard \u003Cstrong>Links are allowed\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>No custom HTML (keeps it simple and safer)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Design (no coding or CSS needed)\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Choose background and text colors\u003C\u002Fli>\n\u003Cli>Set link color\u003C\u002Fli>\n\u003Cli>Adjust font size\u003C\u002Fli>\n\u003Cli>Optional shadow and border\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Call-to-action button (optional)\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Add a button (example: “Shop now”, “Get the offer”, “Contact us”)\u003C\u002Fli>\n\u003Cli>Set the button link\u003C\u002Fli>\n\u003Cli>Option to open in a new tab\u003C\u002Fli>\n\u003Cli>Choose a button shape (Square \u002F Pill \u002F Rounded \u002F Boxed)\u003C\u002Fli>\n\u003Cli>Adjust button spacing and colors\u003C\u002Fli>\n\u003Cli>Optional button shadow\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Close button (optional)\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Let visitors dismiss the bar\u003C\u002Fli>\n\u003Cli>Dismiss for the \u003Cstrong>current visit\u003C\u002Fstrong> (session) or for \u003Cstrong>X days\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Choose close icon position (left or right)\u003C\u002Fli>\n\u003Cli>Adjust close icon size and color\u003C\u002Fli>\n\u003C\u002Ful>\n","Lightweight sticky top\u002Fbottom bar for promos & announcements. CTA, scheduling, exclusions, and live admin preview.",118,"2026-02-10T12:08:00.000Z","6.0","7.4",[150,20,22,151,23],"announcement-bar","sticky-bar","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fconvboost-sticky-notification-bar.0.0.9.zip",{"slug":23,"name":154,"version":155,"author":156,"author_profile":157,"description":158,"short_description":159,"active_installs":160,"downloaded":161,"rating":162,"num_ratings":163,"last_updated":164,"tested_up_to":16,"requires_at_least":165,"requires_php":109,"tags":166,"homepage":168,"download_link":169,"security_score":91,"vuln_count":170,"unpatched_count":29,"last_vuln_date":171,"fetched_at":31},"Top Bar","3.0.6","WP Darko","https:\u002F\u002Fprofiles.wordpress.org\u002Fspwebguy\u002F","\u003Cp>Simply the easiest way to add a topbar to your website. This plugin adds a simple and clean notification bar at the top of your website, allowing you to display a nice message to your visitors as well as a custom link. What you see is what you get, and it’s totally free.\u003C\u002Fp>\n\u003Ch4>No limitation for the Free version\u003C\u002Fh4>\n\u003Cp>The Free version of the Top Bar plugin is \u003Cstrong>not limited\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>The \u003Ca href=\"https:\u002F\u002Fwpdarko.com\u002Fitems\u002Ftop-bar-pro\u002F\" rel=\"nofollow ugc\">PRO version\u003C\u002Fa> gives you access to a lot of new features: allow users to \u003Cstrong>close the Top Bar\u003C\u002Fstrong>, choose an \u003Cstrong>initial state\u003C\u002Fstrong>, add a \u003Cstrong>bottom border\u003C\u002Fstrong>, set a \u003Cstrong>time before the Top Bar appears\u003C\u002Fstrong>, bottom positioning, user visibility settings (\u003Cstrong>only for guests or registered users\u003C\u002Fstrong>), change the \u003Cstrong>font-size\u003C\u002Fstrong>…\u003C\u002Fp>\n\u003Ch4>Fully translatable\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>POT files included (\u002Flang\u002F)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Available fields\u002Foptions\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Status (active or inactive)\u003C\u002Fli>\n\u003Cli>Stay visible when scrolling\u003C\u002Fli>\n\u003Cli>Message (obviously)\u003C\u002Fli>\n\u003Cli>Button text\u003C\u002Fli>\n\u003Cli>Button URL\u003C\u002Fli>\n\u003Cli>Color\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Usage\u003C\u002Fh4>\n\u003Cp>Go to \u003Ca href=\"https:\u002F\u002Fwpdarko.com\u002Fsupport\u002Fdocs\u002Fget-started-with-the-top-bar-plugin\u002F\" rel=\"nofollow ugc\">the plugin’s documentation\u003C\u002Fa> if you need more information on how to use this plugin.