[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fgjX7d24RAzaY1_DAQTjnQ2MChQe8fLBq7dZdLgAtSMQ":3,"$fYbXogMdxgOITSZ4GmEzkLswp3SvT-HJkINEPeykHHA8":843,"$fJJry4A6ykMmWefFPSa_Kx_j03XgO6nP6WDgTerz3ooY":848},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"discovery_status":31,"vulnerabilities":32,"developer":33,"crawl_stats":29,"alternatives":37,"analysis":134,"fingerprints":822},"bvd-easy-social-feeds-images","BVD Easy Social Feeds & Images","1.0.7","bvads","https:\u002F\u002Fprofiles.wordpress.org\u002Fbvads\u002F","\u003Cp>BVD Social Feeds is a WordPress plugin that displays any public Facebook, Twitter, or Instagram feed on your website. The plugin is designed to be easy and quick to setup. Each social network can be signed into individually and there are several options to customize the displayed feed. Each feed has its own shortcode that is used to display the feed.\u003C\u002Fp>\n\u003Cp>This plugin is required to contact external servers and services to function properly. The plugin will contact our web service to assist in connecting to your social accounts. The plugin will also contact the associated social accounts as required. Passwords or not logged or saved. Only the required tokens and user ID’s for performing feed lookups are stored remotely. This tokens can be deactivated by the social account holder at any time.\u003C\u002Fp>\n\u003Cp>For custom modifications, please contact us at http:\u002F\u002Fb-v.design. Please use the plugin support forum for any issues or public requests you have.\u003C\u002Fp>\n","A WordPress plugin to display any public Facebook, Twitter, or Instagram feed on your website.",10,2258,60,1,"2015-09-10T15:39:00.000Z","4.3.34","3.0.1","",[20,21,22,23,24],"facebook","instagram","social","social-feeds","twitter","https:\u002F\u002Fbalcom-vetillo.com\u002Fproducts\u002Fwordpress-social-feed-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbvd-easy-social-feeds-images.1.0.7.zip",85,0,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":14,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},30,84,"2026-05-19T23:29:41.306Z",[38,56,80,99,116],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":11,"downloaded":46,"rating":28,"num_ratings":28,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":50,"tags":51,"homepage":53,"download_link":54,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":55},"civic-social-feeds","Civic Social Feeds","1.1.0","glympe","https:\u002F\u002Fprofiles.wordpress.org\u002Fglympe\u002F","\u003Ch4>Twitter\u003C\u002Fh4>\n\u003Cp>Admin Panel Data\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Consumer Key\u003C\u002Fli>\n\u003Cli>Consumer Secrer\u003C\u002Fli>\n\u003Cli>Username\u003C\u002Fli>\n\u003Cli>Number of tweets\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Facebook\u003C\u002Fh4>\n\u003Cp>Admin Panel Data\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Page ID or Page Name\u003C\u002Fli>\n\u003Cli>Page Access Token\u003C\u002Fli>\n\u003Cli>URL \u003Ccode>'https:\u002F\u002Fgraph.facebook.com\u002F${pageID}?fields=id,name,feed{full_picture,type,message,description,link,status_type,created_time}&access_token=${pageAccessToken}\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Get Facebook Page Access Token\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Create App \u003Ccode>https:\u002F\u002Fdevelopers.facebook.com\u002F\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>You need to have admin priviledge on Facebook Page + developer priviledge on Facebook App\u003C\u002Fli>\n\u003Cli>Add App Domain (website URL to Facebook App – Settings – Basic)\u003C\u002Fli>\n\u003Cli>Get User Access Token \u003Ccode>\"https:\u002F\u002Fgraph.facebook.com\u002Foauth\u002Faccess_token\u003Cbr \u002F>\n?client_id=your-app-id\u003Cbr \u002F>\n&client_secret=your-app-secret\u003Cbr \u002F>\n&grant_type=client_credentials\"\u003C\u002Fcode> (get app id and secret from Facebook App)\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Use User Access Token on this url \u003Ccode>https:\u002F\u002Fgraph.facebook.com\u002Fme\u002Faccounts?access_token=user-access-token\u003C\u002Fcode> to get a list of pages the person administers, including the name of page, page id and page access token\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Currently supported social networks\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Twitter\u003C\u002Fli>\n\u003Cli>Facebook\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>** Important Note : Instagram feed has been removed, please don’t forget to remove [civic_social_feeds type=’instagram’] shortcode.