[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fBkSthF7a62PPHNaHQgFxrcEDmauYGYqRuyXuDV5uhks":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":13,"vuln_count":26,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":47,"crawl_stats":36,"alternatives":55,"analysis":152,"fingerprints":197},"branded-social-images","Branded Social Images – Open Graph Images with logo and extra text layer","1.1.4","Acato","https:\u002F\u002Fprofiles.wordpress.org\u002Facato\u002F","\u003Cp>Branded social images (open graph images) in just a few clicks.\u003C\u002Fp>\n\u003Cp>This plugin creates branded social images to match with your company’s style. Including a company logo and title.\u003Cbr \u002F>\nThese open graph images can either be auto-generated for the entire site or you have the option to overrule this per page\u002Fpost.\u003C\u002Fp>\n\u003Cp>Works with every (public) post-type in WordPress!\u003C\u002Fp>\n\u003Cp>Also tested with WOOCommerce.\u003C\u002Fp>\n\u003Cp>The version 2.0.0 branch even supports taxonomies, so you can brand your category and tag pages as well! Check it out on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Facato-plugins\u002Fbranded-social-images\" title=\"Branded Social Images on GitHub\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>\u003C\u002Fp>\n","The simplest way to brand your social images. Provide all your social images (Open Graph images) with your brand en text. In just a few clicks.",1000,14455,100,3,"2025-05-31T06:37:00.000Z","6.8.5","4.7","7.4",[20,21,22,23],"og-image","open-graph","open-graph-image","social-image","https:\u002F\u002Fgithub.com\u002Facato-plugins\u002Fbranded-social-images","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbranded-social-images.1.1.4.zip",1,0,"2023-03-20 00:00:00","2026-03-15T15:16:48.613Z",[31],{"id":32,"url_slug":33,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":38,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":28,"updated_date":43,"references":44,"days_to_patch":46},"CVE-2023-28536","branded-social-images-missing-authorization-leading-to-unauthenticated-plugin-settings-updates","Branded Social Images \u003C= 1.1.0 - Missing Authorization leading to Unauthenticated Plugin Settings Updates","The Branded Social Images plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'process_post' function in versions up to, and including, 1.1.0. This makes it possible for unauthenticated attackers to view and change the plugin settings.",null,"\u003C=1.1.0","1.1.1","medium",5.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Missing Authorization","2024-01-22 19:56:02",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F2cbc0b70-c8a4-4924-a67f-cea81ab19cdc?source=api-prod",309,{"slug":48,"display_name":7,"profile_url":8,"plugin_count":49,"total_installs":50,"avg_security_score":51,"avg_patch_time_days":52,"trust_score":53,"computed_at":54},"acato",4,12040,97,107,77,"2026-04-04T15:45:37.865Z",[56,79,97,115,132],{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":66,"num_ratings":67,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":71,"tags":72,"homepage":76,"download_link":77,"security_score":78,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"wp-social-preview","WP Social Preview","1.0.2","Iain Poulson","https:\u002F\u002Fprofiles.wordpress.org\u002Fpolevaultweb\u002F","\u003Cp>WP Social Preview is a WordPress plugin that let’s you preview how your content will look on social media sites such as Facebook, Twitter, Pinterest etc. before you share it. It also allows you to change the title, description and image for individual posts and pages by allowing you to edit the open graph meta tags of your content without touching any code!\u003C\u002Fp>\n\u003Cp>Plugin features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>See a full-size preview of how your posts and pages will look on social media sites before you share them.\u003C\u002Fli>\n\u003Cli>Use a custom title, description and image for individual posts and pages.\u003C\u002Fli>\n\u003Cli>Set a fallback image used for posts without a featured image and tag\u002Fcategory archives.