{ "entity_id": "wordpress", "entity_type": "system", "display_name": "WordPress", "parent_entity_id": null, "root_system_id": "wordpress", "category": "cms", "ecosystem": "cms", "official": true, "status": "cataloged", "history_policy": "history-full", "repo_url": "", "package_registry": "", "marketplace_url": "", "latest_version": "51.1.53", "version_scheme": "vendor", "latest_release_at": "", "latest_release_url": "https://patchstack.com/database/wordpress/plugin/king-addons/vulnerability/wordpress-king-addons-for-elementor-plugin-51-1-38-authenticated-contributor-dom-based-stored-cross-site-scripting-via-multiple-widgets-vulnerability", "version_source_refs": [ "https://wpscan.com/blog/object-injection-vulnerability-fixed-in-seopress-7-9/", "https://patchstack.com/database/wordpress/plugin/ft-rockpress/vulnerability/wordpress-rockpress-plugin-1-0-17-missing-authorization-to-authenticated-subscriber-arbitrary-modification-via-ajax-actions-vulnerability", "https://patchstack.com/database/wordpress/plugin/instant-popup-builder/vulnerability/wordpress-instant-popup-builder-plugin-1-1-7-unauthenticated-arbitrary-shortcode-execution-via-token-parameter-vulnerability", "https://patchstack.com/database/wordpress/plugin/cm-custom-reports/vulnerability/wordpress-cm-custom-reports-plugin-1-2-7-authenticated-administrator-stored-cross-site-scripting-via-plugin-labels-vulnerability", "https://patchstack.com/database/wordpress/plugin/wc-carta-docente/vulnerability/wordpress-ilghera-carta-docente-for-woocommerce-plugin-1-5-0-authenticated-administrator-path-traversal-to-arbitrary-file-deletion-via-cert-parameter-vulnerability", "https://patchstack.com/database/wordpress/plugin/emailkit/vulnerability/wordpress-emailkit-plugin-1-6-3-authenticated-administrator-path-traversal-via-emailkit-editor-template-rest-api-parameter-vulnerability", "https://patchstack.com/database/wordpress/plugin/simply-schedule-appointments/vulnerability/wordpress-appointment-booking-calendar-plugin-1-6-10-0-unauthenticated-sql-injection-via-fields-parameter-vulnerability", "https://patchstack.com/database/wordpress/plugin/alt-manager/vulnerability/wordpress-image-alt-text-manager-plugin-1-8-2-authenticated-author-stored-cross-site-scripting-via-post-title-vulnerability", "https://patchstack.com/database/wordpress/plugin/add-custom-fields-to-media/vulnerability/wordpress-add-custom-fields-to-media-plugin-2-0-3-cross-site-request-forgery-to-custom-field-deletion-via-delete-parameter-vulnerability", "https://patchstack.com/database/wordpress/plugin/info-cards/vulnerability/wordpress-info-cards-plugin-2-0-7-authenticated-contributor-stored-cross-site-scripting-via-block-attributes-vulnerability", "https://patchstack.com/database/wordpress/plugin/keep-backup-daily/vulnerability/wordpress-keep-backup-daily-plugin-2-1-1-authenticated-admin-limited-path-traversal-via-kbd-path-parameter-vulnerability", "https://patchstack.com/database/wordpress/plugin/linksy-search-and-replace/vulnerability/wordpress-linksy-search-and-replace-plugin-1-0-4-missing-authorization-to-authenticated-subscriber-arbitrary-database-update-via-linksy-search-and-replace-item-details-vulnerability", "https://patchstack.com/database/wordpress/plugin/scoreboard-for-html5-game-lite/vulnerability/wordpress-scoreboard-for-html5-games-lite-plugin-1-2-authenticated-contributor-stored-cross-site-scripting-via-shortcode-attributes-vulnerability", "https://patchstack.com/database/wordpress/plugin/expire-users/vulnerability/wordpress-expire-users-plugin-1-2-2-authenticated-subscriber-privilege-escalation-to-administrator-via-save-extra-user-profile-fields-vulnerability", "https://