[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fCoFmRnIK0Nos-cdDK4Tns8_5EwVm1tp1Z6l6sDBN2Ss":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":15,"tags":18,"homepage":15,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":38,"analysis":125,"fingerprints":291},"zaki-like-dislike-comments","Zaki Like Dislike Comments","1.2","Riccardo Conte","https:\u002F\u002Fprofiles.wordpress.org\u002Frconte-1\u002F","\u003Cp>This plugin implements a “like\u002Fdislike” rating system for comments. In the setting page you can choose a “compact \u002F splitted” mode that show ratings like sum or separately.\u003C\u002Fp>\n","This plugin implements a \"like\u002Fdislike\" rating system for comments",40,5565,80,5,"","4.1.42","3.3",[19,20,21,22,23],"comments","like","posts","rate","vote","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fzaki-like-dislike-comments.zip",100,0,null,"2026-03-15T10:48:56.248Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":34,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"rconte-1",4,70,89,30,86,"2026-04-03T20:14:18.437Z",[39,57,74,93,110],{"slug":22,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":11,"downloaded":46,"rating":36,"num_ratings":47,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":15,"tags":51,"homepage":15,"download_link":54,"security_score":55,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":56},"Rate","0.4","Scott Taylor","https:\u002F\u002Fprofiles.wordpress.org\u002Fwonderboymusic\u002F","\u003Cp>Most ratings plugins contain too much code: inline JavaScript, messy markup, weird CSS. Rate is simple, hardly intrusive, and completely overridable.\u003C\u002Fp>\n\u003Cp>A Post\u002FPage\u002FCustom Post Type’s rating is the average of all comment ratings. A user can leave a rating when commenting, and change that rating inline after leaving a comment (if logged-in or Cookie’d).\u003C\u002Fp>\n\u003Cp>Don’t be afraid to play around and extend the code: drop a \u003Ccode>rate.css\u003C\u002Fcode> file in your theme directory and mine won’t even load (by default, Rate stars are transparent with a white border, so you can use \u003Ccode>background-color\u003C\u002Fcode> to set your stars’ colors)!\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003C?php \n\u002F\u002F in this version, you need to insert these functions into your theme for ratings to appear\n\u002F\u002F you don't have to use the_rating(), the comment_rating() will work by itself, but the_rating() will not\n\n\u002F\u002F for a Post, Page, or Custom Post Type (average of all comment ratings)\nthe_rating();\n\n\u002F\u002F for a comment\nthe_comment_rating();\n?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Read More: http:\u002F\u002Fscottctaylor.wordpress.com\u002F2010\u002F11\u002F30\u002Fnew-plugin-rate\u002F\u003C\u002Fp>\n","Most ratings plugins contain too much code: inline JavaScript, messy markup, weird CSS. Rate is simple, hardly intrusive, and completely overridable.",23304,6,"2015-07-30T21:33:00.000Z","3.0.5","3.0",[19,52,21,22,53],"pages","ratings","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frate.0.4.zip",85,"2026-03-15T15:16:48.613Z",{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":65,"downloaded":66,"rating":26,"num_ratings":26,"last_updated":67,"tested_up_to":68,"requires_at_least":69,"requires_php":15,"tags":70,"homepage":15,"download_link":72,"security_score":73,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":56},"just-likes-and-dislikes","Just Likes and Dislikes","2.8","Greg Ross","https:\u002F\u002Fprofiles.wordpress.org\u002Fgregross\u002F","\u003Cp>\u003Cstrong>Just Likes and Dislikes is a fork of the excellent \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fposts-like-dislike\u002F\" rel=\"ugc\">Post Like Dislike\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcomments-like-dislike\u002F\" rel=\"ugc\">Comment Like and Dislike\u003C\u002Fa> by \u003Ca href=\"http:\u002F\u002Fwphappycoders.com\u002F\" rel=\"nofollow ugc\">WP Happy Coders\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Just Likes and Dislikes enables like and dislike icons for posts, pages and comments. Choose between multiple predefined icon sets or use your own custom like\u002Fdislike icons, the choice is yours.