{"summary":{"analyzed":true,"build_worthy":false,"build_worthy_family_key":"onsite-conversion-engagement","build_worthy_family_name":"onsite conversion and engagement operations","build_worthy_reason":"This row is supporting evidence for the linked opportunity family; use the family card, not this row, for the build decision.","build_worthy_scope":"opportunity_family","comments_returned":2,"commercial_card_missing_count":0,"commercial_card_status":"complete","commercial_context_status":"linked_opportunity","commercial_context_status_label":"Evidence linked to opportunity","evidence_context_status":"linked_opportunity","evidence_context_status_label":"Evidence linked to opportunity","evidence_role":"supports_opportunity_family","evidence_role_label":"Evidence supporting opportunity family","evidence_role_reason":"This row is supporting evidence for the linked opportunity family; use the family card, not this row, for the build decision.","intelligence_role":"supporting_evidence","intelligence_role_label":"Supporting evidence","is_build_worthy":false,"opportunity_context_status":"linked_opportunity","opportunity_context_status_label":"Evidence linked to opportunity","opportunity_decision_status":"supporting_evidence","opportunity_decision_status_label":"Supporting evidence","opportunity_relevance":0.9,"plugin_name":"NextScripts: Social Networks Auto-Poster","promotion_reason":"This row is supporting evidence linked to a commercial opportunity family, not the build-worthy opportunity itself.","promotion_status":"linked_opportunity","promotion_status_label":"Evidence linked to opportunity","recommendation_role":"evidence_input","recommendation_role_label":"Evidence input","reply_count":2,"row_is_build_worthy":false,"row_is_opportunity":false,"row_role":"supporting_evidence","row_role_label":"Supporting evidence","sentiment":"complaint","severity":"high","slug":"social-networks-auto-poster-facebook-twitter-g","source":"support","source_link_count":2,"url":"https://wordpress.org/support/topic/reflected-cross-site-scripting-xss-vulnerability-13/","worth_validating":false,"source_count":0,"source_evidence_summary":{"total":32,"source_evidence_rows":4,"source_link_rows":4,"source_count_only_rows":0,"missing_source_evidence_rows":28,"source_evidence_not_applicable_rows":0,"source_link_coverage_percent":12.5,"evidence_required_rows":0,"evidence_required_rows_missing_source_links":0,"build_worthy_rows_missing_source_links":0,"decision_rows_missing_source_links":0,"missing_source_examples":[]},"commercial_readiness":{"total":32,"validation_ready":0,"core_validation_ready_rows":0,"family_wide_validation_ready_rows":0,"core_only_validation_ready_rows":0,"validation_scope_status":"not_ready","validation_scope_label":"Not ready","validation_scope_warning":"","validation_scope_counts":[{"scope":"not_validation_ready","label":"Not validation-ready","count":32}],"blocker_count":62,"caution_count":0,"status_counts":[{"status":"needs_external_proof","label":"Needs outside proof","count":31},{"status":"needs_family_proof","label":"Needs family proof","count":1}],"blocker_counts":[{"label":"Outside proof needed: not validated","count":31},{"label":"Commercial gate not complete: proof blocked","count":31}],"caution_counts":[],"ready_for_buyer_validation":0,"needs_external_proof":31,"needs_family_proof":1,"needs_report":0,"needs_thesis_detail":0,"needs_thesis_sharpening":0,"research_first":0,"research_only":0,"hold":0,"unclassified":0,"core_wedge_validation_ready_rows":0,"full_family_validation_ready_rows":0,"scope_limited_validation_rows":0,"full_family_claim_ready_rows":0,"validation_claim_scope_policy":"Core-only validation rows are worth buyer testing, but they must not be presented as full-family commercial opportunities until family_wide_validation_ready is true."