patchstack.com/database/wordpress/theme/jaroti/vulnerability/wordpress-jaroti-theme-1-4-8-reflected-cross-site-scripting-xss-vulnerability", "https://patchstack.com/database/wordpress/plugin/optin/vulnerability/wordpress-wowoptin-next-gen-popup-maker-plugin-1-4-29-unauthenticated-server-side-request-forgery-via-link-parameter-in-rest-api-vulnerability", "https://patchstack.com/database/wordpress/theme/loobek/vulnerability/wordpress-loobek-theme-1-5-2-reflected-cross-site-scripting-xss-vulnerability", "https://patchstack.com/database/wordpress/theme/miti/vulnerability/wordpress-miti-theme-1-5-3-reflected-cross-site-scripting-xss-vulnerability", "https://patchstack.com/database/wordpress/plugin/motta-addons/vulnerability/wordpress-motta-addons-plugin-1-6-1-reflected-cross-site-scripting-xss-vulnerability", "https://patchstack.com/database/wordpress/plugin/faq-builder-ays/vulnerability/wordpress-faq-builder-ays-plugin-1-8-2-cross-site-scripting-xss-vulnerability", "https://patchstack.com/database/wordpress/plugin/wordpress-seo/vulnerability/wordpress-yoast-seo-plugin-27-1-1-authenticated-contributor-stored-cross-site-scripting-via-jsontext-block-attribute-vulnerability", "https://patchstack.com/database/wordpress/plugin/vagaro-booking-widget/vulnerability/wordpress-vagaro-booking-widget-plugin-0-3-unauthenticated-stored-cross-site-scripting-via-vagaro-code-vulnerability", "https://patchstack.com/database/wordpress/plugin/rexcrawler/vulnerability/wordpress-rexcrawler-plugin-1-0-15-reflected-cross-site-scripting-via-url-and-regex-parameters-vulnerability", "https://patchstack.com/database/wordpress/plugin/wpfaqblock/vulnerability/wordpress-wpfaqblock-faq-accordion-plugin-for-gutenberg-plugin-1-1-authenticated-contributor-stored-cross-site-scripting-via-class-shortcode-attribute-vulnerability", "https://patchstack.com/database/wordpress/plugin/gallery-for-ultimate-member/vulnerability/wordpress-video-photo-gallery-for-ultimate-member-plugin-1-1-1-reflected-cross-site-scripting-vulnerability", "https://patchstack.com/database/wordpress/plugin/alfie-the-productfeedtool-wp-plugin/vulnerability/wordpress-alfie-feed-plugin-plugin-1-2-1-cross-site-request-forgery-to-stored-cross-site-scripting-via-naam-parameter-vulnerability", "https://patchstack.com/database/wordpress/plugin/comment-genius/vulnerability/wordpress-comment-genius-plugin-1-2-5-reflected-cross-site-scripting-via-server-php-self-vulnerability", "https://patchstack.com/database/wordpress/plugin/wp-webauthn/vulnerability/wordpress-wp-webauthn-plugin-1-3-4-unauthenticated-stored-cross-site-scripting-vulnerability", "https://patchstack.com/database/wordpress/plugin/arforms-form-builder/vulnerability/wordpress-arforms-plugin-1-7-2-unauthenticated-blind-arbitrary-shortcode-execution-vulnerability", "https://patchstack.com/database/wordpress/plugin/postaffiliatepro/vulnerability/wordpress-post-affiliate-pro-plugin-1-28-0-authenticated-administrator-server-side-request-forgery-via-post-affiliate-pro-url-field-vulnerability", "https://patchstack.com/database/wordpress/plugin/import-users-from-csv-with-meta/vulnerability/wordpress-import-and-export-users-and-customers-plugin-1-29-7-privilege-escalation-to-administrator-via-save-extra-user-profile-fields-vulnerability", "https://patchstack.com/database/wordpress/plugin/king-addons/vulnerability/wordpress-king-addons-for-elementor-plugin-51-1-49-unauthenticated-api-keys-disclosure-vulnerability", "https://patchstack.com/database/wordpress/plugin/ultimate-shortcodes-creator/vulnerability/wordpress-shortcodes-blocks-creator-ultimate-plugin-2-2-0-reflected-cross-site-scripting-via-page-vulnerability", "https