\u003C\u002Fp>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cp>Find help on \u003Ca href=\"https:\u002F\u002Fwpdarko.com\u002Fsupport\" rel=\"nofollow ugc\">our support platform\u003C\u002Fa> for this plugin (we’ll answer you fast, promise).\u003C\u002Fp>\n","Simply the easiest way to add a topbar to your website. Create a notification bar in no-time and show a message and a button to your visitors.",20000,299110,80,43,"2026-01-29T19:32:00.000Z","3.6",[111,167,21,22,23],"info-bar","https:\u002F\u002Fwpdarko.com\u002Ftop-bar\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftop-bar.3.0.6.zip",3,"2024-04-10 00:00:00",{"slug":173,"name":174,"version":175,"author":176,"author_profile":177,"description":178,"short_description":179,"active_installs":180,"downloaded":181,"rating":182,"num_ratings":183,"last_updated":184,"tested_up_to":16,"requires_at_least":185,"requires_php":148,"tags":186,"homepage":188,"download_link":189,"security_score":127,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"easy-notification-bar","Easy Notification Bar","1.7","wpexplorer","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpexplorer\u002F","\u003Cp>Easily add a custom top bar notification message to on your site with live customization options via the WordPress customizer. The plugin allows you to enter your notification bar text as well as an optional button to display next to your text. Perfect for notifying visitors of a current sale, hot product, warnings or other important messages.\u003C\u002Fp>\n\u003Cp>The \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Feasy-notification-bar\u002F\" rel=\"ugc\">Easy Notification Bar\u003C\u002Fa> plugin makes use of the newer “wp_body_open” action hook introduced in WordPress 5.2.0 which allows the plugin to work better with any theme that has been updated to support the tag. Contrary to other notice bar solutions which rely on absolute positioning, this plugin inserts the notice bar right after the body tag so it should display perfectly without any conflicts on any well-coded theme.\u003C\u002Fp>\n\u003Cp>By default, the notification bar is “static” which means it displays at the top of your site so when you scroll down the page it will become “hidden”. This is generally better for usability and \u003Ca href=\"https:\u002F\u002Fwww.wpexplorer.com\u002Fwordpress-seo\u002F\" rel=\"nofollow ugc\">SEO\u003C\u002Fa>. However, in version 1.4 we added a new \u003Cstrong>sticky option\u003C\u002Fstrong> which you can enable in the Customizer so that the notification bar remains visible as you scroll down the page. The sticky functionality makes use of the CSS sticky property (not javascript).\u003C\u002Fp>\n\u003Cp>Although disabled by default, you can enable a \u003Cstrong>close icon\u003C\u002Fstrong> for your notice. When enabled, your visitors will see an “x” icon over the top bar which they can click to hide the message for their current and future sessions. This functionality makes use of localStorage (not cookies). You can also select to hide the notification bar when clicking the call to action button.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Sitewide (or homepage only) top notification bar.\u003C\u002Fli>\n\u003Cli>Easy setup via the WordPress customizer.\u003C\u002Fli>\n\u003Cli>Optional close icon.\u003C\u002Fli>\n\u003Cli>Optional sticky display.\u003C\u002Fli>\n\u003Cli>Custom background, color, text alignment and font size settings.\u003C\u002Fli>\n\u003Cli>Optional callout button.\u003C\u002Fli>\n\u003Cli>Responsive design so it looks good on mobile.\u003C\u002Fli>\n\u003Cli>Minimal code.\u003C\u002Fli>\n\u003Cli>Vanilla Javascript used for close icon (jQuery not needed).