[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fwx-PJvdJjasqalmPu0AQQAnRXZ0vANFi2zU6qKFvZx4":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":38,"analysis":142,"fingerprints":397},"bst-share-it","BST share iT","1.0.9","amargolf","https:\u002F\u002Fprofiles.wordpress.org\u002Famargolf\u002F","\u003Ch4>German (de-DE)\u003C\u002Fh4>\n\u003Cp>Die Datensammelleidenschaft von sozialen Netzwerken wie Facebook, Twitter, Google+, LinkedIn und anderer, ist bekannt. Wichtige Werkzeuge für die Datenerhebung sind die jeweiligen Social Sharing Buttons, die auf einfache Weise in allen Arten von Webseiteninstalliert werden können. Bereits beim Aufruf der Webseite werden dabei Userdaten gesammelt und an die Netzwerke übertragen.\u003Cbr \u002F>\nDieses Verhalten erhöht die Ladezeit der Seite bei vielen Buttons deutlich. Dazu kommt, dieses Verhalten widerspricht geltendem deutschen Recht, da der Nutzer hierbei keine Möglich der Ablehnung oder Zustimmung hat.\u003C\u002Fp>\n\u003Cp>Das WordPress Plugin BST share iT sendet beim Teilen einer Seite keine Nutzerdaten ohne Einwilligung an die sozialen Netzwerke. Die Zählerdaten werden in der Datenbank gespeichert und von dort abgerufen. Synchronisiert werden die Zähler über Scripte auf dem Webserver. Die Netzwerke sehen nur die IP vom Provider.\u003Cbr \u002F>\nDerzeit verfügt BST share iT über Buttons für Facebook, Twitter, Google+, LinkedIn, StumbleIn, Pinterest und XING. Auch ein Mail Button ist integriert. Die Buttons können in Seiten und Beiträgen sowie mit einem Widget in Sitebars angezeigt werden.\u003C\u002Fp>\n\u003Ch4>Demo Seite\u003C\u002Fh4>\n\u003Cp>Besuchen Sie unsere offizielle Plugin Seite  ( http:\u002F\u002Fwww.bst-systemtechnik.de\u002Fwordpress-plugin-rechtskonforme-social-sharing-buttons-mit-bstshareit\u002F ) und informieren Sie sich über BST share iT.\u003C\u002Fp>\n\u003Cp>Holen Sie sich ihr BST share iT jetzt.\u003C\u002Fp>\n\u003Ch4>English (en-EN)\u003C\u002Fh4>\n\u003Cp>The data collecting mania of social networks like Facebook, Twitter, Google+, LinkedIn and others is well known. Important tools for those data collection are the respective social sharing buttons that can be installed in simple manner in all kind of websites. Already when calling the website the Buttons collected and transmitted user data to the networks.\u003C\u002Fp>\n\u003Cp>This behavior increase the load time of the page significantly. However, it is also contrary to German law.\u003C\u002Fp>\n\u003Cp>The BST share iT WordPress Plugin does not send user data to the social networks while sharing a page. The counter data are temporarily stored in the database and retrieved from there. BST share iT get this data via scripts on the Web server. The networks see only the IP of the provider.\u003Cbr \u002F>\nCurrently has BST share iT Buttons for Facebook, Twitter, Google+, LinkedIn, Stumble, Pinterest and the German XING. Also a mail button for sharing is available. Buttons can be displayed in pages and posts and with a widget in sidebars.\u003C\u002Fp>\n\u003Ch4>Demo Site\u003C\u002Fh4>\n\u003Cp>Please feel free to visit the plugins offical site ( http:\u002F\u002Fwww.bst-systemtechnik.de\u002Fwordpress-plugin-rechtskonforme-social-sharing-buttons-mit-bstshareit\u002F ) where you can view some demo styles of BST share iT.\u003C\u002Fp>\n\u003Cp>Get BST share iT now.\u003C\u002Fp>\n\u003Ch3>Translations\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>English – default, always included\u003C\u002Fli>\n\u003Cli>German: Deutsch – immer dabei!\u003C\u002Fli>\n\u003C\u002Ful>\n","BST share iT - Die Social-Sharing-Buttons die nicht nach Hause telefonieren und geltendes deutsches Recht beachten.",10,3913,100,1,"2017-12-17T13:40:00.000Z","4.9.29","3.8.0","",[20,21,22,23,24],"add-this","add-to-any","addthis","addtoany","aim","http:\u002F\u002Fwww.bst-systemtechnik.de\u002Fwordpress-plugin-rechtskonforme-social-sharing-buttons-mit-bstshareit\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbst-share-it.1.0.12.