\u003C\u002Fp>\n\u003Cp>Just Likes and Dislikes increases the interaction with the WordPress by enabling likes and dislikes buttons along with the count.\u003C\u002Fp>\n\u003Ch4>See full features list below:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Select position of like\u002Fdislike display; before\u002Fafter post\u002Fcomment.\u003C\u002Fli>\n\u003Cli>Disable like\u002Fdislikes on any post type.\u003C\u002Fli>\n\u003Cli>Show likes, dislikes or both.\u003C\u002Fli>\n\u003Cli>Choose which order to show likes\u002Fdislikes in.\u003C\u002Fli>\n\u003Cli>Definable hover text.\u003C\u002Fli>\n\u003Cli>Choose to display like\u002Fdislike counts of zero.\u003C\u002Fli>\n\u003Cli>Choose method to restrict users to a single like\u002Fdislike; cookies, IP, logged in users\u003C\u002Fli>\n\u003Cli>7 available pre-defined icon templates to choose from:\n\u003Cul>\n\u003Cli>Thumbs\u003C\u002Fli>\n\u003Cli>Hearts\u003C\u002Fli>\n\u003Cli>Checked\u002FCross-out\u003C\u002Fli>\n\u003Cli>Happy\u002FSad\u003C\u002Fli>\n\u003Cli>Plus\u002FMinus\u003C\u002Fli>\n\u003Cli>Up\u002FDown\u003C\u002Fli>\n\u003Cli>Fire\u002FExtinguisher\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Custom like\u002Fdislike icon support\u003C\u002Fli>\n\u003Cli>Icon color selector\u003C\u002Fli>\n\u003Cli>Count color selector\u003C\u002Fli>\n\u003Cli>NEW: Sortable like\u002Fdislike columns in post\u002Fpage admin screens (can be disabled via option)\u003C\u002Fli>\n\u003Cli>NEW: Total like\u002Fdislike counts on tags and category admin screens (unsortable due to technical limitations)\u003C\u002Fli>\n\u003Cli>NEW: Front end shortcode to generate Top 10 style tables for liked\u002Fdisliked content (comments not supported at this time).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Shortcode\u003C\u002Fh4>\n\u003Cp>[just_like_and_dislike id=post_id] or [jlad id=post_id]\u003Cbr \u002F>\nPlease replace post_id with the id of the post or remove id parameter for considering the post id as the id of global $post object\u003C\u002Fp>\n\u003Cp>[just_like_and_dislike_top_table count=10] or [jlad_top_table count=10]\u003Cbr \u002F>\nOptions available are:\u003Cbr \u002F>\n* count – Number of items to display (default 10).\u003Cbr \u002F>\n* show_likes – Display a table with the top liked posts in it (default true).\u003Cbr \u002F>\n* show_dislikes – Display a table with the top disliked posts in it (default true).\u003Cbr \u002F>\n* types – Post types to display, a comma separated list i.e. “post” or “post, page” (default “post”).\u003Cbr \u002F>\n* show_table_title – Display a title for each table in the format of “Likes for Posts”, “Dislikes for Pages”, etc. (default true).\u003Cbr \u002F>\n* show_row_numbers – Display row numbers for the table (default true).