\u003C\u002Fli>\n\u003C\u002Ful>\n","A simple plugin for displaying a notice at the top of your website that can be closed by the visitor. Completely free and minimal without any upsells.",9000,135989,92,16,"2026-03-10T18:26:00.000Z","6.3",[111,187,21,22,23],"notice","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Feasy-notification-bar\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feasy-notification-bar.1.7.zip",{"attackSurface":191,"codeSignals":269,"taintFlows":640,"riskAssessment":641,"analyzedAt":652},{"hooks":192,"ajaxHandlers":265,"restRoutes":266,"shortcodes":267,"cronEvents":268,"entryPointCount":29,"unprotectedCount":29},[193,199,203,206,209,213,216,220,222,224,226,231,236,240,243,246,250,254,258,262],{"type":194,"name":195,"callback":196,"file":197,"line":198},"action","template_redirect","set_landingpage_cookie","classes\\class-wpfront-notification-bar-controller.php",82,{"type":194,"name":200,"callback":201,"file":197,"line":202},"wp_footer","enqueue_styles",85,{"type":194,"name":204,"callback":201,"file":197,"line":205},"wp_enqueue_scripts",87,{"type":194,"name":204,"callback":207,"file":197,"line":208},"enqueue_scripts",89,{"type":194,"name":200,"callback":210,"priority":211,"file":197,"line":212},"write_debug_logs",99999,153,{"type":194,"name":214,"callback":210,"priority":211,"file":197,"line":215},"shutdown",155,{"type":194,"name":217,"callback":218,"file":197,"line":219},"wp_body_open","write_markup",172,{"type":194,"name":200,"callback":218,"file":197,"line":221},173,{"type":194,"name":200,"callback":218,"file":197,"line":223},175,{"type":194,"name":214,"callback":218,"file":197,"line":225},178,{"type":227,"name":228,"callback":229,"file":197,"line":230},"filter","wp_kses_allowed_html","message_allowed_html",346,{"type":194,"name":232,"callback":233,"file":234,"line":235},"plugins_loaded","set_controllers","classes\\class-wpfront-notification-bar.php",112,{"type":194,"name":237,"callback":238,"file":234,"line":239},"init","custom_css",113,{"type":194,"name":241,"callback":241,"file":234,"line":242},"admin_init",122,{"type":194,"name":244,"callback":244,"file":234,"line":245},"admin_menu",123,{"type":227,"name":247,"callback":247,"priority":248,"file":234,"line":249},"plugin_action_links",10,124,{"type":194,"name":251,"callback":252,"file":234,"line":253},"activated_plugin","activated_plugin_callback",158,{"type":194,"name":241,"callback":255,"priority":256,"file":234,"line":257},"admin_init_callback",999999,159,{"type":227,"name":259,"callback":260,"file":234,"line":261},"upload_mimes","custom_upload_filter",234,{"type":227,"name":263,"callback":263,"file":234,"line":264},"admin_footer_text",316,[],[],[],[],{"dangerousFunctions":270,"sqlUsage":271,"outputEscaping":277,"fileOperations":29,"externalRequests":29,"nonceChecks":115,"capabilityChecks":170,"bundledLibraries":633},[],{"prepared":29,"raw":115,"locations":272},[273],{"file":274,"line":275,"context":276},"uninstall.php",35,"$wpdb->get_col() with variable interpolation",{"escaped":278,"rawEcho":279,"locations":280},23,191,[281,284,286,288,290,292,295,296,298,300,302,304,306,308,310,312,314,316,317,319,321,323,325,326,328,330,332,334,335,337,339,341,342,344,346,348,350,352,354,356,358,360,362,364,366,368,370,372,374,376,378,380,382,384,386,388,390,392,394,396,398,400,402,404,406,408,410,412,414,416,418,420,422,424,426,428,430,432,434,436,438,440,442,444,446,448,450,452,454,456,458,460,462,464,466,468,469,471,473,475,476,478,479,481,483,485,486,488,490,492,494,496,498,500,502,504,506,508,510,512,514,516,518,520,522,525,527,529,530,532,533,534,535,537,538,540,541,543,544,546,547,548,550,551,552,554,556,557,559,560,561,562,564,565,567,568,570,571,572,573,575,577,579,581,583,585,587,589,591,593,595,597,599,601,603,605,607,609,611,613,615,618,620,622,624,626,627,628,630,631,632],{"file":197,"line":282,"context":283},277,"raw