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":27,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},2,5010,30,84,"2026-04-04T18:29:15.953Z",[39,58,76,100,120],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":35,"downloaded":47,"rating":48,"num_ratings":33,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":18,"tags":52,"homepage":56,"download_link":57,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"official-markerly-widget","Official Markerly Widget","1.4","markerlyINC","https:\u002F\u002Fprofiles.wordpress.org\u002Fmarkerlyinc\u002F","\u003Cp>This plugin allows you to install Markerly on your WordPress blog.  It’s a social layer that sits on top of your content which prompts users to share when they engage with images, video, and text.  You then will get analytics on the backend when you log into Markerly.\u003C\u002Fp>\n","Instant sharing on text highlight\u002Fselection to Facebook\u002FTwitter and more!",12211,60,"2015-08-07T21:29:00.000Z","4.2.39","3.3",[22,23,53,54,55],"micro-sharing","sharing","text-analytics","http:\u002F\u002Fwww.markerly.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fofficial-markerly-widget.1.2.zip",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":11,"downloaded":66,"rating":13,"num_ratings":33,"last_updated":67,"tested_up_to":68,"requires_at_least":69,"requires_php":18,"tags":70,"homepage":74,"download_link":75,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"smart-social-pack","social share","1.5","quazisazzad","https:\u002F\u002Fprofiles.wordpress.org\u002Fquazisazzad\u002F","\u003Cp>You’ll get there are many option this Social share plugin , By this plugin you can share your blog post,custom type post in many social website, You can design social website icon from dashboard, you can linking you social profile in your website,you can easily design it, also you can Add your facebook page in your website and design all them from dashboard.\u003C\u002Fp>\n\u003Cpre>\u003Ca href=\"https:\u002F\u002Fbit.ly\u002F2KH1Qpx\" rel=\"nofollow ugc\">20 Ways To Make Money Online\u003C\u002Fa>\u003C\u002Fpre>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Responsive Sharing Buttons for Twitter, Facebook, Google Plus, Reddit, Pocket, LinkedIn,  Email  and more\u003C\u002Fli>\n\u003Cli>Ability to hide\u002Fdisplay sharing buttons\u003C\u002Fli>\n\u003Cli>Ability to change color of sharing buttons\u003C\u002Fli>\n\u003Cli>Ability to add your social profile link in your website\u003C\u002Fli>\n\u003Cli>Ability to add your facebook fun page.\u003C\u002Fli>\n\u003Cli>easily you can change button icon design from dashboard\u003C\u002Fli>\n\u003Cli>…and more!\u003C\u002Fli>\n\u003C\u002Ful>\n","social share lets you add Social Share Buttons, liniking social profile, fb page like box in your website!",2233,"2019-07-21T05:22:00.000Z","5.2.24","3.0.1",[20,24,71,72,73],"bookmark","bookmark-button","social-share-plugin","http:\u002F\u002Fsmsoftit.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsmart-social-pack.zip",{"slug":77,"name":78,"version":79,"author":80,"author_profile":81,"description":82,"short_description":83,"active_installs":84,"downloaded":85,"rating":86,"num_ratings":87,"last_updated":88,"tested_up_to":89,"requires_at_least":90,"requires_php":18,"tags":91,"homepage":97,"download_link":98,"security_score":13,"vuln_count":14,"unpatched_count":28,"last_vuln_date":99,"fetched_at":30},"insert-html-snippet","Insert Html Snippet","1.4.3","f1logic","https:\u002F\u002Fprofiles.wordpress.org\u002Ff1logic\u002F","\u003Cp>A quicklook into Insert Html Snippet\u003C\u002Fp>\n\u003Cpre>\u003Ccode>★ Convert HTML snippets to shortcodes\n★ Convert Javascript codes to shortcodes\n★ Convert CSS codes to shortcodes\n★ Support for snippet shortcodes in widgets\n★ Dropdown menu in TinyMCE editor to pick snippet shortcodes easily\n★ Insert adsense or any adcode\n★ Insert addthis or any social bookmarking code\n★ Insert flash, videos etc. to your posts,pages and widgets\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Features in Detail\u003C\u002Fh4>\n\u003Cp>Insert Html Snippet allows you to create shortcodes corresponding to html snippets. You can create a shortcode corresponding to any random HTML code such as ad codes (adsense or any adserver), javascript codes (addthis), video embedding codes, css codes etc. and use the same in your posts, pages or widgets.