\u003C\u002Fp>\n\u003Cp>eg: [jlad_top_table count=3 types=”post, pages” show_dislikes=false show_table_title=false]\u003C\u002Fp>\n\u003Cp>  Post Title\u003Cbr \u002F>\n  👍️\u003C\u002Fp>\n\u003Cp>  1\u003Cbr \u002F>\n  Cool post\u003Cbr \u002F>\n  6\u003C\u002Fp>\n\u003Cp>  2\u003Cbr \u002F>\n  Nice post\u003Cbr \u002F>\n  3\u003C\u002Fp>\n\u003Cp>  3\u003Cbr \u002F>\n  [no title]\u003Cbr \u002F>\n  2\u003C\u002Fp>\n\u003Cp>  Total\u003Cbr \u002F>\n  11\u003C\u002Fp>\n\u003Cp>  Page Title\u003Cbr \u002F>\n  👎️\u003C\u002Fp>\n\u003Cp>  1\u003Cbr \u002F>\n  Cool page\u003Cbr \u002F>\n  8\u003C\u002Fp>\n\u003Cp>  2\u003Cbr \u002F>\n  Nice page\u003Cbr \u002F>\n  4\u003C\u002Fp>\n\u003Cp>  3\u003Cbr \u002F>\n  [no title]\u003Cbr \u002F>\n  1\u003C\u002Fp>\n\u003Cp>  Total\u003Cbr \u002F>\n  13\u003C\u002Fp>\n\u003Cp>The table has a css class of jlad_shortcode_table, so you can style it with css, for example:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>`\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>.jlad_shortcode_table thead,\u003Cbr \u002F>\n.jlad_shortcode_table tfoot {\u003Cbr \u002F>\n    background-color: #000077;\u003Cbr \u002F>\n    color: #FFFFFF;\u003Cbr \u002F>\n}\u003C\u002Fp>\n\u003Cp>.jlad_shortcode_table tr:nth-child(even) {\u003Cbr \u002F>\n  background-color: #f2f2f2;\u003Cbr \u002F>\n}\u003C\u002Fp>\n\u003Cp>.jlad_shortcode_table td:last-child {\u003Cbr \u002F>\n    text-align: center;\u003Cbr \u002F>\n    width: 20%;\u003Cbr \u002F>\n}\u003C\u002Fp>\n\u003Cp>.jlad_shortcode_table tfoot td:first-child {\u003Cbr \u002F>\n    text-align: right;\u003Cbr \u002F>\n}\u003Cbr \u002F>\n    `\u003C\u002Fp>\n\u003Cp>Creates a table with blue background and white text header\u002Ffooter rows, zebra stripes on the post list, centers the likes\u002Fdislikes column and aligns the “Total” in the footer to the right of the column.\u003C\u002Fp>\n\u003Ch4>Custom Function\u003C\u002Fh4>\n\u003Cpre>\u003Ccode>\u003C?php echo do_shortcode('[just_like_and_dislike id=post_id]');?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Please replace post_id with the id of the post or remove id parameter for considering the post id as the id of global $post object\u003C\u002Fp>\n","Like and dislike feature for WordPress.",20,2443,"2024-06-09T23:27:00.000Z","6.5.8","5.0",[19,71,20,52,21],"dislike","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjust-likes-and-dislikes.2.8.zip",92,{"slug":75,"name":76,"version":77,"author":78,"author_profile":79,"description":80,"short_description":81,"active_installs":82,"downloaded":83,"rating":26,"num_ratings":26,"last_updated":84,"tested_up_to":85,"requires_at_least":86,"requires_php":15,"tags":87,"homepage":91,"download_link":92,"security_score":55,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":56},"iavote","IaVote","1.0","iafelipe","https:\u002F\u002Fprofiles.wordpress.org\u002Fiafelipe\u002F","\u003Cp>IaVote enables bloggers to add voting functionality to their posts. Include 2 widgets: resume votes and most voted.\u003C\u002Fp>\n\u003Cp>Features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Vote for the best and worst\u003C\u002Fli>\n\u003Cli>Length of time to vote\u003C\u002Fli>\n\u003Cli>Dates of the votes\u003C\u002Fli>\n\u003Cli>Selection of votes: day, week, month and all\u003C\u002Fli>\n\u003Cli>Custom Pages listings votes\u003C\u002Fli>\n\u003Cli>Language options\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For more information see: http:\u002F\u002Fwww.informaticaautonomos.com\u002Faplicaciones\u002Fiavote.php\u003C\u002Fp>\n\u003Ch3>\u003C\u002Fh3>\n\u003Cp>Widget 1: total of votes in week, month, day and forever\u003C\u002Fp>\n\u003Cp>Add in wordpress panel widged or insert this code in your theme:\u003C\u002Fp>\n\u003Cp>Widget 2: Resume pages\u003C\u002Fp>\n\u003Cp>1- create the diferent pages in wordpress: latest, random, mostComment, lessVoted, mostVoted\u003Cbr \u002F>\n2- set the id’s in iavote_options.php\u003Cbr \u002F>\n3- Put this code in index.php:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>        global $options;\n        