output",{"file":197,"line":285,"context":283},285,{"file":197,"line":287,"context":283},289,{"file":197,"line":289,"context":283},320,{"file":197,"line":291,"context":283},322,{"file":293,"line":294,"context":283},"templates\\template-wpfront-notification-bar-add-edit.php",81,{"file":293,"line":127,"context":283},{"file":293,"line":297,"context":283},111,{"file":293,"line":299,"context":283},195,{"file":293,"line":301,"context":283},196,{"file":293,"line":303,"context":283},197,{"file":293,"line":305,"context":283},198,{"file":293,"line":307,"context":283},199,{"file":293,"line":309,"context":283},203,{"file":293,"line":311,"context":283},230,{"file":293,"line":313,"context":283},238,{"file":293,"line":315,"context":283},246,{"file":293,"line":315,"context":283},{"file":293,"line":318,"context":283},257,{"file":293,"line":320,"context":283},266,{"file":293,"line":322,"context":283},272,{"file":293,"line":324,"context":283},276,{"file":293,"line":282,"context":283},{"file":293,"line":327,"context":283},283,{"file":293,"line":329,"context":283},295,{"file":293,"line":331,"context":283},307,{"file":293,"line":333,"context":283},319,{"file":293,"line":291,"context":283},{"file":293,"line":336,"context":283},331,{"file":293,"line":338,"context":283},334,{"file":293,"line":340,"context":283},343,{"file":293,"line":230,"context":283},{"file":293,"line":343,"context":283},355,{"file":293,"line":345,"context":283},359,{"file":293,"line":347,"context":283},368,{"file":293,"line":349,"context":283},371,{"file":293,"line":351,"context":283},380,{"file":293,"line":353,"context":283},392,{"file":293,"line":355,"context":283},395,{"file":293,"line":357,"context":283},404,{"file":293,"line":359,"context":283},412,{"file":293,"line":361,"context":283},424,{"file":293,"line":363,"context":283},428,{"file":293,"line":365,"context":283},437,{"file":293,"line":367,"context":283},440,{"file":293,"line":369,"context":283},449,{"file":293,"line":371,"context":283},461,{"file":293,"line":373,"context":283},464,{"file":293,"line":375,"context":283},473,{"file":293,"line":377,"context":283},485,{"file":293,"line":379,"context":283},497,{"file":293,"line":381,"context":283},500,{"file":293,"line":383,"context":283},509,{"file":293,"line":385,"context":283},512,{"file":293,"line":387,"context":283},521,{"file":293,"line":389,"context":283},533,{"file":293,"line":391,"context":283},537,{"file":293,"line":393,"context":283},539,{"file":293,"line":395,"context":283},541,{"file":293,"line":397,"context":283},547,{"file":293,"line":399,"context":283},559,{"file":293,"line":401,"context":283},571,{"file":293,"line":403,"context":283},583,{"file":293,"line":405,"context":283},602,{"file":293,"line":407,"context":283},611,{"file":293,"line":409,"context":283},619,{"file":293,"line":411,"context":283},631,{"file":293,"line":413,"context":283},643,{"file":293,"line":415,"context":283},651,{"file":293,"line":417,"context":283},659,{"file":293,"line":419,"context":283},664,{"file":293,"line":421,"context":283},670,{"file":293,"line":423,"context":283},675,{"file":293,"line":425,"context":283},684,{"file":293,"line":427,"context":283},693,{"file":293,"line":429,"context":283},702,{"file":293,"line":431,"context":283},710,{"file":293,"line":433,"context":283},725,{"file":293,"line":435,"context":283},729,{"file":293,"line":437,"context":283},731,{"file":293,"line":439,"context":283},733,{"file":293,"line":441,"context":283},742,{"file":293,"line":443,"context":283},755,{"file":293,"line":445,"context":283},771,{"file":293,"line":447,"context":283},776,{"file":293,"line":449,"context":283},781,{"file":293,"line":451,"context":283},790,{"file":293,"line":453,"context":283},800,{"file":293,"line":455,"context":283},810,{"file":293,"line":457,"context":283},826,{"file":293,"line":459,"context":283},838,{"file":293,"line":461,"context":283},843,{"file":293,"line":463,"context":283},848,{"file":293,"line":465,"context":283},853,{"file":293,"line":467,"context":283},862,{"file":293,"line":467,"context":283},{"file":293,"line":470,"context":283},868,{"file":293,"line":472,"context":283},883,{"file":293,"line":474,"context":283},884,{"file":293,"line":474,"context":283},{"file":293,"line":477,"context":283},903,{"file":293,"line":477,"context":283},{"file":293,"line":480,"context":283},904,{"file":293,"line":482,"context":283},913,{"file":293,"line":484,"context":283},919,{"file":293,"line":87,"context":283},{"file":293,"line":487,"context":283},930,{"file":293,"line":489,"context":283},941,{"file":293,"line":491,"context":283},958,{"file":293,"line":493,"context":283},966,{"file":293,"line":495,"context":283},983,{"file":293,"line":497,"context":283