},"commercial_readiness_summary":{"status":"needs_family_proof","label":"Needs family proof","validation_ready":false,"family_key":"onsite-conversion-engagement","family_name":"onsite conversion and engagement operations","decision_bucket":"proof_blocked","decision_bucket_label":"Proof Blocked","proof_status":"validated_core","proof_status_label":"Validated core","commercial_gate_status":"complete","commercial_gate_label":"Gate complete","commercial_gate_passed":7,"commercial_gate_total":7,"commercial_card_status":"complete","commercial_card_complete":true,"commercial_card_missing_count":0,"blockers":[],"blocker_count":0,"cautions":[],"caution_count":0,"next_action":"Finish the missing outside proof, then test buyer urgency with marketing teams: audit sharing display rules, lead capture, trust signals, and campaign attribution.","dossier_url":"/opportunities/families/onsite-conversion-engagement/dossier","dossier_api_url":"/api/opportunities/families/onsite-conversion-engagement/dossier"},"readiness_summary":{"status":"needs_family_proof","label":"Needs family proof","validation_ready":false,"family_key":"onsite-conversion-engagement","family_name":"onsite conversion and engagement operations","decision_bucket":"proof_blocked","decision_bucket_label":"Proof Blocked","proof_status":"validated_core","proof_status_label":"Validated core","commercial_gate_status":"complete","commercial_gate_label":"Gate complete","commercial_gate_passed":7,"commercial_gate_total":7,"commercial_card_status":"complete","commercial_card_complete":true,"commercial_card_missing_count":0,"blockers":[],"blocker_count":0,"cautions":[],"caution_count":0,"next_action":"Finish the missing outside proof, then test buyer urgency with marketing teams: audit sharing display rules, lead capture, trust signals, and campaign attribution.","dossier_url":"/opportunities/families/onsite-conversion-engagement/dossier","dossier_api_url":"/api/opportunities/families/onsite-conversion-engagement/dossier"},"cache_source":"durable_research_stale","cache_age_seconds":10073,"payload_mode":"compact","full_payload_url":"/api/evidence/source?full=true&compact_schema=evidence-source-v2&url=https%3A//wordpress.org/support/topic/reflected-cross-site-scripting-xss-vulnerability-13/&comment_limit=80&text_limit=12000","row_key":"rows","source_row_key":"rows","rows_shown":1,"comments_shown":2,"evidence_summary":{"total":1,"source_evidence_rows":0,"source_link_rows":1,"source_count_only_rows":0,"missing_source_evidence_rows":0,"source_evidence_not_applicable_rows":0,"source_link_coverage_percent":100.0,"evidence_required_rows":0,"evidence_required_rows_missing_source_links":0,"build_worthy_rows_missing_source_links":0,"decision_rows_missing_source_links":0,"missing_source_examples":[]}},"rows":[{"section":"source","row_type":"source","url":"https://wordpress.org/support/topic/reflected-cross-site-scripting-xss-vulnerability-13/","slug":"social-networks-auto-poster-facebook-twitter-g","plugin_name":"NextScripts: Social Networks Auto-Poster","source":"support","sentiment":"complaint","severity":"high","opportunity_relevance":0.9,"reply_count":2,"comments_returned":2,"analyzed":true,"source_link_count":2,"title":"Reflected Cross Site Scripting (XSS) vulnerability","author":"Alpesh","published_at":"2024-06-29T12:57:00+00:00","resolved":false,"collected_at":"2026-05-29T02:47:59+00:00","intent":"problem_report","affected_feature":"security","summary":"Reflected Cross Site Scripting (XSS) vulnerability: users show security, performance pain that may indicate a product gap.","evidence_quote":"Reflected Cross Site Scripting (XSS) vulnerability Hello, According to patch stack this plugin has Reflected Cross Site Scripting (XSS) vulnerability .","confidence":0.68,"analyzed_at":"2026-05-29T02:53:01+00:00","market_key":"sharing","market_name":"Sharing","market_url":"/markets/sharing","opportunity_url":"/opportunities/sharing","family_key":"onsite-conversion-engagement","family_name":"onsite conversion and engagement operations","opportunity_family_key":"onsite-conversion-engagement","opportunity_family_name":"onsite conversion and engagement operations","buyer":"marketing teams, agencies, publishers, and ecommerce operators","what_to_build":"Sharing conversion widget assurance for turning onsite engagement widgets into measurable leads, trust, and conversions","urgent_problem":"Marketing teams waste campaign budget when popups, reviews, quizzes, social proof, or embeds fail to capture leads, slow pages, or lose attribution.","problem":"Marketing teams waste campaign budget when popups, reviews, quizzes, social proof, or embeds fail to capture leads, slow pages, or lose attribution.","competitor_gap":"Gap to test: can buyers audit sharing display rules, lead capture, trust