widget_iavote_pages(\n            $options['widget-pages']['latest'], $options['widget-pages']['random'], \n            $options['widget-pages']['mostComment'], $options['widget-pages']['lessVoted'],\n            $options['widget-pages']['mostVoted']\n        );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>4- insert in page.php before:\n            \u003C\u002Fp>\n\u003Cp>and before  insert:\n            \u003C\u002Fp>\n","IaVote enables bloggers to add voting functionality to their posts. Include 2 widgets: resume votes and most voted.",10,3078,"2011-07-18T12:38:00.000Z","3.2.1","3.2",[75,23,88,89,90],"vote-comments","vote-pages","vote-posts","http:\u002F\u002Fwww.informaticaautonomos.com\u002Faplicaciones\u002Fiavote.php","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fiavote.zip",{"slug":94,"name":95,"version":96,"author":97,"author_profile":98,"description":99,"short_description":100,"active_installs":82,"downloaded":101,"rating":25,"num_ratings":102,"last_updated":103,"tested_up_to":104,"requires_at_least":105,"requires_php":15,"tags":106,"homepage":15,"download_link":109,"security_score":55,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":56},"like-and-who-likes","Like And Who Likes","1.3.1","atonyk","https:\u002F\u002Fprofiles.wordpress.org\u002Fatonyk\u002F","\u003Cp>This plugin adds the ‘Like’ button and ‘Who Likes’ list to:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>WordPress posts and comments\u003C\u002Fli>\n\u003Cli>BuddyPress activities and comments\u003C\u002Fli>\n\u003Cli>BBPress posts\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>It allows for registered users to like the items. And it shows for both registered and unregistered users the existing likes.\u003C\u002Fp>\n\u003Cp>The components to show the likes to can be configured on the settings page. For example, the likes can be disabled for WordPress comments.\u003C\u002Fp>\n\u003Cp>Likes are saved in the internal WordPress and BuddyPress meta tables. No separate tables are created.\u003C\u002Fp>\n\u003Cp>The plugin cleans all its data on uninstallation (but not on deactivation).\u003C\u002Fp>\n\u003Cp>You can contribute on – \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fansnap\u002Flike-and-who-likes\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002Fansnap\u002Flike-and-who-likes\u003C\u002Fa>\u003C\u002Fp>\n","Adds the 'Like' button and 'Who Likes' list for WordPress, BuddyPress and BBPress.",3084,1,"2017-05-10T08:11:00.000Z","4.7.32","4.6",[107,20,22,108,23],"buddypress","social","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flike-and-who-likes.1.3.1.zip",{"slug":111,"name":112,"version":77,"author":113,"author_profile":114,"description":115,"short_description":116,"active_installs":82,"downloaded":117,"rating":25,"num_ratings":14,"last_updated":118,"tested_up_to":119,"requires_at_least":120,"requires_php":15,"tags":121,"homepage":15,"download_link":124,"security_score":55,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":56},"vote-my-post","Vote My Post","seven monks","https:\u002F\u002Fprofiles.wordpress.org\u002Fseven-monks\u002F","\u003Cp>This plugin provides one upvote( like ) and one downvote( dislike ) button with counter, to each of your posts. The site admin has option to set the position ( before or after a post ) and orientation( left or right ) of these buttons.\u003C\u002Fp>\n\u003Cp>The site admin has the option to set the voting mode per post. Each post can either be “restricted”, i.e. is votable by only a logged in registered user, or, “open”, i.e. any visitor can cast her vote for the post. For the posts in “open” mode, the site admin can set a time interval for a user to cast consecutive votes for a particular post. The logged in user can optionally be allowed to cast multiple votes for a single post, or, to vote a post only once. If she is allowed ( by the option set by the site admin ) to cast multiple votes for a particular post, she is prevented for the pre-set time interval to cast a consecutive vote.