://patchstack.com/database/wordpress/plugin/ultimate-shortcodes-creator/vulnerability/wordpress-shortcodes-blocks-creator-ultimate-plugin-2-2-0-reflected-cross-site-scripting-via-wpnonce-vulnerability", "https://patchstack.com/database/wordpress/plugin/wp-job-portal/vulnerability/wordpress-wp-job-portal-plugin-2-4-8-unauthenticated-sql-injection-via-radius-parameter-vulnerability", "https://patchstack.com/database/wordpress/plugin/wp-graphql/vulnerability/wordpress-wpgraphql-plugin-2-9-1-broken-access-control-vulnerability", "https://patchstack.com/database/wordpress/plugin/woo-product-filter/vulnerability/wordpress-product-filter-for-woocommerce-by-wbw-plugin-3-1-2-missing-authorization-to-unauthenticated-filter-data-deletion-via-truncate-table-vulnerability", "https://patchstack.com/database/wordpress/plugin/shapepress-dsgvo/vulnerability/wordpress-wp-dsgvo-tools-gdpr-plugin-3-1-38-missing-authorization-to-unauthenticated-account-destruction-of-non-admin-users-vulnerability", "https://patchstack.com/database/wordpress/plugin/jetformbuilder/vulnerability/wordpress-jetformbuilder-plugin-3-5-6-2-unauthenticated-arbitrary-file-read-via-media-field-vulnerability", "https://patchstack.com/database/wordpress/plugin/sina-extension-for-elementor/vulnerability/wordpress-sina-extension-for-elementor-plugin-3-7-0-authenticated-contributor-stored-cross-site-scripting-via-fancy-text-widget-and-countdown-widget-vulnerability", "https://patchstack.com/database/wordpress/plugin/jet-engine/vulnerability/wordpress-jetengine-plugin-3-8-6-1-unauthenticated-sql-injection-via-listing-grid-filtered-query-parameter-vulnerability", "https://wordpress.org/news/2025/06/dropping-security-updates-for-wordpress-versions-4-1-through-4-6/", "https://patchstack.com/database/wordpress/plugin/smart-slider-3/vulnerability/wordpress-smart-slider-3-plugin-3-5-1-33-authenticated-subscriber-arbitrary-file-read-via-actionexportall-vulnerability", "https://patchstack.com/database/wordpress/plugin/contest-gallery/vulnerability/wordpress-contest-gallery-plugin-28-1-5-unauthenticated-privilege-escalation-admin-account-takeover-via-registration-confirmation-email-to-id-type-confusion-vulnerability", "https://patchstack.com/database/wordpress/plugin/bwl-advanced-faq-manager-lite/vulnerability/wordpress-bwl-advanced-faq-manager-lite-plugin-1-1-1-authenticated-contributor-stored-cross-site-scripting-via-sbox-id-shortcode-attribute-vulnerability", "https://patchstack.com/database/wordpress/plugin/pagelayer/vulnerability/wordpress-pagelayer-plugin-2-0-7-improper-neutralization-of-crlf-sequences-to-unauthenticated-email-header-injection-via-email-vulnerability", "https://patchstack.com/database/wordpress/plugin/quick-adsense-reloaded/vulnerability/wordpress-quads-ads-manager-for-google-adsense-plugin-2-0-98-1-authenticated-contributor-stored-cross-site-scripting-via-multiple-ad-metadata-parameters-vulnerability", "https://patchstack.com/database/wordpress/plugin/pepro-ultimate-invoice/vulnerability/wordpress-peprodev-ultimate-invoice-plugin-2-2-6-unauthenticated-invoice-archive-download-vulnerability", "https://patchstack.com/database/wordpress/plugin/simple-download-counter/vulnerability/wordpress-simple-download-counter-plugin-2-3-authenticated-contributor-stored-cross-site-scripting-via-text-shortcode-attribute-vulnerability", "https://patchstack.com/database/wordpress/plugin/dsgvo-leaflet-map/vulnerability/wordpress-dsgvo-snippet-for-leaflet-map-and-its-extensions-plugin-3-1-authenticated-contributor-stored-cross-site-scripting-via-unset-attribute-vulnerability", "https://patchstack.com/database/wordpress/plugin/ameliabooking/vulnerability