\u003C\u002Fp>\n\u003Cp>The shortcodes generated using the plugin are easily available as a dropdown in the standard wordpress content editor as well as in widget settings, thereby giving you ease of integrating your HTML snippets with your posts and pages.\u003C\u002Fp>\n\u003Ch4>About\u003C\u002Fh4>\n\u003Cp>Insert Html Snippet is developed and maintained by \u003Ca href=\"http:\u002F\u002Fxyzscripts.com\u002F\" title=\"xyzscripts.com\" rel=\"nofollow ugc\">XYZScripts\u003C\u002Fa>. For any support, you may \u003Ca href=\"http:\u002F\u002Fxyzscripts.com\u002Fsupport\u002F\" title=\"XYZScripts Support\" rel=\"nofollow ugc\">contact us\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>★ \u003Ca href=\"http:\u002F\u002Fhelp.xyzscripts.com\u002Fdocs\u002Finsert-html-snippet\u002Fuser-guide\" rel=\"nofollow ugc\">Insert HTML Snippet User Guide\u003C\u002Fa>\u003Cbr \u002F>\n★ \u003Ca href=\"http:\u002F\u002Fhelp.xyzscripts.com\u002Fdocs\u002Finsert-html-snippet\u002Ffaq\u002F\" rel=\"nofollow ugc\">Insert HTML Snippet FAQ\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>More Information\u003C\u002Fh3>\n\u003Cp>★ \u003Ca href=\"http:\u002F\u002Fhelp.xyzscripts.com\u002Fdocs\u002Finsert-html-snippet\u002Fuser-guide\" rel=\"nofollow ugc\">Insert HTML Snippet User Guide\u003C\u002Fa>\u003Cbr \u002F>\n★ \u003Ca href=\"http:\u002F\u002Fhelp.xyzscripts.com\u002Fdocs\u002Finsert-html-snippet\u002Ffaq\u002F\" rel=\"nofollow ugc\">Insert HTML Snippet FAQ\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Troubleshooting\u003C\u002Fh4>\n\u003Cp>Please read the FAQ first if you are having problems.\u003C\u002Fp>\n\u003Ch4>Requirements\u003C\u002Fh4>\n\u003Cpre>\u003Ccode>WordPress 5.0+\nPHP 7+\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Feedback\u003C\u002Fh4>\n\u003Cp>We would like to receive your feedback and suggestions. You may submit them at our \u003Ca href=\"http:\u002F\u002Fxyzscripts.com\u002Fmembers\u002Fsupport\u002F\" title=\"XYZScripts Support\" rel=\"nofollow ugc\">support desk\u003C\u002Fa>.\u003C\u002Fp>\n","Add HTML, CSS and javascript code to your pages and posts easily using shortcodes.",20000,647890,98,235,"2025-10-23T07:12:00.000Z","6.8.5","5.0",[92,93,94,95,96],"add-html","insert-addthis-code","insert-ads","insert-adsense","insert-html","http:\u002F\u002Fxyzscripts.com\u002Fwordpress-plugins\u002Finsert-html-snippet\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Finsert-html-snippet.1.4.3.zip","2016-11-29 00:00:00",{"slug":101,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":108,"downloaded":109,"rating":110,"num_ratings":111,"last_updated":112,"tested_up_to":113,"requires_at_least":69,"requires_php":18,"tags":114,"homepage":118,"download_link":119,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"uptolike-share","Uptolike Social Share Buttons","1.5.9","na1vez","https:\u002F\u002Fprofiles.wordpress.org\u002Fna1vez\u002F","\u003Cp>\u003Cstrong>Uptolike Social Share Buttons – бесплатный русскоязычный плагин социальных кнопок\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Какие задачи выполняет плагин Uptolike?