\u003C\u002Fp>\n\u003Cp>The admin interface has a complete list of all the posts that have been voted so far and she can reset the counters for either a particular post or multiple posts at a time.\u003C\u002Fp>\n\u003Cp>Other settings provide options to specify the number of posts to display per listing page, etc.\u003C\u002Fp>\n\u003Cp>If you find this plugin helpful, PLEASE RATE IT!!\u003C\u002Fp>\n","Provides up and downvote buttons to each of your posts.",6579,"2013-09-27T16:16:00.000Z","3.6.1","3.5.1",[71,122,20,21,123],"down-vote","up-vote","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvote-my-post.1.0.zip",{"attackSurface":126,"codeSignals":167,"taintFlows":248,"riskAssessment":275,"analyzedAt":290},{"hooks":127,"ajaxHandlers":155,"restRoutes":163,"shortcodes":164,"cronEvents":165,"entryPointCount":166,"unprotectedCount":166},[128,134,138,143,147,151],{"type":129,"name":130,"callback":131,"file":132,"line":133},"action","wp_enqueue_scripts","ZakiLikeDislike_JqueryCheck","js\\js-zaki-like-dislike.php",8,{"type":129,"name":135,"callback":136,"file":132,"line":137},"wp_head","ZakiLikeDislike_Js",58,{"type":129,"name":139,"callback":140,"file":141,"line":142},"admin_init","ZakiLikeDislike_SettingsInit","zaki-like-dislike-comments.php",17,{"type":129,"name":144,"callback":145,"file":141,"line":146},"admin_menu","ZakiLikeDislike_AddMenuPages",18,{"type":129,"name":148,"callback":149,"file":141,"line":150},"init","ZakiLikeDislike_CheckCssFrontendInclude",183,{"type":129,"name":152,"callback":153,"file":141,"line":154},"comment_text","ZakiLikeDislike_AddPluginHml",193,[156,161],{"action":157,"nopriv":158,"callback":159,"hasNonce":158,"hasCapCheck":158,"file":160,"line":14},"zaki_like_dislike_ajax",false,"ZakiLikeDislike_Ajax","ajax\\ajax-zaki-like-dislike.php",{"action":157,"nopriv":162,"callback":159,"hasNonce":158,"hasCapCheck":158,"file":160,"line":47},true,[],[],[],2,{"dangerousFunctions":168,"sqlUsage":169,"outputEscaping":189,"fileOperations":26,"externalRequests":26,"nonceChecks":26,"capabilityChecks":26,"bundledLibraries":247},[],{"prepared":26,"raw":170,"locations":171},7,[172,176,178,180,182,184,187],{"file":173,"line":174,"context":175},"classes\\class-zaki-like-dislike.php",21,"$wpdb->get_row() with variable interpolation",{"file":173,"line":177,"context":175},42,{"file":173,"line":179,"context":175},60,{"file":173,"line":181,"context":175},78,{"file":173,"line":183,"context":175},96,{"file":141,"line":185,"context":186},28,"$wpdb->query() with variable interpolation",{"file":141,"line":188,"context":186},52,{"escaped":166,"rawEcho":35,"locations":190},[191,194,195,196,197,199,201,203,205,207,209,210,212,214,215,217,220,222,224,226,228,230,232,234,235,237,239,241,243,245],{"file":160,"line":192,"context":193},47,"raw output",{"file":160,"line":192,"context":193},{"file":160,"line":33,"context":193},{"file":160,"line":33,"context":193},{"file":173,"line":198,"context":193},112,{"file":173,"line":200,"context":193},116,{"file":173,"line":202,"context":193},124,{"file":173,"line":204,"context":193},130,{"file":173,"line":206,"context":193},136,{"file":173,"line":208,"context":193},147,{"file":173,"line":208,"context":193},{"file":173,"line":211,"context":193},148,{"file":173,"line":213,"context":193},159,{"file":173,"line":213,"context":193},{"file":173,"line":216,"context":193},160,{"file":218,"line":219,"context":193},"classes\\class-zaki