},991,{"file":293,"line":499,"context":283},999,{"file":293,"line":501,"context":283},1062,{"file":293,"line":503,"context":283},1075,{"file":293,"line":505,"context":283},1083,{"file":293,"line":507,"context":283},1091,{"file":293,"line":509,"context":283},1109,{"file":293,"line":511,"context":283},1136,{"file":293,"line":513,"context":283},1139,{"file":293,"line":515,"context":283},1148,{"file":293,"line":517,"context":283},1182,{"file":293,"line":519,"context":283},1183,{"file":293,"line":521,"context":283},1184,{"file":523,"line":524,"context":283},"templates\\template-wpfront-notification-bar-custom-css.php",58,{"file":523,"line":526,"context":283},61,{"file":523,"line":528,"context":283},62,{"file":523,"line":528,"context":283},{"file":523,"line":531,"context":283},63,{"file":523,"line":531,"context":283},{"file":523,"line":114,"context":283},{"file":523,"line":114,"context":283},{"file":523,"line":536,"context":283},65,{"file":523,"line":536,"context":283},{"file":523,"line":539,"context":283},66,{"file":523,"line":539,"context":283},{"file":523,"line":542,"context":283},67,{"file":523,"line":542,"context":283},{"file":523,"line":545,"context":283},68,{"file":523,"line":545,"context":283},{"file":523,"line":198,"context":283},{"file":523,"line":549,"context":283},96,{"file":523,"line":27,"context":283},{"file":523,"line":235,"context":283},{"file":523,"line":553,"context":283},115,{"file":523,"line":555,"context":283},116,{"file":523,"line":555,"context":283},{"file":523,"line":558,"context":283},117,{"file":523,"line":558,"context":283},{"file":523,"line":145,"context":283},{"file":523,"line":145,"context":283},{"file":523,"line":563,"context":283},119,{"file":523,"line":563,"context":283},{"file":523,"line":566,"context":283},120,{"file":523,"line":566,"context":283},{"file":523,"line":569,"context":283},121,{"file":523,"line":569,"context":283},{"file":523,"line":242,"context":283},{"file":523,"line":242,"context":283},{"file":523,"line":574,"context":283},125,{"file":523,"line":576,"context":283},132,{"file":523,"line":578,"context":283},135,{"file":523,"line":580,"context":283},136,{"file":523,"line":582,"context":283},139,{"file":523,"line":584,"context":283},147,{"file":523,"line":586,"context":283},150,{"file":523,"line":588,"context":283},154,{"file":523,"line":590,"context":283},157,{"file":523,"line":592,"context":283},165,{"file":523,"line":594,"context":283},168,{"file":523,"line":596,"context":283},169,{"file":523,"line":598,"context":283},170,{"file":523,"line":600,"context":283},177,{"file":523,"line":602,"context":283},180,{"file":523,"line":604,"context":283},181,{"file":523,"line":606,"context":283},204,{"file":523,"line":608,"context":283},209,{"file":523,"line":610,"context":283},214,{"file":523,"line":612,"context":283},220,{"file":523,"line":614,"context":283},225,{"file":616,"line":617,"context":283},"templates\\template-wpfront-notification-bar.php",73,{"file":616,"line":619,"context":283},75,{"file":616,"line":621,"context":283},140,{"file":616,"line":623,"context":283},141,{"file":616,"line":625,"context":283},142,{"file":616,"line":588,"context":283},{"file":616,"line":257,"context":283},{"file":616,"line":629,"context":283},186,{"file":616,"line":629,"context":283},{"file":616,"line":299,"context":283},{"file":616,"line":299,"context":283},[634,637],{"name":635,"version":38,"knownCves":636},"Select2",[],{"name":638,"version":38,"knownCves":639},"TinyMCE",[],[],{"summary":642,"deductions":643},"The static analysis of wpfront-notification-bar v3.5.1 reveals a mixed security posture. On the positive side, the plugin presents a zero attack surface through AJAX, REST API, shortcodes, and cron events, with no unprotected entry points. This indicates a strong adherence to secure development practices regarding input vectors. Additionally, the presence of nonces and capability checks is encouraging.