\u003C\u002Fp>\n","This plugin provides Wordpress administrators a configuration page to set up credentials for various social networks in order to access API’s and gets &hellip;",1965,"2021-03-11T14:40:00.000Z","5.7.15","3.0","5.6",[20,52,21,23,24],"feeds","https:\u002F\u002Fwww.civicuk.com\u002Fservices","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcivic-social-feeds.1.1.0.zip","2026-04-06T09:54:40.288Z",{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":66,"num_ratings":67,"last_updated":68,"tested_up_to":69,"requires_at_least":49,"requires_php":50,"tags":70,"homepage":75,"download_link":76,"security_score":77,"vuln_count":78,"unpatched_count":28,"last_vuln_date":79,"fetched_at":30},"tagembed-widget","Tagembed Social Feeds Widget","7.2","Tagembed","https:\u002F\u002Fprofiles.wordpress.org\u002Ftagembed\u002F","\u003Ch4>Collect. Curate. Publish.\u003C\u002Fh4>\n\u003Cp>Tagembed (a Taggbox product) helps you collect, manage, and display social media feeds and reviews on your website.\u003C\u002Fp>\n\u003Cp>You can embed content from platforms like Instagram, Facebook, YouTube, TikTok, LinkedIn, and review platforms such as Google Reviews. The plugin allows you to showcase user-generated content, social posts, and customer feedback in a customizable format.\u003C\u002Fp>\n\u003Ch4>Supported Content Sources\u003C\u002Fh4>\n\u003Cp>Social Media:\u003Cbr \u002F>\n* Instagram (hashtags, handles, mentions, reels)\u003Cbr \u002F>\n* Facebook (pages, albums, reviews)\u003Cbr \u002F>\n* TikTok (handles, hashtags)\u003Cbr \u002F>\n* YouTube (channels, playlists, shorts)\u003Cbr \u002F>\n* Twitter (handles, hashtags)\u003Cbr \u002F>\n* LinkedIn (company pages, posts)\u003C\u002Fp>\n\u003Cp>Review Platforms:\u003Cbr \u002F>\n* Google Reviews\u003Cbr \u002F>\n* Facebook Reviews\u003Cbr \u002F>\n* Airbnb\u003Cbr \u002F>\n* Yelp\u003C\u002Fp>\n\u003Cp>Displaying social media content and reviews on your website helps keep your content updated and improves user engagement.\u003C\u002Fp>\n\u003Ch3>4 Step Setup\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Collect:\u003C\u002Fstrong> Choose a source such as Instagram, Facebook, or Google Reviews\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customize:\u003C\u002Fstrong> Select layout and styling options\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Moderate:\u003C\u002Fstrong> Filter and manage content\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Publish:\u003C\u002Fstrong> Copy shortcode \u003Ccode>[tagembed widgetid XXXXX]\u003C\u002Fcode> and embed on your page\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Easy setup with guided flow\u003C\u002Fli>\n\u003Cli>Supports multiple content sources in one widget\u003C\u002Fli>\n\u003Cli>Real-time content updates\u003C\u002Fli>\n\u003Cli>Performance-optimized loading\u003C\u002Fli>\n\u003Cli>Compatible with Gutenberg, Elementor, and WordPress widgets\u003C\u002Fli>\n\u003Cli>Multiple layouts including grid, slider, and gallery\u003C\u002Fli>\n\u003Cli>No coding required\u003C\u002Fli>\n\u003Cli>Custom styling and design controls\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Design & Customization\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Pre-built templates for quick setup\u003C\u002Fli>\n\u003Cli>Layouts: grid, slider, gallery, carousel\u003C\u002Fli>\n\u003Cli>Customize colors, fonts, and spacing\u003C\u002Fli>\n\u003Cli>Add call-to-action buttons\u003C\u002Fli>\n\u003Cli>Custom CSS support\u003C\u002Fli>\n\u003Cli>Content filtering and moderation\u003C\u002Fli>\n\u003Cli>Responsive design for all devices\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Pricing\u003C\u002Fh3>\n\u003Cp>Tagembed offers a free plan and paid options.\u003C\u002Fp>\n\u003Cp>Free Plan:\u003Cbr \u002F>\n* 1 feed\u003Cbr \u002F>\n* Limited monthly views\u003Cbr \u002F>\n* Standard update frequency\u003Cbr \u002F>\n* Tagembed branding\u003C\u002Fp>\n\u003Cp>Premium Plans:\u003Cbr \u002F>\n* Multiple feeds\u003Cbr \u002F>\n* No branding\u003Cbr \u002F>\n* Faster updates\u003Cbr \u002F>\n* Higher or unlimited views\u003C\u002Fp>\n\u003Ch3>Why Use Social Feeds on Your Website?