-plugins.php",43,{"file":218,"line":221,"context":193},44,{"file":141,"line":223,"context":193},102,{"file":141,"line":225,"context":193},104,{"file":141,"line":227,"context":193},114,{"file":141,"line":229,"context":193},115,{"file":141,"line":231,"context":193},118,{"file":141,"line":233,"context":193},120,{"file":141,"line":204,"context":193},{"file":141,"line":236,"context":193},132,{"file":141,"line":238,"context":193},133,{"file":141,"line":240,"context":193},161,{"file":141,"line":242,"context":193},167,{"file":141,"line":244,"context":193},189,{"file":141,"line":246,"context":193},191,[],[249,266],{"entryPoint":250,"graph":251,"unsanitizedCount":32,"severity":265},"ZakiLikeDislike_Ajax (ajax\\ajax-zaki-like-dislike.php:7)",{"nodes":252,"edges":263},[253,258],{"id":254,"type":255,"label":256,"file":160,"line":257},"n0","source","$_POST (x4)",12,{"id":259,"type":260,"label":261,"file":160,"line":192,"wp_function":262},"n1","sink","echo() [XSS]","echo",[264],{"from":254,"to":259,"sanitized":158},"medium",{"entryPoint":267,"graph":268,"unsanitizedCount":32,"severity":274},"\u003Cajax-zaki-like-dislike> (ajax\\ajax-zaki-like-dislike.php:0)",{"nodes":269,"edges":272},[270,271],{"id":254,"type":255,"label":256,"file":160,"line":257},{"id":259,"type":260,"label":261,"file":160,"line":192,"wp_function":262},[273],{"from":254,"to":259,"sanitized":158},"low",{"summary":276,"deductions":277},"The \"zaki-like-dislike-comments\" v1.2 plugin presents a significant security risk due to several critical coding practices. While the plugin has no recorded vulnerability history and doesn't utilize dangerous functions or make external HTTP requests, its static analysis reveals major concerns. The presence of two AJAX handlers without authentication checks creates a substantial attack surface. Furthermore, all SQL queries (7 in total) are executed without prepared statements, making the plugin highly susceptible to SQL injection vulnerabilities. The low percentage of properly escaped output (6%) indicates a high risk of cross-site scripting (XSS) vulnerabilities. Taint analysis also points to two flows with unsanitized paths, which, while not classified as critical or high, are still concerning given the other identified weaknesses. The lack of nonce checks and capability checks on the entry points further exacerbates these risks. The absence of past vulnerabilities is a positive sign, but it doesn't mitigate the severe coding flaws present in this version. Overall, this plugin has a poor security posture that requires immediate attention to address the SQL injection and XSS risks, as well as the unprotected AJAX endpoints.",[278,280,282,284,286,288],{"reason":279,"points":82},"AJAX handlers without authentication checks",{"reason":281,"points":82},"SQL queries without prepared statements",{"reason":283,"points":133},"Low percentage of properly escaped output",{"reason":285,"points":170},"Flows with unsanitized paths",{"reason":287,"points":14},"Missing nonce checks",{"reason":289,"points":14},"Missing capability checks","2026-03-16T22:04:21.624Z",{"wat":292,"direct":299},{"assetPaths":293,"generatorPatterns":295,"scriptPaths":296,"versionParams":298},[294],"\u002Fwp-content\u002Fplugins\u002Fzaki-like-dislike-comments\u002Fcss\u002Ffrontend.css",[],[297],"\u002Fwp-content\u002Fplugins\u002Fzaki-like-dislike-comments\u002Fjs\u002Fjs-zaki-like-dislike.php",[],{"cssClasses":300,"htmlComments":303,"htmlAttributes":304,"restEndpoints":305,"jsGlobals":306,"shortcodeOutput":308},[301,302],"zaki_like_dislike_page","zaki_like_dislike_page_main",[],[],[],[307],"ZakiLikeDislike",[309],"\u003C?php if (class_exists('ZakiLikeDislike')) ZakiLikeDislike::getLikeDislikeHtml(); ?>"]