/wordpress-amelia-booking-pro-plugin-9-1-2-authenticated-customer-insecure-direct-object-reference-to-arbitrary-user-password-change-vulnerability", "https://patchstack.com/database/wordpress/plugin/conditional-menus/vulnerability/wordpress-conditional-menus-plugin-1-2-6-cross-site-request-forgery-to-menu-options-update-vulnerability", "https://patchstack.com/database/wordpress/plugin/twentig/vulnerability/wordpress-twentig-plugin-1-9-7-authenticated-contributor-stored-cross-site-scripting-via-featuredimagesizewidth-vulnerability", "https://patchstack.com/database/wordpress/plugin/learning-management-system/vulnerability/wordpress-masteriyo-lms-plugin-2-1-6-missing-authorization-to-authenticated-student-privilege-escalation-to-administrator-vulnerability", "https://patchstack.com/database/wordpress/plugin/wp-job-portal/vulnerability/wordpress-wp-job-portal-plugin-2-4-9-authenticated-subscriber-arbitrary-file-deletion-via-resume-custom-file-field-vulnerability", "https://patchstack.com/database/wordpress/plugin/sureforms/vulnerability/wordpress-sureforms-plugin-2-5-2-unauthenticated-payment-amount-validation-bypass-via-form-id-vulnerability", "https://patchstack.com/database/wordpress/plugin/trx_addons/vulnerability/wordpress-themerex-addons-plugin-2-38-5-unauthenticated-arbitrary-file-upload-vulnerability", "https://patchstack.com/database/wordpress/plugin/js-support-ticket/vulnerability/wordpress-js-help-desk-ai-powered-support-ticketing-system-plugin-3-0-4-unauthenticated-sql-injection-via-multiformid-parameter-vulnerability", "https://patchstack.com/database/wordpress/plugin/truebooker-appointment-booking/vulnerability/wordpress-truebooker-appointment-booking-and-scheduler-plugin-plugin-1-1-4-sensitive-information-exposure-via-views-files-vulnerability", "https://patchstack.com/database/wordpress/plugin/ibtana-visual-editor/vulnerability/wordpress-ibtana-wordpress-website-builder-plugin-1-2-5-7-authenticated-contributor-stored-cross-site-scripting-via-shortcode-vulnerability", "https://patchstack.com/database/wordpress/plugin/debugger-troubleshooter/vulnerability/wordpress-debugger-troubleshooter-plugin-1-3-2-unauthenticated-privilege-escalation-to-administrator-via-cookie-manipulation-vulnerability", "https://patchstack.com/database/wordpress/plugin/contact-form-by-supsystic/vulnerability/wordpress-contact-form-by-supsystic-plugin-1-7-36-unauthenticated-server-side-template-injection-via-prefill-functionality-vulnerability", "https://patchstack.com/database/wordpress/plugin/shared-files/vulnerability/wordpress-shared-files-plugin-1-7-58-contributor-arbitrary-file-download-vulnerability", "https://patchstack.com/database/wordpress/plugin/everest-forms-pro/vulnerability/wordpress-everest-forms-pro-plugin-1-9-12-unauthenticated-remote-code-execution-via-calculation-field-vulnerability", "https://patchstack.com/database/wordpress/plugin/fluent-booking/vulnerability/wordpress-fluent-booking-plugin-2-0-01-unauthenticated-stored-cross-site-scripting-via-multiple-parameters-vulnerability", "https://patchstack.com/database/wordpress/plugin/gravitysmtp/vulnerability/wordpress-gravity-smtp-plugin-2-1-4-unauthenticated-sensitive-information-exposure-via-rest-api-vulnerability", "https://patchstack.com/database/wordpress/plugin/king-addons/vulnerability/wordpress-king-addons-for-elementor-plugin-51-1-38-authenticated-contributor-dom-based-stored-cross-site-scripting-via-multiple-widgets-vulnerability", "https://patchstack.com/database/wordpress/plugin/performance-monitor/vulnerability/wordpress-performance-monitor-plugin-1-0-6-unauthenticated-blind-ssrf-vulnerability", "https://patchstack.com/database/