\u003C\u002Fli>\n\u003Cli>Customize the title, description and image used on the front-page of your site.\u003C\u002Fli>\n\u003Cli>Automatically use the correct size and aspect ratio for images when sharing on social media sites.\u003C\u002Fli>\n\u003Cli>Automatically output open graph meta tags used by sites such as Google, Facebook, Twitter etc.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For more info see \u003Ca href=\"https:\u002F\u002Fwpsocialpreview.com\u002F\" rel=\"nofollow ugc\">wpsocialpreview.com\u003C\u002Fa>.\u003C\u002Fp>\n","Increase social media engagement by previewing and managing how your content will look on social media sites before sharing it!",900,8227,70,2,"2022-11-19T07:05:00.000Z","6.1.10","5.3","7.1",[21,73,23,74,75],"social","social-sharing","twitter-card","https:\u002F\u002Fwpsocialpreview.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-social-preview.1.0.2.zip",85,{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":87,"downloaded":88,"rating":89,"num_ratings":14,"last_updated":90,"tested_up_to":16,"requires_at_least":70,"requires_php":91,"tags":92,"homepage":95,"download_link":96,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"sharing-image","Sharing Image","3.7","Anton Lukin","https:\u002F\u002Fprofiles.wordpress.org\u002Fantonlukin\u002F","\u003Cp>Sharing Image is a WordPress plugin for generating sharing posters in social networks. Allows you to use text, watermarks and various filters. It is possible to create different posters for any posts types, archives and taxonomies. Compatible with various SEO plugins.\u003C\u002Fp>\n\u003Cp>Custom posters draw attention to your social media links and make them stand out from the rest in your feed. You can also place your company logo as a watermark to increase your brand awareness. If you are posting video or audio, it can be a good idea to add a play icon to your poster to help users identify the type of content.\u003C\u002Fp>\n\u003Ch4>Get support\u003C\u002Fh4>\n\u003Cp>First of all read the \u003Ca href=\"https:\u002F\u002Fwpset.org\u002Fsharing-image\u002F\" rel=\"nofollow ugc\">plugin documentation\u003C\u002Fa>. If you find a bug or want to add new feature to this plugin, create new \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fantonlukin\u002Fsharing-image\u002Fissues\" rel=\"nofollow ugc\">issue\u003C\u002Fa> on Github or send a \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fantonlukin\u002Fsharing-image\u002Fpulls\" rel=\"nofollow ugc\">pull reguest\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Premium\u003C\u002Fh4>\n\u003Cp>The Premium version of the plugin adds new features and helps the product develop. While the plugin is in beta testing, it is absolutely free.\u003Cbr \u002F>\nRead more on the \u003Ca href=\"https:\u002F\u002Fwpset.org\u002Fsharing-image\u002F#premium\" rel=\"nofollow ugc\">plugin page\u003C\u002Fa>.\u003C\u002Fp>\n","Sharing Image is a WordPress plugin for generating sharing posters in social networks.",600,15571,94,"2025-07-26T22:53:00.000Z","5.6",[93,20,80,23,94],"facebook","twitter","https:\u002F\u002Fwpset.org\u002Fsharing-image\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsharing-image.3.7.zip",{"slug":98,"name":99,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":105,"downloaded":106,"rating":13,"num_ratings":49,"last_updated":107,"tested_up_to":16,"requires_at_least":108,"requires_php":18,"tags":109,"homepage":113,"download_link":114,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"mightyshare","MightyShare – Auto-Generated Social Media Images","1.3.20","MightyShare","https:\u002F\u002Fprofiles.wordpress.org\u002Fmightyshare\u002F","\u003Ch3>MIGHTYSHARE: GENERATE SOCIAL SHARE OPEN GRAPH IMAGES\u003C\u002Fh3>\n\u003Cp>Automatically generate social share preview images (also known as Open Graph images) with \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fmightyshare.io\u002F\" rel=\"nofollow ugc\">MightyShare\u003C\u002Fa>\u003C\u002Fstrong>! MightyShare takes your post title and featured image to generate a beautiful share image for your content. Compatible with posts, pages, and custom post types your social shares will look stunning in no time. Customize \u003Ca href=\"https:\u002F\u002Fmightyshare.io\u002Ftemplates\u002F\" rel=\"nofollow ugc\">templates\u003C\u002Fa> with your brand colors, logo, and more.