\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Keeps website content fresh\u003C\u002Fli>\n\u003Cli>Increases user engagement\u003C\u002Fli>\n\u003Cli>Displays real customer feedback\u003C\u002Fli>\n\u003Cli>Enhances website experience\u003C\u002Fli>\n\u003Cli>Supports content diversity\u003C\u002Fli>\n\u003Cli>Helps build trust with visitors\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Social Media Feeds\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Instagram Feed: Display posts from hashtags, handles, mentions, reels, and more\u003C\u002Fli>\n\u003Cli>Facebook Feed: Show posts, albums, and reviews\u003C\u002Fli>\n\u003Cli>TikTok Feed: Display short-form video content\u003C\u002Fli>\n\u003Cli>YouTube Feed: Showcase videos, playlists, and shorts\u003C\u002Fli>\n\u003Cli>Twitter Feed: Embed tweets from handles or hashtags\u003C\u002Fli>\n\u003Cli>LinkedIn Feed: Display company posts and updates\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Review Feeds\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Google Reviews\u003C\u002Fli>\n\u003Cli>Facebook Reviews\u003C\u002Fli>\n\u003Cli>Airbnb Reviews\u003C\u002Fli>\n\u003Cli>Yelp Reviews\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>For help and documentation:\u003Cbr \u002F>\nhttps:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Ftagembed-widget\u002F\u003C\u002Fp>\n\u003Cp>Email support: support@tagembed.com\u003C\u002Fp>\n","Collect & Embed Instagram Feed, Embed Facebook Feed, Embed YouTube Videos, Embed Twitter Feed, Google Reviews & 15+ Social Media Feed on website.",10000,219850,76,57,"2026-03-26T13:03:00.000Z","6.9.4",[71,72,73,23,74],"facebook-feed","google-reviews","instagram-feed","social-media-feed","https:\u002F\u002Ftagembed.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftagembed-widget.7.2.zip",99,2,"2024-05-17 00:00:00",{"slug":81,"name":82,"version":83,"author":82,"author_profile":84,"description":85,"short_description":86,"active_installs":87,"downloaded":88,"rating":89,"num_ratings":90,"last_updated":91,"tested_up_to":69,"requires_at_least":92,"requires_php":18,"tags":93,"homepage":95,"download_link":96,"security_score":97,"vuln_count":78,"unpatched_count":28,"last_vuln_date":98,"fetched_at":30},"curatorio","Curator.io","1.9.6","https:\u002F\u002Fprofiles.wordpress.org\u002Fcuratorio\u002F","\u003Cp>Curator.io is a social media aggregator or social media curator – it allows you to specify content sources such as Twitter usernames or Instagram tags. It then pulls this content into a feed or stream that you can curate\u002Fmanage and embed within your website.\u003C\u002Fp>\n\u003Cp>Unlike other social media aggregators Curator.io doesn’t use IFRAMEs. It allows you to embedded the stream as Javascript, HTML & CSS directly into your site where you want it. This means you have full control over how you want the stream to appear and also how it looks. Allowing you to customise it with your sites branding.\u003C\u002Fp>\n\u003Cp>The end result is a social media stream that seamlessly integrates into your website.\u003C\u002Fp>\n\u003Cp>Currently Curator.io supports Facebook, Twitter, Instagram, TikTok, YouTube, Tumblr, Flickr, Vimeo, Yelp, Deviant Art, Slack and RSS. If there is a social media site that you would like us to integrate please, get in touch and we’ll add support as soon as possible.\u003C\u002Fp>\n\u003Cp>Visit \u003Ca href=\"https:\u002F\u002Fcurator.io\" rel=\"nofollow ugc\">curator.io\u003C\u002Fa> for more information\u003C\u002Fp>\n","Aggregate and embed your social media posts on your site (Facebook, Twitter, Instagram, Pinterest and many more) as a beautiful social media feed.",2000,40288,80,4,"2026-01-27T03:12:00.000Z","4.0",[94,20,21,74,24],"aggregator","https:\u002F\u002Fcurator.io\u002Fwordpress-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcuratorio.1.9.6.zip",98,"2025-12-31 00:00:00",{"slug":100,"name":101,"version":102,"author":103,"author_profile":104,"description":105,"short_description":106,"active_installs":107,"downloaded":108,"rating":13,"num_ratings":90,"last_updated":109,"tested_up_to":110,"requires_at_least":49,"requires_php":18,"tags":111,"homepage":114,"download_link":115,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"gleam","Gleam: Run Competitions on Your WordPress Blog","1.0","stuartmck","https:\u002F\u002Fprofiles.wordpress.org\u002Fstuartmck\u002F","\u003Cp>Add a \u003Ca href=\"https:\u002F\u002Fgleam.io\" rel=\"nofollow ugc\">Gleam\u003C\u002Fa> to your site next time you a running a giveaway or competition. Gleam is a simple, yet powerful solution that helps you use social actions for entries. We support various networks such as \u003Ca href=\"https:\u002F\u002Fgleam.io\u002Ffacebook\" rel=\"nofollow ugc\">Facebook\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fgleam.io\u002Ftwitter\" rel=\"nofollow ugc\">Twitter\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fgleam.io\u002Finstagram\" rel=\"nofollow ugc\">Instagram\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fgleam.io\u002Fpinterest\" rel=\"nofollow ugc\">Pinterest\u003C\u002Fa>, Youtube, Twitch and many more.