wordpress/plugin/contact-form-entries/vulnerability/wordpress-database-for-contact-form-7-wpforms-elementor-forms-plugin-1-4-9-missing-authorization-to-authenticated-contributor-sensitive-information-exposure-via-shortcode-vulnerability", "https://patchstack.com/database/wordpress/plugin/auto-post-scheduler/vulnerability/wordpress-auto-post-scheduler-plugin-1-84-cross-site-request-forgery-to-stored-cross-site-scripting-via-aps-options-page-vulnerability", "https://patchstack.com/database/wordpress/plugin/ameliabooking/vulnerability/wordpress-amelia-plugin-2-1-2-authenticated-manager-sql-injection-via-sort-parameter-vulnerability", "https://patchstack.com/database/wordpress/plugin/minify-html-markup/vulnerability/wordpress-minify-html-plugin-2-1-12-cross-site-request-forgery-to-plugin-settings-update-vulnerability", "https://patchstack.com/database/wordpress/plugin/kubio/vulnerability/wordpress-kubio-ai-page-builder-plugin-2-7-0-cross-site-scripting-xss-vulnerability", "https://patchstack.com/database/wordpress/plugin/loco-translate/vulnerability/wordpress-loco-translate-plugin-2-8-2-reflected-cross-site-scripting-via-update-href-parameter-vulnerability", "https://patchstack.com/database/wordpress/plugin/w3-total-cache/vulnerability/wordpress-w3-total-cache-plugin-2-9-3-unauthenticated-security-token-exposure-via-user-agent-header-vulnerability", "https://patchstack.com/database/wordpress/plugin/woc-order-alert/vulnerability/wordpress-order-notification-for-woocommerce-plugin-3-6-3-unauthenticated-woocommerce-rest-permission-bypass-vulnerability", "https://patchstack.com/database/wordpress/plugin/profile-builder/vulnerability/wordpress-user-profile-builder-beautiful-user-registration-forms-user-profiles-user-role-editor-plugin-3-15-5-insecure-direct-object-reference-to-authenticated-subscriber-arbitrary-post-author-reassignment-via-avatar-field-vulnerability" ], "version_sync_status": "green", "security_version_count": 55, "last_version_synced_at": "2026-04-02T09:18:45+00:00", "latest_version_evidence": [ "WPScan Vulnerability Database", "Patchstack Database", "WordPress Security News RSS" ], "catalog_source": "", "catalog_reason": "", "auto_cataloged": false, "last_discovered_at": "2025-04-09T00:30:58+00:00", "last_synced_at": "2025-04-09T00:30:58+00:00", "history_backfill_status": "complete", "latest_sync_status": "green", "official_source_covered": true, "advisory_count": 140, "workflow_complete_advisory_count": 140, "version_mapped_advisory_count": 0, "first_advisory_at": "2004-12-31T05:00:00+00:00", "latest_advisory_at": "2025-04-09T00:30:58+00:00", "advisory_ids": [ "wordpress--06006e9fb7", "wordpress--06a219901c", "wordpress--10d0d8f3f9", "wordpress--1129617837", "wordpress--12cc024a36", "wordpress--12fca2abea", "wordpress--13ce5128b4", "wordpress--148b831760", "wordpress--14cf81010e", "wordpress--159a635b11", "wordpress--17030a8718", "wordpress--1c6aa83433", "wordpress--213ff5c60e", "wordpress--23d14ed85a", "wordpress--2cd6936b0a", "wordpress--2e850b3e28", "wordpress--2fe5e39d3a", "wordpress--3094ee5dd1", "wordpress--30bd187991", "wordpress--33d0089d9b", "wordpress--37e9df8b25", "wordpress--38e031b62a", "wordpress--3f7222ce61", "wordpress--490100c57e", "wordpress--4dc1ee03ad", "wordpress--57d5f9df5e", "wordpress--58792b4ae0", "wordpress--59276ee314", "wordpress--59d89f1230", "wordpress--5b7e6857ed", "wordpress--5dd8f12e11", "wordpress--5e0f0aa282", "wordpress--5e2c6a493e", "wordpress--5f95d49feb", "wordpress--60c101bf41", "wordpress--63066ed17e", "wordpress--633cea0b87", "wordpress--65236a70e8", "wordpress--6850d32ee1", "wordpress--69a8f91df1", "wordpress--69bed74e7a", "wordpress--6a726d