\u003C\u002Fp>\n\u003Cp>To use the plugin you’ll need to \u003Ca href=\"https:\u002F\u002Fmightyshare.io\u002Fregister\u002F\" rel=\"nofollow ugc\">create a free MightyShare account\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>HOW DOES IT WORK?\u003C\u002Fh3>\n\u003Cp>MightyShare sends your post’s title, featured image, and post meta data to our server to generate a social share image on the fly using your API Key.\u003C\u002Fp>\n\u003Ch3>FEATURES\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Automatically generate social share images\u003C\u002Fstrong> for posts and pages!\u003C\u002Fli>\n\u003Cli>Perfect solution for branded social images.\u003C\u002Fli>\n\u003Cli>Robust customization.\u003C\u002Fli>\n\u003Cli>SEO plugin compatibility: Yoast SEO, RankMath, All in One SEO, The SEO Framework, Slim SEO, Squirrly SEO, and SEOPress.\u003C\u002Fli>\n\u003Cli>Adds open graph meta tags if you don’t have an SEO plugin.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multiple \u003Ca href=\"https:\u002F\u002Fmightyshare.io\u002Ftemplates\u002F\" rel=\"nofollow ugc\">templates\u003C\u002Fa>\u003C\u002Fstrong> to choose from.\u003C\u002Fli>\n\u003Cli>New templates added all the time!\u003C\u002Fli>\n\u003Cli>Works with custom post types.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmightyshare.io\u002Fdocs\u002Ffilters\u002F\" rel=\"nofollow ugc\">Developer hooks\u003C\u002Fa> for creating just about anything!\u003C\u002Fli>\n\u003Cli>Pick any Google Font to use in templates for paid plans.\u003C\u002Fli>\n\u003Cli>Option to screenshot pages themselves for social images.\u003C\u002Fli>\n\u003C\u002Ful>\n","Automatically generate social share preview images with MightyShare!",200,9628,"2025-04-09T01:23:00.000Z","5.4",[21,110,111,112,75],"open-graph-images","social-media","social-preview","https:\u002F\u002Fmightyshare.io\u002Fwordpress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmightyshare.1.3.20.zip",{"slug":116,"name":117,"version":118,"author":119,"author_profile":120,"description":121,"short_description":122,"active_installs":13,"downloaded":123,"rating":13,"num_ratings":67,"last_updated":124,"tested_up_to":16,"requires_at_least":125,"requires_php":91,"tags":126,"homepage":130,"download_link":131,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"opengraph-xyz","Dynamic Open Graph Images – OpenGraph.xyz","1.5.1","OpenGraph.xyz","https:\u002F\u002Fprofiles.wordpress.org\u002Fopengraphxyz\u002F","\u003Cp>Enable dynamic and automatic updates of Open Graph images across your website. This plugin allows you to choose from an array of templates, both free and premium, ensuring your social media previews are always eye-catching and brand-aligned.\u003C\u002Fp>\n\u003Ch3>What is OpenGraph.xyz?\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.opengraph.xyz\u002F\" rel=\"nofollow ugc\">OpenGraph.xyz\u003C\u002Fa> is a SaaS platform designed to enhance your website’s presence on social media. By generating and previewing Open Graph meta tags, OpenGraph.xyz ensures your content stands out when shared. With the introduction of dynamic Open Graph images, your website’s visibility and click-through rates on social media platforms can significantly increase. This plugin brings the power of OpenGraph.xyz directly into your WordPress site, allowing for seamless integration and management.\u003C\u002Fp>\n\u003Ch3>What does this plugin do?\u003C\u002Fh3>\n\u003Cp>Dynamic Open Graph Images – OpenGraph.xyz integrates your WordPress site with OpenGraph.xyz services, enabling:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Automatic generation and updating of Open Graph meta tags.\u003C\u002Fli>\n\u003Cli>Selection from a variety of Open Graph image templates.\u003C\u002Fli>\n\u003Cli>Access to both free and premium templates for diverse customization.