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Установить на сайте красивые, полностью кастомизрованные социальные кнопки, которые будут нравиться пользователям\u003C\u002Fli>\n\u003Cli>Управлять социальной активностью пользователей на сайте\u003C\u002Fli>\n\u003Cli>Увеличивать показатель шаринга на сайте\u003C\u002Fli>\n\u003Cli>Привлекать новых посетителей из социальных сетей\u003C\u002Fli>\n\u003Cli>Собирать и анализировать статистику социальной активности пользователей\u003C\u002Fli>\n\u003Cli>Корректировать контент-стратегию\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Uptolike – единый интерфейс, откуда можно управлять эффективностью социальных кнопок на сайте, а также собирать и анализировать статистику по лайкам, шарам, количеству возвратов, количеству привлеченных новых пользователей, источниках социального трафика и так далее.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Какие социальные сети поддерживает Uptolike?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Uptolike поддерживает 25 популярных социальных сетей: Вконтакте, Facebook, Одноклассники, Twitter, и т.д.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Уникальные фишки Uptolike\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Полная кастомизация социальных кнопок:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>3 формы\u003C\u002Fli>\n\u003Cli>3 размера\u003C\u002Fli>\n\u003Cli>эффект при наведении (увеличение, поворот по часовой стрелке)\u003C\u002Fli>\n\u003Cli>14 стилей кнопок\u003C\u002Fli>\n\u003Cli>настройка фона кнопок\u003C\u002Fli>\n\u003Cli>выбор цвета текста\u003C\u002Fli>\n\u003Cli>установка размера текста счётчика\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Функция фолловинга\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>Функция цитирования по тексту – выделенный участок текста автоматически предлагается расшарить в социальной сети\u003C\u002Fli>\n\u003Cli>Уникальная статистика социальной активности на сайте\u003C\u002Fli>\n\u003Cli>Кнопки социальных сетей, адаптированные под мобильные устройства\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Uptolike Social Share Buttons – social bookmarking widget with sharing statistics\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What Can You Do With UpToLike Social Share Buttons?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Create custom buttons that will visually appeal to users\u003C\u002Fli>\n\u003Cli>Easily manage social activity online\u003C\u002Fli>\n\u003Cli>Increase online engagement through Shares and Likes\u003C\u002Fli>\n\u003Cli>Attract new visitors from social networks\u003C\u002Fli>\n\u003Cli>Collect and analyze the social activity of users\u003C\u002Fli>\n\u003Cli>Adjust content strategy based on analytics\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>UpToLike is a single interface from which you can manage the appearance and efficiency of social buttons on your site, as well as collect and analyze statistics on\u003Cbr \u002F>\nlikes, shares, returns, new users, sources of social traffic, and more.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Which social networks does UpToLike Social Share Buttons support?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>UpToLike is compatible with 25 popular social networking sites. It supports the following functions: Bookmark, Print, Email, Follow, etc.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Unique Functions of UpToLike Social Share Buttons\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Customization of social buttons:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>3 different shapes\u003C\u002Fli>\n\u003Cli>3 sizes\u003C\u002Fli>\n\u003Cli>Hover effect (increase, clockwise rotation)\u003C\u002Fli>\n\u003Cli>14 button styles\u003C\u002Fli>\n\u003Cli>Button background\u003C\u002Fli>\n\u003Cli>Text color\u003C\u002Fli>\n\u003Cli>Text size of the counter\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Social Media Following\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>Automatic text selection: the system gives you the option to share a highlighted piece of text on a social network\u003C\u002Fli>\n\u003Cli>Gathering unique statistics of social media activity\u003C\u002Fli>\n\u003C\u002Ful>\n","Uptolike Social Share Buttons - social bookmarking widget with sharing statistics.",5000,184541,90,89,"2017-11-28T12:43:00.000Z","4.7.32",[115,22,71,116,117],"1","social-buttons","uptolike","https:\u002F\u002Fuptolike.