signals, and campaign attribution before onsite conversion, trust-signal, and campaign-widget risk. pain: popup, quiz, review, or conversion-widget reliability risk (9 signals). weak-incumbent evidence...","proof_support":"Proof base: outside proof that buyers already pay around the workflow, paid-adjacent plugin or pricing signals, repeated WordPress pain, and weak incumbent coverage around turning onsite engagement widgets into measurable leads, trust, and conversions.","needs_validation":"finish the missing outside proof, then test buyer urgency with marketing teams: audit sharing display rules, lead capture, trust signals, and campaign attribution.","what_still_needs_validation":"finish the missing outside proof, then test buyer urgency with marketing teams: audit sharing display rules, lead capture, trust signals, and campaign attribution.","commercial_attractiveness":"Commercial pull comes from marketing teams: popups, social proof, reviews, quizzes, and embeds can hurt trust or performance unless teams can prove they work. The first paid wedge is to audit sharing display rules, lead capture, trust signals, and campaign attribution....","first_validation_wedge":"audit sharing display rules, lead capture, trust signals, and campaign attribution","mvp_wedge":"audit sharing display rules, lead capture, trust signals, and campaign attribution","decision_bucket":"proof_blocked","decision_bucket_label":"Proof Blocked","row_role":"supporting_evidence","recommendation_role":"evidence_input","evidence_role":"supports_opportunity_family","promotion_status":"linked_opportunity","promotion_status_label":"Evidence linked to opportunity","promotion_reason":"This row is supporting evidence linked to a commercial opportunity family, not the build-worthy opportunity itself.","is_build_worthy":false,"worth_validating":false,"build_worthy_scope":"opportunity_family","build_worthy_family_key":"onsite-conversion-engagement","opportunity_decision_status":"supporting_evidence","body_summary":"Hello, According to patch stack this plugin has Reflected Cross Site Scripting (XSS) vulnerability . When it will be fixed?...","issue_labels":["security","performance","reliable"],"source_links":[{"source_url":"https://wordpress.org/support/topic/reflected-cross-site-scripting-xss-vulnerability-13/","url":"https://wordpress.org/support/topic/reflected-cross-site-scripting-xss-vulnerability-13/","original_url":"https://wordpress.org/support/topic/reflected-cross-site-scripting-xss-vulnerability-13/","source_page_url":"/evidence/source?url=https%3A%2F%2Fwordpress.org%2Fsupport%2Ftopic%2Freflected-cross-site-scripting-xss-vulnerability-13%2F","source_api_url":"/api/evidence/source?url=https%3A%2F%2Fwordpress.org%2Fsupport%2Ftopic%2Freflected-cross-site-scripting-xss-vulnerability-13%2F"}]}],"plugin":{"active_installs":30000,"api_url":"/api/plugins/social-networks-auto-poster-facebook-twitter-g","downloaded":7441575,"name":"NextScripts: Social Networks Auto-Poster","rating":66.0,"slug":"social-networks-auto-poster-facebook-twitter-g","tags":["autopost","repost","sharing","social media","social networks"],"url":"/plugin/social-networks-auto-poster-facebook-twitter-g"},"conversation":{"url":"https://wordpress.org/support/topic/reflected-cross-site-scripting-xss-vulnerability-13/","slug":"social-networks-auto-poster-facebook-twitter-g","source":"support","title":"Reflected Cross Site Scripting (XSS) vulnerability","author":"Alpesh","published_at":"2024-06-29T12:57:00+00:00","resolved":false,"reply_count":2,"collected_at":"2026-05-29T02:47:59+00:00","body_summary":"Hello, According to patch stack this plugin has Reflected Cross Site Scripting (XSS) vulnerability . When it will be fixed?..."},"analysis":{"affected_feature":"security","analyzed_at":"2026-05-29T02:53:01+00:00","complaint_types":["security","performance"],"confidence":0.68,"conversation_url":"https://wordpress.org/support/topic/reflected-cross-site-scripting-xss-vulnerability-13/","evidence_quote":"Reflected Cross Site Scripting (XSS) vulnerability Hello, According to patch stack this plugin has Reflected Cross Site Scripting (XSS) vulnerability .","intent":"problem_report","issue_labels":["security","performance","reliable"],"model":"heuristic-v1","opportunity_relevance":0.9,"praise_types":["reliable"],"sentiment":"complaint","severity":"high","slug":"social-networks-auto-poster-facebook-twitter-g","source":"support","summary":"Reflected Cross Site Scripting (XSS) vulnerability: users show security, performance pain that may indicate a product gap."