\u003C\u002Fli>\n\u003Cli>Enhanced social media previews to attract more clicks and engagement.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Who is this plugin for?\u003C\u002Fh3>\n\u003Cp>This plugin is ideal for website owners, marketers, and content creators who want to boost their social media presence and engagement. Whether you run a blog, an e-commerce site, or a business website, dynamic Open Graph images can help your content capture attention on platforms like Facebook, Twitter, and LinkedIn.\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Ch4>ogcdn.net\u003C\u002Fh4>\n\u003Cp>This is our open graph image generation service to create your og image. The URLs of your generated og:image tags point to this service with data about your page to dynamically create the images.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.opengraph.xyz\u002Fpage\u002Fterms-of-service\" rel=\"nofollow ugc\">Terms of Service\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.opengraph.xyz\u002Fpage\u002Fprivacy-policy\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>api.opengraph.xyz\u003C\u002Fh4>\n\u003Cp>This is our service for the og image templates. This service will be accessed when you view and choose image templates for your pages.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.opengraph.xyz\u002Fpage\u002Fterms-of-service\" rel=\"nofollow ugc\">Terms of Service\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.opengraph.xyz\u002Fpage\u002Fprivacy-policy\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>\u003C\u002Fp>\n","Enhance your WordPress site with dynamic Open Graph images.",3605,"2026-03-03T17:51:00.000Z","5.0",[127,128,129,20,21],"dynamic-og-image","images","meta-tags","https:\u002F\u002Fgithub.com\u002Fopengraph-xyz\u002Fopengraph-wp","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fopengraph-xyz.1.5.1.zip",{"slug":133,"name":134,"version":135,"author":136,"author_profile":137,"description":138,"short_description":139,"active_installs":140,"downloaded":141,"rating":13,"num_ratings":26,"last_updated":142,"tested_up_to":143,"requires_at_least":144,"requires_php":142,"tags":145,"homepage":149,"download_link":150,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":151},"ogpanic","OGPanic","1.0.14","RJ","https:\u002F\u002Fprofiles.wordpress.org\u002Frakuraku\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fogpanic.com\" rel=\"nofollow ugc\">OGPanic\u003C\u002Fa> is an enhancement for WordPress posts when the links are shared on social media. Social medias like Facebook and Twitter using The \u003Ca href=\"http:\u002F\u002Fogp.me\u002F\" rel=\"nofollow ugc\">Open Graph protocol\u003C\u002Fa> to display featured image and title of the post.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fogpanic.com\" rel=\"nofollow ugc\">OGPanic\u003C\u002Fa> goes one step further: It adds the title and category info to the featured image and make your posts stand out when shared on social medias.\u003C\u002Fp>\n","OGPanic generates beautiful og-images automatically from your post's title, featured image and etc.",10,1767,"","5.3.21","5.0.1",[93,146,20,147,148],"image","ogp","open-graph-protocol","https:\u002F\u002Fogpanic.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fogpanic.1.0.14.zip","2026-03-15T10:48:56.248Z",{"attackSurface":153,"codeSignals":169,"taintFlows":181,"riskAssessment":182,"analyzedAt":196},{"hooks":154,"ajaxHandlers":165,"restRoutes":166,"shortcodes":167,"cronEvents":168,"entryPointCount":27,"unprotectedCount":27},[155,161],{"type":156,"name":157,"callback":158,"file":159,"line":160},"action","plugins_loaded","init","wp-plugin.php",48,{"type":156,"name":162,"callback":163,"file":159,"line":164},"check_ajax_referer","closure",54,[],[],[],[],{"dangerousFunctions":170,"sqlUsage":176,"outputEscaping":178,"fileOperations":26,"externalRequests":27,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":180},[171],{"fn":172,"file":173,"line":174,"context":175},"exec","bin\\test.php",6,"$result = exec('\"'. $d . '\u002Fdwebp\" \"'. $d . '\u002Ftest.webp\" -o \"' . $d . '\u002Ftest.png\"');",{"prepared":27,"raw":27,"locations":177},[],{"escaped":27,"rawEcho":27,"locations":179},[],[],[],{"summary":183,"deductions":184},"The branded-social-images plugin v1.1.4 presents a mixed security profile.  