\n\nHowever, the code analysis raises concerns regarding data handling. The single SQL query is not using prepared statements, which is a significant risk for SQL injection, especially if user input is involved. Furthermore, only 11% of output escaping is properly handled, leaving a substantial portion vulnerable to Cross-Site Scripting (XSS) attacks. The lack of taint analysis data in this report is a limitation, but the high percentage of unescaped output strongly suggests potential vulnerabilities.\n\nThe plugin has a history of four known medium-severity vulnerabilities, all related to Cross-Site Scripting, with the most recent being March 25, 2024. While there are no currently unpatched CVEs, this pattern of XSS vulnerabilities indicates a recurring weakness in how the plugin handles user-supplied data before rendering it in the frontend. This, combined with the low output escaping percentage, suggests a persistent risk. In conclusion, while the plugin excels in limiting its direct attack surface, significant weaknesses exist in its data sanitization and output escaping, compounded by a history of XSS flaws.",[644,647,649],{"reason":645,"points":646},"Raw SQL query without prepared statements",7,{"reason":648,"points":48},"Low percentage of properly escaped output",{"reason":650,"points":651},"History of medium severity XSS vulnerabilities",12,"2026-03-16T17:19:31.864Z",{"wat":654,"direct":681},{"assetPaths":655,"generatorPatterns":666,"scriptPaths":667,"versionParams":673},[656,657,658,659,660,661,662,663,664,665],"\u002Fwp-content\u002Fplugins\u002Fwpfront-notification-bar\u002Fcss\u002Fwpfront-notification-bar.css","\u002Fwp-content\u002Fplugins\u002Fwpfront-notification-bar\u002Fcss\u002Fwpfront-notification-bar-custom.css","\u002Fwp-content\u002Fplugins\u002Fwpfront-notification-bar\u002Fjs\u002Fwpfront-notification-bar.js","\u002Fwp-content\u002Fplugins\u002Fwpfront-notification-bar\u002Fjs\u002Fwpfront-notification-bar-frontend.js","\u002Fwp-content\u002Fplugins\u002Fwpfront-notification-bar\u002Fjs\u002Fwpfront-notification-bar-custom.js","\u002Fwp-content\u002Fplugins\u002Fwpfront-notification-bar\u002Fcss\u002Felement-plus.min.css","\u002Fwp-content\u002Fplugins\u002Fwpfront-notification-bar\u002Fjs\u002Fvue.global.min.js","\u002Fwp-content\u002Fplugins\u002Fwpfront-notification-bar\u002Fjs\u002Felement-plus.min.js","\u002Fwp-content\u002Fplugins\u002Fwpfront-notification-bar\u002Fcss\u002Foptions.css","\u002Fwp-content\u002Fplugins\u002Fwpfront-notification-bar\u002Fjs\u002Foptions.js",[],[668,669,670,671,672],"https:\u002F\u002Fcdnjs.cloudflare.com\u002Fajax\u002Flibs\u002Ffont-awesome\u002F4.7.0\u002Fcss\u002Ffont-awesome.min.css","https:\u002F\u002Fcdnjs.cloudflare.com\u002Fajax\u002Flibs\u002Ffont-awesome\u002F4.7.0\u002Fjs\u002Ffont-awesome.min.js","\u002F\u002Funpkg.com\u002Felement-plus@2.2.6\u002Fdist\u002Findex.full.js","\u002F\u002Funpkg.com\u002Felement-plus@2.2.6\u002Fdist\u002Findex.full.css","\u002F\u002Funpkg.com\u002Fvue@3.2.37\u002Fdist\u002Fvue.global.js",[674,675,676,677,678,679,680],"wpfront-notification-bar\u002Fstyle.css?ver=","wpfront-notification-bar\u002Fscript.js?ver=","wpfront-notification-bar\u002Fjs\u002Fwpfront-notification-bar-frontend.js?ver=","wpfront-notification-bar\u002Fjs\u002Fwpfront-notification-bar-custom.js?ver=","wpfront-notification-bar\u002Fcss\u002Fwpfront-notification-bar-custom.css?ver=","wpfront-notification-bar\u002Fjs\u002Foptions.js?ver=","wpfront-notification-bar\u002Fcss\u002Foptions.css?ver=",{"cssClasses":682,"htmlComments":699,"htmlAttributes":703,"restEndpoints":706,"jsGlobals":707,"shortcodeOutput":710},[4,683,684,685,686,687,688,689,690,691,692,693,694,695,696,697,698],"wpfront-nb-wrapper","wpfront-nb-content","wpfront-nb-close","wpfront-nb-button","wpfront-notification-bar-options","el-row","el-col","el-button","el-input","el-textarea","el-tabs","el-tab-pane","el-select","el-checkbox","el-radio","el-form-item",[700,701,702],"WPFront Notification Bar Plugin","Copyright (C) 2013, WPFront.com","WPFront Notification Bar Plugin is distributed under the GNU General Public License, Version 3",[704,705],"data-wpfront-notification-bar-id","data-wpfront-notification-bar-settings",[],[708,709],"WPFront_Notification_Bar","wpfrontNotificationBarFrontend",[]]