\u003C\u002Fp>\n\u003Cp>If you want to see how a brand is using Gleam to grow their business read our \u003Ca href=\"http:\u002F\u002Fblog.gleam.io\u002Fbeardbrand\u002F\" rel=\"nofollow ugc\">Beardbrand\u003C\u002Fa> Case Study.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>IMPORTANT: In order to use this plugin you must first visit \u003Ca href=\"https:\u002F\u002Fgleam.io\" rel=\"nofollow ugc\">Gleam\u003C\u002Fa>, sign up, and create a competition before you can embed it in a post. Installing this plugin without signing up means you’ll be displaying nothing in your post.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>If you have any technical or sales questions you can contact our support team here: \u003Ca href=\"https:\u002F\u002Fgleam.io\u002Fcontact\" rel=\"nofollow ugc\">https:\u002F\u002Fgleam.io\u002Fcontact\u003C\u002Fa>\u003C\u002Fp>\n","An amazing solution to run competitions on your blog using combinations of social actions.",200,10629,"2018-05-23T05:31:00.000Z","4.9.29",[112,20,21,113,24],"contest","social-media","https:\u002F\u002Fgleam.io\u002Fdocs\u002Ffaq#wordpress","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgleam.zip",{"slug":117,"name":118,"version":119,"author":120,"author_profile":121,"description":122,"short_description":123,"active_installs":89,"downloaded":124,"rating":125,"num_ratings":126,"last_updated":127,"tested_up_to":128,"requires_at_least":129,"requires_php":18,"tags":130,"homepage":132,"download_link":133,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"wp-fixed-social-profile-icons","Wp Fixed Social Profile Icons","1.1","Aman","https:\u002F\u002Fprofiles.wordpress.org\u002Faman086\u002F","\u003Cp>Wp Fixed Social profile Icons  places the social icons on the left\u002Fright side of the page.\u003C\u002Fp>\n\u003Cp>When a user rollover the icon the full icon is shown with nice animation\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Checkout our other plugins\u003C\u002Fstrong>\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fwebholics.org\u002Fdownloads\u002Fgravity-forms-sendy-addon\u002F\" rel=\"nofollow ugc\">Gravity Forms Sendy Addon\u003C\u002Fa>\u003Cbr \u002F>\n    Add user to Sendy using Gravity Forms.\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fwebholics.org\u002Fcontact-form-7-views?utm_source=wordpress-plugin-repo&utm_medium=fixed-social-icons-repo&utm_campaign=fixed-social-icons\" rel=\"nofollow ugc\">Views for Contact Form 7\u003C\u002Fa>\u003Cbr \u002F>\n    Display Contact Form 7 Submisions anywhere on your site in table or list view\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fformviewswp.com?utm_source=wordpress-plugin-repo&utm_medium=fixed-social-icons-repo&utm_campaign=fixed-social-icons\" rel=\"nofollow ugc\">Views for WPForms\u003C\u002Fa>\u003Cbr \u002F>\n    Display WPForms Entries anywhere on your site in table or list view\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fnfviews.com?utm_source=wordpress-plugin-repo&utm_medium=fixed-social-icons-repo&utm_campaign=fixed-social-icons\" rel=\"nofollow ugc\">Views for Ninja Forms\u003C\u002Fa>\u003Cbr \u002F>\n    Display Ninja Forms Submisions anywhere on your site in table or list view\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fninjapopup.org\u002F?utm_source=wordpress-plugin-repo&utm_medium=fixed-social-icons-repo&utm_campaign=fixed-social-icons\" rel=\"nofollow ugc\">Popup Addon for Ninja Forms\u003C\u002Fa>\u003Cbr \u002F>\n    Display Ninja Forms in beautiful popups.\u003Cbr \u002F>\n* \u003Ca href=\"http:\u002F\u002Fcodecanyon.net\u002Fitem\u002Fninja-forms-paypal-standard-payment-gateway\u002F10047955?ref=webholics\" rel=\"nofollow ugc\">Ninja Forms Paypal Standard\u003C\u002Fa>\u003Cbr \u002F>\n    Take payments using Paypal Standard in your Ninja Forms\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fwebholics.org\u002Fdownloads\u002Fnf-getresponse-addon\u002F?utm_source=wordpress-plugin-repo&utm_medium=fixed-social-icons-repo&utm_campaign=fixed-social-icons\" rel=\"nofollow ugc\">Ninja Forms GetResponse Addon\u003C\u002Fa>\u003Cbr \u002F>\n    Add user to GetResponse using Ninja Forms.\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fwebholics.org\u002Fdownloads\u002Fnf-icontact-addon\u002F?utm_source=wordpress-plugin-repo&utm_medium=fixed-social-icons-repo&utm_campaign=fixed-social-icons\" rel=\"nofollow ugc\">Ninja Forms iContact Addon\u003C\u002Fa>\u003Cbr \u002F>\n    Add user to iContact using Ninja Forms.