On the positive side, the static analysis shows a remarkably clean codebase in several areas. There are no observed AJAX handlers, REST API routes, shortcodes, or cron events, indicating a very limited attack surface. Furthermore, all SQL queries are properly prepared, and all output is correctly escaped, which are strong indicators of good security practices. The absence of taint analysis findings with unsanitized paths is also a positive sign.\n\nHowever, significant concerns arise from the presence of a dangerous function (`exec`) and a lack of capability checks and nonce checks. The `exec` function, if used improperly with user-supplied input, can lead to arbitrary code execution. The absence of capability checks on any potential entry points means that even if there were any, they might be accessible to users without the necessary permissions. The previous vulnerability history, particularly the medium severity issue related to missing authorization, further highlights a pattern of potential authorization bypasses or privilege escalation vulnerabilities within the plugin.\n\nWhile the current version shows no unpatched CVEs and a limited attack surface, the presence of `exec` without evident authorization controls is a critical risk. The history of authorization issues suggests that the developers may struggle with correctly implementing permission checks. The strengths in SQL and output escaping are overshadowed by the potential for command injection and the recurring authorization weaknesses. Therefore, users should exercise caution and consider the implications of using a plugin with these identified risks.",[185,188,190,193],{"reason":186,"points":187},"Presence of dangerous function 'exec'",15,{"reason":189,"points":140},"Missing capability checks",{"reason":191,"points":192},"Missing nonce checks",8,{"reason":194,"points":195},"Previous medium severity vulnerability",7,"2026-03-16T19:10:26.562Z",{"wat":198,"direct":211},{"assetPaths":199,"generatorPatterns":204,"scriptPaths":205,"versionParams":206},[200,201,202,203],"\u002Fwp-content\u002Fplugins\u002Fbranded-social-images\u002Fassets\u002Fcss\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Fbranded-social-images\u002Fassets\u002Fcss\u002Ffrontend.css","\u002Fwp-content\u002Fplugins\u002Fbranded-social-images\u002Fassets\u002Fjs\u002Fadmin.js","\u002Fwp-content\u002Fplugins\u002Fbranded-social-images\u002Fassets\u002Fjs\u002Ffrontend.js",[],[],[207,208,209,210],"branded-social-images\u002Fassets\u002Fcss\u002Fadmin.css?ver=","branded-social-images\u002Fassets\u002Fcss\u002Ffrontend.css?ver=","branded-social-images\u002Fassets\u002Fjs\u002Fadmin.js?ver=","branded-social-images\u002Fassets\u002Fjs\u002Ffrontend.js?ver=",{"cssClasses":212,"htmlComments":215,"htmlAttributes":233,"restEndpoints":235,"jsGlobals":236,"shortcodeOutput":238},[213,214],"bsi-admin-wrapper","bsi-frontend-wrapper",[216,217,218,219,220,221,222,223,224,225,226,227,228,229,230,231,232],"Note from the developers.","We know the plugin code is not perfect.","There is a lot of room for improvement, but in our","enthusiasm to share this with you, we could not wait for everything to be polished.","We hope you like it and please, encourage others to use the plugin as well.","Found bugs? Need help?","Please visit the WordPress support page;","The code ain't pretty.","I know.","Want to help clean it up?","Want to help improve?","Please visit the GitHub page for this plugin;","Feature wishlist:","This will fix the \"You are not allowed to upload to this post\" error when in admin settings.","This only happens occasionally, most often on Gutenberg enabled WP sites, but once it happens, it keeps happening.","plugin activation\u002Fdeactivation\u002Funinstall hooks","Reference list",[234],"data-bsi-id",[],[237],"window.bsi_admin_params",[]]