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuptolike-share.1.5.9.zip",{"slug":121,"name":122,"version":123,"author":124,"author_profile":125,"description":126,"short_description":127,"active_installs":128,"downloaded":129,"rating":13,"num_ratings":14,"last_updated":130,"tested_up_to":131,"requires_at_least":90,"requires_php":132,"tags":133,"homepage":18,"download_link":139,"security_score":140,"vuln_count":33,"unpatched_count":14,"last_vuln_date":141,"fetched_at":30},"hivepress-claim-listings","HivePress Claim Listings","1.1.4","HivePress","https:\u002F\u002Fprofiles.wordpress.org\u002Fhivepress\u002F","\u003Cp>HivePress Claim Listings is an extension for \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fhivepress\u002F\" rel=\"ugc\">HivePress\u003C\u002Fa> plugin. It allows you to charge users for claiming listings.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Flistinghive.hivepress.io\u002F\" rel=\"nofollow ugc\">Demo\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fhelp.hivepress.io\u002F\" rel=\"nofollow ugc\">Docs\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fcommunity.hivepress.io\u002F\" rel=\"nofollow ugc\">Support\u003C\u002Fa>\u003C\u002Fp>\n","Charge users for claiming listings.",3000,45999,"2026-01-30T16:48:00.000Z","6.9.4","7.4",[134,135,136,137,138],"claim-listings","classifieds","directory","hivepress","listings","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhivepress-claim-listings.1.1.4.zip",77,"2025-09-26 00:00:00",{"attackSurface":143,"codeSignals":212,"taintFlows":364,"riskAssessment":383,"analyzedAt":396},{"hooks":144,"ajaxHandlers":208,"restRoutes":209,"shortcodes":210,"cronEvents":211,"entryPointCount":28,"unprotectedCount":28},[145,151,155,159,164,168,173,177,181,184,189,194,197,200,204],{"type":146,"name":147,"callback":148,"file":149,"line":150},"action","init","bst_share_it_plugin_setup","bst-share-it.php",76,{"type":146,"name":152,"callback":153,"file":149,"line":154},"admin_enqueue_scripts","bst_share_it_add_js_css_admin",125,{"type":146,"name":156,"callback":157,"file":149,"line":158},"wp_enqueue_scripts","bst_share_it_add_js_css",130,{"type":146,"name":160,"callback":161,"file":162,"line":163},"admin_init","bst_share_it_options_init","includes\\bst_share_it_admin.php",756,{"type":146,"name":165,"callback":166,"file":162,"line":167},"admin_menu","bst_share_it_options_menu",761,{"type":146,"name":169,"callback":170,"file":171,"line":172},"add_meta_boxes","bst_share_it_add_custom_meta_box","includes\\bst_share_it_admin_metabox_buttons.php",34,{"type":146,"name":174,"callback":175,"file":171,"line":176},"save_post","bst_share_it_metabox_buttonplace_save",107,{"type":146,"name":169,"callback":178,"file":179,"line":180},"bst_share_it_add_custom_meta_boxes","includes\\bst_share_it_admin_metabox_uplader.php",36,{"type":146,"name":174,"callback":182,"priority":11,"file":179,"line":183},"bst_share_it_saveMetaData",37,{"type":146,"name":185,"callback":186,"file":187,"line":188},"get_header","add_bst_share_it_start","includes\\bst_share_it_widget.php",86,{"type":146,"name":190,"callback":191,"priority":192,"file":187,"line":193},"wp_head","add_bst_share_it_end_flush",1000,87,{"type":146,"name":190,"callback":195,"priority":196,"file":187,"line":111},"bst_share_it_add_action_og_metatags",1001,{"type":146,"name":190,"callback":198,"priority":14,"file":187,"line":199},"bst_share_it_add_action_og_image",218,{"type":146,"name":201,"callback":202,"file":187,"line":203},"widgets_init","anonymous",645,{"type":146,"name":205,"callback":206,"file":187,"line":207},"the_content","bst_share_it_buttons_display_content",1426,[],[],[],[],{"dangerousFunctions":213,"sqlUsage":217,"outputEscaping":222,"fileOperations":362,"externalRequests":14,"nonceChecks":33,"capabilityChecks":14,"bundledLibraries":363},[214],{"fn":215,"file":187,"line":203,"context":216},"create_function","add_action('widgets_init', create_function('', 