\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fwebholics.org\u002Fdownloads\u002Fnf-sendy-addon\u002F?utm_source=wordpress-plugin-repo&utm_medium=fixed-social-icons-repo&utm_campaign=fixed-social-icons\" rel=\"nofollow ugc\">Ninja Forms Sendy Addon\u003C\u002Fa>\u003Cbr \u002F>\n    Add user to Sendy using Ninja Forms.\u003C\u002Fp>\n","Fixed Social Icons for your wordpress website",4386,94,3,"2023-11-08T09:03:00.000Z","6.4.8","3.5",[20,131,21,22,24],"google-plus","http:\u002F\u002Famansaini.me","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-fixed-social-profile-icons.zip",{"attackSurface":135,"codeSignals":174,"taintFlows":478,"riskAssessment":805,"analyzedAt":821},{"hooks":136,"ajaxHandlers":158,"restRoutes":159,"shortcodes":160,"cronEvents":173,"entryPointCount":126,"unprotectedCount":28},[137,143,146,150,154],{"type":138,"name":139,"callback":140,"file":141,"line":142},"action","init","process_post","bvd-social-feeds.php",29,{"type":138,"name":144,"callback":145,"file":141,"line":34},"admin_menu","setup_admin_menu",{"type":138,"name":147,"callback":148,"file":141,"line":149},"template_redirect","callback",31,{"type":138,"name":151,"callback":152,"file":141,"line":153},"admin_notices","showAdminMessages",32,{"type":138,"name":155,"callback":156,"file":141,"line":157},"admin_enqueue_scripts","social_feeds_enqueue",437,[],[],[161,165,169],{"tag":162,"callback":163,"file":141,"line":164},"bvd-instagram-feed","instagram_feed_display",37,{"tag":166,"callback":167,"file":141,"line":168},"bvd-facebook-feed","facebook_feed_display",38,{"tag":170,"callback":171,"file":141,"line":172},"bvd-twitter-feed","twitter_feed_display",39,[],{"dangerousFunctions":175,"sqlUsage":176,"outputEscaping":178,"fileOperations":11,"externalRequests":78,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":477},[],{"prepared":28,"raw":28,"locations":177},[],{"escaped":28,"rawEcho":179,"locations":180},163,[181,185,187,189,191,193,195,197,199,200,201,203,204,205,206,208,210,212,214,216,218,220,222,224,226,228,230,232,234,235,237,239,241,243,245,246,247,249,251,253,255,257,259,261,263,265,267,269,271,272,274,275,277,279,281,283,285,287,289,291,293,295,297,298,299,300,301,303,305,307,308,310,312,314,316,317,319,321,323,325,327,329,331,333,335,337,339,341,343,345,347,349,351,353,355,357,359,361,363,365,367,368,370,371,372,374,376,378,380,382,384,385,387,388,389,391,392,394,396,398,400,402,404,405,407,408,409,411,412,414,416,418,420,422,424,426,428,430,432,434,435,437,439,440,442,444,445,447,449,451,453,455,457,459,461,463,465,467,468,470,472,474,475],{"file":182,"line":183,"context":184},"admin-page-facebook.php",5,"raw output",{"file":182,"line":186,"context":184},13,{"file":182,"line":188,"context":184},14,{"file":182,"line":190,"context":184},15,{"file":182,"line":192,"context":184},16,{"file":182,"line":194,"context":184},46,{"file":182,"line":196,"context":184},50,{"file":182,"line":198,"context":184},53,{"file":182,"line":13,"context":184},{"file":182,"line":13,"context":184},{"file":182,"line":202,"context":184},92,{"file":182,"line":202,"context":184},{"file":182,"line":202,"context":184},{"file":182,"line":179,"context":184},{"file":182,"line":207,"context":184},164,{"file":182,"line":209,"context":184},182,{"file":182,"line":211,"context":184},217,{"file":182,"line":213,"context":184},252,{"file":182,"line":215,"context":184},298,{"file":182,"line":217,"context":184},318,{"file":182,"line":219,"context":184},338,{"file":182,"line":221,"context":184},358,{"file":182,"line":223,"context":184},378,{"file":182,"line":225,"context":184},398,{"file":182,"line":227,"context":184},418,{"file":182,"line":229,"context":184},438,{"file":231,"line":183,"context":184},"admin-page-instagram.php",{"file":231,"line":233,"context":184},9,{"file":231,"line":11,"context":184},{"file":231,"line":236,"context":184},11,{"file":231,"line":238,"context":184},12,{"file":231,"line":240,"context":184},36,{"file":231,"line":242,"context":184},40,{"file":231,"line":244,"context":184},43,{"file":231,"line":196,"context":184},{"file":231,"line":196,"context":184},{"file":231,"line":248,"context":184},134,{"file":231,"line":250,"context":184},135,{"file":231,"line":252,"context":184},136,{"file":231,"line":254,"context":184},137,{"file":231,"line":256,"context":184},138,{"file":231,"line":258,"context":184},159,{"file":231,"line":260,"context":184},207,{"file":231,"line":262,"context":184},208,{"file":231,"line":264,"context":184},209,{"file":231,"line":266,"context":184},210,{"file":231,"line":268,"context":184},211,{"file":231,"line":270,"context":184},232,{"file":231,"line":213,"context":184},{"file":231,"line":273,"context":184},285,{"file":231,"line":273,"context":184},{"