},"comments":[{"position":1,"author":"adeparker","published_at":"2024-07-27T09:46:00+00:00","body_summary":"I’d also be very interested to know when this is going to be fixed. Are there any updates from the dev team?"},{"position":2,"author":"Alpesh","published_at":"2024-07-29T06:53:00+00:00","body_summary":"Still no update from the developers. It appears the plugin has been abandoned, which is disappointing since I purchased the pro version."}],"source_links":[{"source_url":"https://wordpress.org/support/topic/reflected-cross-site-scripting-xss-vulnerability-13/","url":"https://wordpress.org/support/topic/reflected-cross-site-scripting-xss-vulnerability-13/","original_url":"https://wordpress.org/support/topic/reflected-cross-site-scripting-xss-vulnerability-13/","source_page_url":"/evidence/source?url=https%3A%2F%2Fwordpress.org%2Fsupport%2Ftopic%2Freflected-cross-site-scripting-xss-vulnerability-13%2F","source_api_url":"/api/evidence/source?url=https%3A%2F%2Fwordpress.org%2Fsupport%2Ftopic%2Freflected-cross-site-scripting-xss-vulnerability-13%2F"},{"source_url":"https://wordpress.org/plugins/social-networks-auto-poster-facebook-twitter-g/","url":"https://wordpress.org/plugins/social-networks-auto-poster-facebook-twitter-g/","original_url":"https://wordpress.org/plugins/social-networks-auto-poster-facebook-twitter-g/","source_page_url":"/plugin/social-networks-auto-poster-facebook-twitter-g","source_api_url":"/api/plugins/social-networks-auto-poster-facebook-twitter-g"}],"source_link_count":2,"market_key":"sharing","market_name":"Sharing","market_url":"/markets/sharing","opportunity_url":"/opportunities/sharing","opportunity_card":{"key":"onsite-conversion-engagement","name":"onsite conversion and engagement operations","family_key":"onsite-conversion-engagement","family_name":"onsite conversion and engagement operations","family_label":"onsite conversion and engagement operations","display_name":"Sharing conversion widget assurance","opportunity_name":"Sharing conversion widget assurance","opportunity_label":"Sharing conversion widget assurance","decision_bucket":"proof_blocked","commercial_readiness_status":"needs_family_proof","commercial_readiness_label":"Needs family proof","validation_ready":false,"is_build_worthy":false,"row_role":"opportunity_family","recommendation_role":"commercial_opportunity_candidate","buyer":"marketing teams, agencies, publishers, and ecommerce operators","who_buys":"marketing teams, agencies, publishers, and ecommerce operators","primary_buyer_segment":"marketing teams","urgent_problem":"Marketing teams waste campaign budget when popups, reviews, quizzes, social proof, or embeds fail to capture leads, slow pages, or lose attribution.","problem":"Marketing teams waste campaign budget when popups, reviews, quizzes, social proof, or embeds fail to capture leads, slow pages, or lose attribution.","pain":"Marketing teams waste campaign budget when popups, reviews, quizzes, social proof, or embeds fail to capture leads, slow pages, or lose attribution.","what_to_build":"Sharing conversion widget assurance for turning onsite engagement widgets into measurable leads, trust, and conversions","first_validation_wedge":"audit sharing display rules, lead capture, trust signals, and campaign attribution","mvp_wedge":"audit sharing display rules, lead capture, trust signals, and campaign attribution","wedge":"audit sharing display rules, lead capture, trust signals, and campaign attribution","source_count":6,"source_link_count":6,"next_action":"Finish the missing outside proof, then test buyer urgency with marketing teams: audit sharing display rules, lead capture, trust signals, and campaign