'return register_widget(\"bst_share_it\");'));",{"prepared":14,"raw":14,"locations":218},[219],{"file":179,"line":220,"context":221},112,"$wpdb->get_var() with variable interpolation",{"escaped":223,"rawEcho":224,"locations":225},19,74,[226,229,231,233,235,237,239,241,243,245,247,249,250,252,253,255,256,258,260,262,264,266,268,271,274,276,278,280,282,284,286,288,290,292,294,296,298,300,302,304,306,308,310,312,314,316,318,320,321,322,324,325,327,328,330,331,333,334,336,337,339,340,342,343,345,346,348,349,351,352,354,356,358,360],{"file":162,"line":227,"context":228},134,"raw output",{"file":162,"line":230,"context":228},267,{"file":162,"line":232,"context":228},272,{"file":162,"line":234,"context":228},284,{"file":162,"line":236,"context":228},300,{"file":162,"line":238,"context":228},305,{"file":162,"line":240,"context":228},321,{"file":162,"line":242,"context":228},326,{"file":162,"line":244,"context":228},332,{"file":162,"line":246,"context":228},337,{"file":162,"line":248,"context":228},366,{"file":162,"line":248,"context":228},{"file":162,"line":251,"context":228},373,{"file":162,"line":251,"context":228},{"file":162,"line":254,"context":228},389,{"file":162,"line":254,"context":228},{"file":179,"line":257,"context":228},66,{"file":179,"line":259,"context":228},70,{"file":179,"line":261,"context":228},72,{"file":179,"line":263,"context":228},80,{"file":179,"line":265,"context":228},81,{"file":179,"line":267,"context":228},82,{"file":269,"line":270,"context":228},"includes\\bst_share_it_build_fb_like.php",16,{"file":272,"line":273,"context":228},"includes\\bst_share_it_social_count.php",28,{"file":187,"line":275,"context":228},136,{"file":187,"line":277,"context":228},320,{"file":187,"line":279,"context":228},350,{"file":187,"line":281,"context":228},351,{"file":187,"line":283,"context":228},352,{"file":187,"line":285,"context":228},353,{"file":187,"line":287,"context":228},354,{"file":187,"line":289,"context":228},355,{"file":187,"line":291,"context":228},356,{"file":187,"line":293,"context":228},357,{"file":187,"line":295,"context":228},358,{"file":187,"line":297,"context":228},359,{"file":187,"line":299,"context":228},360,{"file":187,"line":301,"context":228},367,{"file":187,"line":303,"context":228},368,{"file":187,"line":305,"context":228},369,{"file":187,"line":307,"context":228},370,{"file":187,"line":309,"context":228},371,{"file":187,"line":311,"context":228},379,{"file":187,"line":313,"context":228},380,{"file":187,"line":315,"context":228},381,{"file":187,"line":317,"context":228},450,{"file":187,"line":319,"context":228},451,{"file":187,"line":319,"context":228},{"file":187,"line":319,"context":228},{"file":187,"line":323,"context":228},460,{"file":187,"line":323,"context":228},{"file":187,"line":326,"context":228},470,{"file":187,"line":326,"context":228},{"file":187,"line":329,"context":228},480,{"file":187,"line":329,"context":228},{"file":187,"line":332,"context":228},490,{"file":187,"line":332,"context":228},{"file":187,"line":335,"context":228},500,{"file":187,"line":335,"context":228},{"file":187,"line":338,"context":228},510,{"file":187,"line":338,"context":228},{"file":187,"line":341,"context":228},520,{"file":187,"line":341,"context":228},{"file":187,"line":344,"context":228},530,{"file":187,"line":344,"context":228},{"file":187,"line":347,"context":228},540,{"file":187,"line":347,"context":228},{"file":187,"line":350,"context":228},547,{"file":187,"line":350,"context":228},{"file":187,"line":353,"context":228},605,{"file":187,"line":355,"context":228},609,{"file":187,"line":357,"context":228},629,{"file":187,"line":359,"context":228},634,{"file":187,"line":361,"context":228},638,6,[],[365],{"entryPoint":366,"graph":367,"unsanitizedCount":14,"severity":382},"\u003Cbst_share_it_social_count> (includes\\bst_share_it_social_count.php:0)",{"nodes":368,"edges":379},[369,374],{"id":370,"type":371,"label":372,"file":272,"line":373},"n0","source","$_POST",8,{"id":375,"type":376,"label":377,"file":272,"line":273,"wp_function":378},"n1","sink","echo() [XSS]","echo",[380],{"from":370,"to":375,"sanitized":381},false,"low",{"summary":384,"deductions":385},"The \"bst-share-it\" v1.0.9 plugin exhibits a mixed security posture. On the positive side, the static analysis reveals a remarkably small attack surface with no identified AJAX handlers, REST API routes, shortcodes, or cron events that are accessible without authentication. Furthermore, the plugin has no recorded vulnerability history, indicating a lack of publicly disclosed security flaws. This absence of past issues can be a positive indicator of developer diligence.\n\nHowever, there are several concerning signals within the code. The use of the `create_function` is a significant red flag, as it is deprecated and can lead to security vulnerabilities if not handled with extreme care, potentially allowing for code injection. The SQL query handling is also suboptimal, with only 50% of queries using prepared statements, leaving the other half vulnerable to SQL injection. Additionally, a very low percentage (20%) of output is properly escaped, which presents a high risk of Cross-Site Scripting (XSS) vulnerabilities across various output points. The taint analysis, while limited, did identify a flow with unsanitized paths, which warrants attention despite not being classified as critical or high severity at this time.\n\nIn conclusion, while the plugin's attack surface and historical vulnerability record are strengths, the presence of `create_function`, a high rate of unescaped output, and partially unsanitized SQL queries represent significant weaknesses that could be exploited. These code-level concerns outweigh the apparent lack of public vulnerabilities and the small attack surface, suggesting that the plugin should be treated with caution and that these specific code issues need to be addressed.",[386,389,391,394],{"reason":387,"points":388},"Use of create_function",15,{"reason":390,"points":373},"Low percentage of properly escaped output",{"reason":392,"points":393},"SQL queries not using prepared statements",7,{"reason":395,"points":11},"Flows with unsanitized paths","2026-03-17T00:14:00.220Z",{"wat":398,"direct":420},{"assetPaths":399,"generatorPatterns":409,"scriptPaths":410,"versionParams":416},[400,401,402,403,404,405,406,407,408],"\u002Fwp-content\u002Fplugins\u002Fbst-share-it\u002Fjs\u002Fbst.js","\u002Fwp-content\u002Fplugins\u002Fbst-share-it\u002Ftools\u002Fcp\u002Fjs\u002Fcolpick.js","\u002Fwp-content\u002Fplugins\u002Fbst-share-it\u002Ftools\u002Ffl\u002Fjs\u002Ffeatherlight.min.js","\u002Fwp-content\u002Fplugins\u002Fbst-share-it\u002Fcss\u002Fbst_share_it.css","\u002Fwp-content\u002Fplugins\u002Fbst-share-it\u002Ftools\u002Fcp\u002Fcss\u002Fcolpick.css","\u002Fwp-content\u002Fplugins\u002Fbst-share-it\u002Ftools\u002Ffl\u002Fcss\u002Ffeatherlight.min.css","\u002Fwp-content\u002Fplugins\u002Fbst-share-it\u002Fjs\u002Fadmin.js","\u002Fwp-content\u002Fplugins\u002Fbst-share-it\u002Fjs\u002Fupload.js","\u002Fwp-content\u002Fplugins\u002Fbst-share-it\u002Fcss\u002Fbst_share_it-admin.css",[],[411,412,413,414,415],"js\u002Fbst.js","tools\u002Fcp\u002Fjs\u002Fcolpick.js","tools\u002Ffl\u002Fjs\u002Ffeatherlight.min.js","js\u002Fadmin.js","js\u002Fupload.js",[417,418,419],"bst_share_it\u002Fstyle.css?ver=","bst_share_it\u002Fbst_share_it.css?ver=","bst_share_it\u002Fbst_share_it-admin.css?ver=",{"cssClasses":421,"htmlComments":422,"htmlAttributes":424,"restEndpoints":425,"jsGlobals":426,"shortcodeOutput":427},[],[423],"\u003C!-- -->",[],[],[],[]]