41d8", "wordpress--6d631adfc0", "wordpress--6f46717425", "wordpress--737216664c", "wordpress--76d8cacd47", "wordpress--79882b1d53", "wordpress--7a096bdecd", "wordpress--7a0d2f5c04", "wordpress--80760b9e99", "wordpress--8654fd6af7", "wordpress--88079feb95", "wordpress--8a3a3a86d7", "wordpress--8aac20fdae", "wordpress--8be181bdf7", "wordpress--8f1d763e2e", "wordpress--90ac8d52d0", "wordpress--93ef1b52ba", "wordpress--9a8ddc580f", "wordpress--9afa4252ce", "wordpress--9b87475497", "wordpress--9cce67b3aa", "wordpress--CVE-2004-1559", "wordpress--CVE-2004-1584", "wordpress--CVE-2005-1102", "wordpress--CVE-2005-1687", "wordpress--CVE-2005-1688", "wordpress--CVE-2005-1810", "wordpress--CVE-2005-1921", "wordpress--CVE-2005-2107", "wordpress--CVE-2005-2108", "wordpress--CVE-2005-2109", "wordpress--CVE-2005-2110", "wordpress--CVE-2005-2612", "wordpress--CVE-2005-3330", "wordpress--CVE-2005-4463", "wordpress--CVE-2006-0733", "wordpress--CVE-2006-0985", "wordpress--CVE-2006-0986", "wordpress--CVE-2006-1012", "wordpress--CVE-2006-1263", "wordpress--CVE-2006-1796", "wordpress--CVE-2006-2667", "wordpress--CVE-2006-2702", "wordpress--CVE-2006-3389", "wordpress--CVE-2006-3390", "wordpress--CVE-2006-4028", "wordpress--CVE-2006-4208", "wordpress--CVE-2006-4743", "wordpress--CVE-2006-5705", "wordpress--CVE-2006-6016", "wordpress--CVE-2006-6017", "wordpress--CVE-2006-6808", "wordpress--CVE-2006-6863", "wordpress--CVE-2007-0106", "wordpress--CVE-2007-0107", "wordpress--CVE-2007-0109", "wordpress--CVE-2007-0233", "wordpress--CVE-2007-0262", "wordpress--CVE-2007-0539", "wordpress--CVE-2007-0540", "wordpress--CVE-2007-0541", "wordpress--CVE-2007-1049", "wordpress--CVE-2007-1230", "wordpress--CVE-2007-1244", "wordpress--CVE-2007-1277", "wordpress--CVE-2007-1409", "wordpress--CVE-2007-1599", "wordpress--CVE-2007-1622", "wordpress--CVE-2007-1732", "wordpress--CVE-2007-1893", "wordpress--CVE-2007-1894", "wordpress--a4f0e68ab5", "wordpress--af099a61a6", "wordpress--af95f34447", "wordpress--b467539b2c", "wordpress--b481717d30", "wordpress--b92a24e31a", "wordpress--bbd4d9a5ed", "wordpress--bc834bfe64", "wordpress--c23a850ec3", "wordpress--c346c10a12", "wordpress--c3e95dab52", "wordpress--c8dbf74c29", "wordpress--cac928e94b", "wordpress--d24a559b69", "wordpress--d4a95ae26d", "wordpress--da71cecbfb", "wordpress--db166494f5", "wordpress--dbc90eee65", "wordpress--dc4426e2f6", "wordpress--e61c231e8b", "wordpress--e6d2a6b634", "wordpress--eda217cbfb", "wordpress--eddfccd91d", "wordpress--ee42b86359", "wordpress--ef12da29f9", "wordpress--fea9c161bb", "wordpress--feb9fe6fdd", "wordpress--ffa886d3ac" ], "source_refs": [ { "name": "WordPress Security News RSS", "url": "https://wordpress.org/news/category/security/feed/", "kind": "rss-feed", "status": "active", "bucket": "official_sources", "official": true }, { "name": "NVD WordPress", "url": null, "kind": "nvd-search", "status": "retired", "bucket": "official_sources", "official": true }, { "name": "Wordfence Vulnerability Database", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/", "kind": "html-links", "status": "active", "bucket": "ecosystem_sources", "official": false }, { "name": "Patchstack Database", "url": "https://patchstack.com/database/", "kind": "html-links", "status": "active", "bucket": "ecosystem_sources", "official": false }, { "name": "WPScan Vulnerability Database", "url": "https://wpscan.com/blog/", "kind": "html-links", "status": "active", "bucket": "ecosystem_sources", "official": false }, { "name": "PortSwigger Research", "url": "https://portswigger.net/research", "kind": "html-links", "status": "active", "bucket": "research_sources", "official": false } ] }