attribution.","family_dossier_url":"/opportunities/families/onsite-conversion-engagement/dossier","opportunity_family_dossier_url":"/opportunities/families/onsite-conversion-engagement/dossier","family_dossier_api_url":"/api/opportunities/families/onsite-conversion-engagement/dossier","opportunity_family_dossier_api_url":"/api/opportunities/families/onsite-conversion-engagement/dossier","urls":{"dossier":"/opportunities/families/onsite-conversion-engagement/dossier","family":"/opportunities?family=onsite-conversion-engagement"},"api_urls":{"dossier":"/api/opportunities/families/onsite-conversion-engagement/dossier","family":"/api/opportunities/families?family=onsite-conversion-engagement"},"family_url":"/opportunities?family=onsite-conversion-engagement","opportunity_family_url":"/opportunities?family=onsite-conversion-engagement","opportunity_family_api_url":"/api/opportunities/families?family=onsite-conversion-engagement","commercial_gate_status":"complete","commercial_gate_label":"Gate complete","commercial_card_status":"complete","commercial_card_missing_count":0},"commercial_card_summary":{"status":"complete","status_label":"complete","missing_count":0,"passed":9,"required":9,"summary":{}},"commercial_card_checklist":[{"key":"what_to_build","label":"What to build","passed":true,"status":"pass","detail":"Sharing conversion widget assurance for turning onsite engagement widgets into measurable leads, trust, and conversions"},{"key":"specific_buyer","label":"Specific buyer","passed":true,"status":"pass","detail":"marketing teams, agencies, publishers, and ecommerce operators"},{"key":"urgent_problem","label":"Urgent problem","passed":true,"status":"pass","detail":"Marketing teams waste campaign budget when popups, reviews, quizzes, social proof, or embeds fail to capture leads, slow pages, or lose attribution."},{"key":"competitor_gap","label":"Competitor gap","passed":true,"status":"pass","detail":"Gap to test: can buyers audit sharing display rules, lead capture, trust signals, and campaign attribution before onsite conversion, trust-signal, and campaign-widget risk. pain: popup, quiz, review, or conversion-widget"}],"family_key":"onsite-conversion-engagement","family_name":"onsite conversion and engagement operations","opportunity_family_key":"onsite-conversion-engagement","opportunity_family_name":"onsite conversion and engagement operations","buyer":"marketing teams, agencies, publishers, and ecommerce operators","what_to_build":"Sharing conversion widget assurance for turning onsite engagement widgets into measurable leads, trust, and conversions","urgent_problem":"Marketing teams waste campaign budget when popups, reviews, quizzes, social proof, or embeds fail to capture leads, slow pages, or lose attribution.","problem":"Marketing teams waste campaign budget when popups, reviews, quizzes, social proof, or embeds fail to capture leads, slow pages, or lose attribution.","competitor_gap":"Gap to test: can buyers audit sharing display rules, lead capture, trust signals, and campaign attribution before onsite conversion, trust-signal, and campaign-widget risk. pain: popup, quiz, review, or conversion-widget reliability risk (9 signals). weak-incumbent evidence gives 89 teardown signal(s). Entry wedge: audit sharing display rules, lead capture, trust signals, and campaign attribution.","proof_support":"Proof base: outside proof that buyers already pay around the workflow, paid-adjacent plugin or pricing signals, repeated WordPress pain, and weak incumbent coverage around turning onsite engagement widgets into measurable leads, trust, and conversions.","needs_validation":"finish the missing outside proof, then test buyer urgency with marketing teams: audit sharing display rules, lead capture, trust signals, and campaign attribution.","what_still_needs_validation":"finish the missing outside proof, then test buyer urgency with marketing teams: audit sharing display rules, lead capture, trust signals, and campaign attribution.","commercial_attractiveness":"Commercial pull comes from marketing teams: popups, social proof, reviews, quizzes, and embeds can hurt trust or performance unless teams can prove they work. The first paid wedge is to audit sharing display rules, lead capture, trust signals, and campaign attribution. Revenue can come from A/B tests, targeting rules, conversion reports, social proof controls, and agency dashboards.","first_validation_wedge":"audit sharing display rules, lead capture, trust signals, and campaign attribution","mvp_wedge":"audit sharing display rules, lead capture, trust signals, and campaign attribution","decision_bucket":"proof_blocked","decision_bucket_label":"Proof Blocked","api_urls":{"evidence":"/api/evidence?slug=social-networks-auto-poster-facebook-twitter-g","market":"/markets/sharing","opportunity":"/opportunities/sharing","plugin":"/api/plugins/social-networks-auto-poster-facebook-twitter-g","source":"/api/evidence/source?url=https%3A%2F%2Fwordpress.org%2Fsupport%2Ftopic%2Freflected-cross-site-scripting-xss-vulnerability-13%2F","wordpress":"https://wordpress.org/support/topic/reflected-cross-site-scripting-xss-vulnerability-13/","family":"/api/opportunities/families?family=onsite-conversion-engagement","dossier":"/api/opportunities/families/onsite-conversion-engagement/dossier"},"commercial_readiness":{"total":32,"validation_ready":0,"core_validation_ready_rows":0,"family_wide_validation_ready_rows":0,"core_only_validation_ready_rows":0,"validation_scope_status":"not_ready","validation_scope_label":"Not ready","validation_scope_warning":"","validation_scope_counts":[{"scope":"not_validation_ready","label":"Not validation-ready","count":32}],"blocker_count":62,"caution_count":0,"status_counts":[{"status":"needs_external_proof","label":"Needs outside proof","count":31},{"status":"needs_family_proof","label":"Needs family proof","count":1}],"blocker_counts":[{"label":"Outside proof needed: not validated","count":31},{"label":"Commercial gate not complete: proof blocked","count":31}],"caution_counts":[],"ready_for_buyer_validation":0,"needs_external_proof":31,"needs_family_proof":1,"needs_report":0,"needs_thesis_detail":0,"needs_thesis_sharpening":0,"research_first":0,"research_only":0,"hold":0,"unclassified":0,"core_wedge_validation_ready_rows":0,"full_family_validation_ready_rows":0,"scope_limited_validation_rows":0,"full_family_claim_ready_rows":0,"validation_claim_scope_policy":"Core-only validation rows are worth buyer testing, but they must not be presented as full-family commercial opportunities until family_wide_validation_ready is true."},"readiness_summary":{"total":32,"validation_ready":0,"core_validation_ready_rows":0,"family_wide_validation_ready_rows":0,"core_only_validation_ready_rows":0,"validation_scope_status":"not_ready","validation_scope_label":"Not ready","validation_scope_warning":"","validation_scope_counts":[{"scope":"not_validation_ready","label":"Not validation-ready","count":32}],"blocker_count":62,"caution_count":0,"status_counts":[{"status":"needs_external_proof","label":"Needs outside proof","count":31},{"status":"needs_family_proof","label":"Needs family proof","count":1}],"blocker_counts":[{"label":"Outside proof needed: not validated","count":31},{"label":"Commercial gate not complete: proof blocked","count":31}],"caution_counts":[],"ready_for_buyer_validation":0,"needs_external_proof":31,"needs_family_proof":1,"needs_report":0,"needs_thesis_detail":0,"needs_thesis_sharpening":0,"research_first":0,"research_only":0,"hold":0,"unclassified":0,"core_wedge_validation_ready_rows":0,"full_family_validation_ready_rows":0,"scope_limited_validation_rows":0,"full_family_claim_ready_rows":0,"validation_claim_scope_policy":"Core-only validation rows are worth buyer testing, but they must not be presented as full-family commercial opportunities until family_wide_validation_ready is true."},"evidence_summary":{"total":1,"source_evidence_rows":0,"source_link_rows":1,"source_count_only_rows":0,"missing_source_evidence_rows":0,"source_evidence_not_applicable_rows":0,"source_link_coverage_percent":100.0,"evidence_required_rows":0,"evidence_required_rows_missing_source_links":0,"build_worthy_rows_missing_source_links":0,"decision_rows_missing_source_links":0,"missing_source_examples":[]},"cache":{"source":"durable_research_stale","generated_at":"2026-06-10T15:33:02+00:00","age_seconds":10073},"row_role":"supporting_evidence","recommendation_role":"evidence_input","evidence_role":"supports_opportunity_family","promotion_status":"linked_opportunity","promotion_status_label":"Evidence linked to opportunity","promotion_reason":"This row is supporting evidence linked to a commercial opportunity family, not the build-worthy opportunity itself.","is_build_worthy":false,"worth_validating":false,"build_worthy_scope":"opportunity_family","build_worthy_family_key":"onsite-conversion-engagement","opportunity_decision_status":"supporting_evidence"}