file":231,"line":276,"context":184},289,{"file":231,"line":278,"context":184},293,{"file":231,"line":280,"context":184},320,{"file":231,"line":282,"context":184},370,{"file":231,"line":284,"context":184},414,{"file":231,"line":286,"context":184},434,{"file":231,"line":288,"context":184},454,{"file":231,"line":290,"context":184},474,{"file":231,"line":292,"context":184},494,{"file":231,"line":294,"context":184},514,{"file":296,"line":183,"context":184},"admin-page-twitter.php",{"file":296,"line":186,"context":184},{"file":296,"line":188,"context":184},{"file":296,"line":190,"context":184},{"file":296,"line":192,"context":184},{"file":296,"line":302,"context":184},45,{"file":296,"line":304,"context":184},49,{"file":296,"line":306,"context":184},56,{"file":296,"line":306,"context":184},{"file":296,"line":309,"context":184},121,{"file":296,"line":311,"context":184},122,{"file":296,"line":313,"context":184},140,{"file":296,"line":315,"context":184},175,{"file":296,"line":266,"context":184},{"file":296,"line":318,"context":184},256,{"file":296,"line":320,"context":184},276,{"file":296,"line":322,"context":184},296,{"file":296,"line":324,"context":184},316,{"file":296,"line":326,"context":184},336,{"file":296,"line":328,"context":184},356,{"file":296,"line":330,"context":184},376,{"file":296,"line":332,"context":184},396,{"file":141,"line":334,"context":184},513,{"file":141,"line":336,"context":184},520,{"file":141,"line":338,"context":184},573,{"file":141,"line":340,"context":184},582,{"file":141,"line":342,"context":184},594,{"file":141,"line":344,"context":184},609,{"file":141,"line":346,"context":184},610,{"file":141,"line":348,"context":184},611,{"file":141,"line":350,"context":184},844,{"file":141,"line":352,"context":184},845,{"file":141,"line":354,"context":184},849,{"file":141,"line":356,"context":184},853,{"file":141,"line":358,"context":184},854,{"file":141,"line":360,"context":184},858,{"file":141,"line":362,"context":184},859,{"file":141,"line":364,"context":184},887,{"file":141,"line":366,"context":184},895,{"file":141,"line":366,"context":184},{"file":141,"line":369,"context":184},896,{"file":141,"line":369,"context":184},{"file":141,"line":369,"context":184},{"file":141,"line":373,"context":184},922,{"file":141,"line":375,"context":184},934,{"file":141,"line":377,"context":184},936,{"file":141,"line":379,"context":184},939,{"file":141,"line":381,"context":184},942,{"file":141,"line":383,"context":184},974,{"file":141,"line":383,"context":184},{"file":141,"line":386,"context":184},975,{"file":141,"line":386,"context":184},{"file":141,"line":386,"context":184},{"file":141,"line":390,"context":184},989,{"file":141,"line":390,"context":184},{"file":141,"line":393,"context":184},1014,{"file":141,"line":395,"context":184},1026,{"file":141,"line":397,"context":184},1028,{"file":141,"line":399,"context":184},1031,{"file":141,"line":401,"context":184},1034,{"file":141,"line":403,"context":184},1044,{"file":141,"line":403,"context":184},{"file":141,"line":406,"context":184},1045,{"file":141,"line":406,"context":184},{"file":141,"line":406,"context":184},{"file":141,"line":410,"context":184},1055,{"file":141,"line":410,"context":184},{"file":141,"line":413,"context":184},1223,{"file":141,"line":415,"context":184},1224,{"file":141,"line":417,"context":184},1228,{"file":141,"line":419,"context":184},1232,{"file":141,"line":421,"context":184},1233,{"file":141,"line":423,"context":184},1237,{"file":141,"line":425,"context":184},1238,{"file":141,"line":427,"context":184},1242,{"file":141,"line":429,"context":184},1243,{"file":141,"line":431,"context":184},1254,{"file":141,"line":433,"context":184},1338,{"file":141,"line":433,"context":184},{"file":141,"line":436,"context":184},1345,{"file":141,"line":438,"context":184},1351,{"file":141,"line":438,"context":184},{"file":141,"line":441,"context":184},1357,{"file":141,"line":443,"context":184},1374,{"file":141,"line":443,"context":184},{"file":141,"line":446,"context":184},1526,{"file":141,"line":448,"context":184},1527,{"file":141,"line":450,"context":184},1531,{"file":141,"line":452,"context":184},1535,{"file":141,"line":454,"context":184},1536,{"file":141,"line":456,"context":184},1540,{"file":141,"line":458,"context":184},1541,{"file":141,"line":460,"context":184},1545,{"file":141,"line":462,"context":184},1546,{"file":141,"line":464,"context":184},1557,{"file":141,"line":466,"context":184},1620,{"file":141,"line":466,"context":184},{"file":141,"line":469,"context":184},1627,{"file":141,"line":471,"context":184},1630,{"file":141,"line":473,"context":184},1647,{"file":141,"line":473,"context":184},{"file":141,"line":476,"context":184},1674,[],[479,628,640,651,777,787],{"entryPoint":480,"graph":481,"unsanitizedCount":302,"severity":627},"process_post (bvd-social-feeds.php:42)",{"nodes":482,"edges":605},[483,487,492,496,498,502,504,507,509,513,515,519,521,525,527,531,533,537,539,543,545,548,550,554,556,560,562,566,568,572,574,577,580,584,586,590,592,596,600],{"id":484,"type":485,"label":486,"file":141,"line":67},"n0","source","$_REQUEST['token']",{"id":488,"type":489,"label":490,"file":141,"line":67,"wp_function":491},"n1","sink","update_option() [Settings Manipulation]","update_option",{"id":493,"type":485,"label":494,"file":141,"line":495},"n2","$_REQUEST['user_id']",58,{"id":497,"type":489,"label":490,"file":141,"line":495,"wp_function":491},"n3",{"id":499,"type":485,"label":500,"file":141,"line":501},"n4","$_REQUEST['username']",59,{"id":503,"type":489,"label":490,"file":141,"line":501,"wp_function":491},"n5",{"id":505,"type":485,"label":506,"file":141,"line":309},"n6","$_REQUEST['number-display'] (x3)",{"id":508,"type":489,"label":490,"file":141,"line":309,"wp_function":491},"n7",{"id":510,"type":485,"label":511,"file":141,"line":512},"n8","$_REQUEST['number-columns']",123,{"id":514,"type":489,"label":490,"file":141,"line":512,"wp_function":491},"n9",{"id":516,"type":485,"label":517,"file":141,"line":518},"n10","$_REQUEST['padding-around'] (x2)",126,{"id":520,"type":489,"label":490,"file":141,"line":518,"wp_function":491},"n11",{"id":522,"type":485,"label":523,"file":141,"line":524},"n12","$_REQUEST['user-tag']",131,{"id":526,"type":489,"label":490,"file":141,"line":524,"wp_function":491},"n13",{"id":528,"type":485,"label":529,"file":141,"line":530},"n14","$_REQUEST['header-text'] (x3)",151,{"id":532,"type":489,"label":490,"file":141,"line":530,"wp_function":491},"n15",{"id":534,"type":485,"label":535,"file":141,"line":536},"n16","$_REQUEST['more-link-text'] (x3)",152,{"id":538,"type":489,"label":490,"file":141,"line":536,"wp_function":491},"n17",{"id":540,"type":485,"label":541,"file":141,"line":542},"n18","$_REQUEST['header-background'] (x3)",161,{"id":544,"type":489,"label":490,"file":141,"line":542,"wp_function":491},"n19",{"id":546,"type":485,"label":547,"file":141,"line":207},"n20","$_REQUEST['header-font-color'] (x3)",{"id":549,"type":489,"label":490,"file":141,"line":207,"wp_function":491},"n21",{"id":551,"type":485,"label":552,"file":141,"line":553},"n22","$_REQUEST['btn-background'] (x3)",167,{"id":555,"type":489,"label":490,"file":141,"line":553,"wp_function":491},"n23",{"id":557,"type":485,"label":558,"file":141,"line":559},"n24","$_REQUEST['btn-background-hover'] (x3)",170,{"id":561,"type":489,"label":490,"file":141,"line":559,"wp_function":491},"n25",{"id":563,"type":485,"label":564,"file":141,"line":565},"n26","$_REQUEST['btn-font-color'] (x3)",173,{"id":567,"type":489,"label":490,"file":141,"line":565,"wp_function":491},"n27",{"id":569,"type":485,"label":570,"file":141,"line":571},"n28","$_REQUEST['btn-font-color-hover'] (x3)",177,{"id":573,"type":489,"label":490,"file":141,"line":571,"wp_function":491},"n29",{"id":575,"type":485,"label":576,"file":141,"line":107},"n30","$_REQUEST (x6)",{"id":578,"type":489,"label":490,"file":141,"line":579,"wp_function":491},"n31",202,{"id":581,"type":485,"label":582,"file":141,"line":583},"n32","$_REQUEST['border-bottom'] (x2)",254,{"id":585,"type":489,"label":490,"file":141,"line":583,"wp_function":491},"n33",{"id":587,"type":485,"label":588,"file":141,"line":589},"n34","$_REQUEST['page-id']",300,{"id":591,"type":489,"label":490,"file":141,"line":589,"wp_function":491},"n35",{"id":593,"type":485,"label":594,"file":141,"line":595},"n36","$_REQUEST (x2)",101,{"id":597,"type":598,"label":599,"file":141,"line":595},"n37","transform","→ url_get_contents()",{"id":601,"type":489,"label":602,"file":141,"line":603,"wp_function":604},"n38","fopen() [File Access]",486,"fopen",[606,608,609,610,611,612,613,614,615,616,617,618,619,620,621,622,623,624,625,626],{"from":484,"to":488,"sanitized":607},false,{"from":493,"to":497,"sanitized":607},{"from":499,"to":503,"sanitized":607},{"from":505,"to":508,"sanitized":607},{"from":510,"to":514,"sanitized":607},{"from":516,"to":520,"sanitized":607},{"from":522,"to":526,"sanitized":607},{"from":528,"to":532,"sanitized":607},{"from":534,"to":538,"sanitized":607},{"from":540,"to":544,"sanitized":607},{"from":546,"to":549,"sanitized":607},{"from":551,"to":555,"sanitized":607},{"from":557,"to":561,"sanitized":607},{"from":563,"to":567,"sanitized":607},{"from":569,"to":573,"sanitized":607},{"from":575,"to":578,"sanitized":607},{"from":581,"to":585,"sanitized":607},{"from":587,"to":591,"sanitized":607},{"from":593,"to":597,"sanitized":607},{"from":597,"to":601,"sanitized":607},"medium",{"entryPoint":629,"graph":630,"unsanitizedCount":14,"severity":627},"license_key_activation (bvd-social-feeds.php:451)",{"nodes":631,"edges":637},[632,635,636],{"id":484,"type":485,"label":633,"file":141,"line":634},"$_SERVER",453,{"id":488,"type":598,"label":599,"file":141,"line":634},{"id":493,"type":489,"label":602,"file":141,"line":603,"wp_function":604},[638,639],{"from":484,"to":488,"sanitized":607},{"from":488,"to":493,"sanitized":607},{"entryPoint":641,"graph":642,"unsanitizedCount":14,"severity":627},"license_key_deactivation (bvd-social-feeds.php:463)",{"nodes":643,"edges":648},[644,646,647],{"id":484,"type":485,"label":633,"file":141,"line":645},465,{"id":488,"type":598,"label":599,"file":141,"line":645},{"id":493,"type":489,"label":602,"file":141,"line":603,"wp_function":604},[649,650],{"from":484,"to":488,"sanitized":607},{"from":488,"to":493,"sanitized":607},{"entryPoint":652,"graph":653,"unsanitizedCount":776,"severity":627},"\u003Cbvd-social-feeds> (bvd-social-feeds.php:0)",{"nodes":654,"edges":746},[655,656,657,658,659,660,661,662,663,664,665,666,667,668,669,670,671,672,673,674,675,676,677,678,679,680,681,682,683,684,685,686,687,688,689,690,691,694,698,699,701,705,707,711,713,717,719,723,725,728,732,735,737,739,742,744],{"id":484,"type":485,"label":486,"file":141,"line":67},{"id":488,"type":489,"label":490,"file":141,"line":67,"wp_function":491},{"id":493,"type":485,"label":494,"file":141,"line":495},{"id":497,"type":489,"label":490,"file":141,"line":495,"wp_function":491},{"id":499,"type":485,"label":500,"file":141,"line":501},{"id":503,"type":489,"label":490,"file":141,"line":501,"wp_function":491},{"id":505,"type":485,"label":506,"file":141,"line":309},{"id":508,"type":489,"label":490,"file":141,"line":309,"wp_function":491},{"id":510,"type":485,"label":511,"file":141,"line":512},{"id":514,"type":489,"label":490,"file":141,"line":512,"wp_function":491},{"id":516,"type":485,"label":517,"file":141,"line":518},{"id":520,"type":489,"label":490,"file":141,"line":518,"wp_function":491},{"id":522,"type":485,"label":523,"file":141,"line":524},{"id":526,"type":489,"label":490,"file":141,"line":524,"wp_function":491},{"id":528,"type":485,"label":529,"file":141,"line":530},{"id":532,"type":489,"label":490,"file":141,"line":530,"wp_function":491},{"id":534,"type":485,"label":535,"file":141,"line":536},{"id":538,"type":489,"label":490,"file":141,"line":536,"wp_function":491},{"id":540,"type":485,"label":541,"file":141,"line":542},{"id":544,"type":489,"label":490,"file":141,"line":542,"wp_function":491},{"id":546,"type":485,"label":547,"file":141,"line":207},{"id":549,"type":489,"label":490,"file":141,"line":207,"wp_function":491},{"id":551,"type":485,"label":552,"file":141,"line":553},{"id":555,"type":489,"label":490,"file":141,"line":553,"wp_function":491},{"id":557,"type":485,"label":558,"file":141,"line":559},{"id":561,"type":489,"label":490,"file":141,"line":559,"wp_function":491},{"id":563,"type":485,"label":564,"file":141,"line":565},{"id":567,"type":489,"label":490,"file":141,"line":565,"wp_function":491},{"id":569,"type":485,"label":570,"file":141,"line":571},{"id":573,"type":489,"label":490,"file":141,"line":571,"wp_function":491},{"id":575,"type":485,"label":576,"file":141,"line":107},{"id":578,"type":489,"label":490,"file":141,"line":579,"wp_function":491},{"id":581,"type":485,"label":582,"file":141,"line":583},{"id":585,"type":489,"label":490,"file":141,"line":583,"wp_function":491},{"id":587,"type":485,"label":588,"file":141,"line":589},{"id":591,"type":489,"label":490,"file":141,"line":589,"wp_function":491},{"id":593,"type":485,"label":692,"file":141,"line":693},"$_REQUEST",97,{"id":597,"type":489,"label":695,"file":141,"line":696,"wp_function":697},"file_get_contents() [SSRF\u002FLFI]",484,"file_get_contents",{"id":601,"type":485,"label":692,"file":141,"line":693},{"id":700,"type":489,"label":602,"file":141,"line":603,"wp_function":604},"n39",{"id":702,"type":485,"label":703,"file":141,"line":704},"n40","$_REQUEST['oauth_token'] (x2)",672,{"id":706,"type":489,"label":490,"file":141,"line":704,"wp_function":491},"n41",{"id":708,"type":485,"label":709,"file":141,"line":710},"n42","$_REQUEST['oauth_secret']",673,{"id":712,"type":489,"label":490,"file":141,"line":710,"wp_function":491},"n43",{"id":714,"type":485,"label":715,"file":141,"line":716},"n44","$_REQUEST['oauth_username']",674,{"id":718,"type":489,"label":490,"file":141,"line":716,"wp_function":491},"n45",{"id":720,"type":485,"label":721,"file":141,"line":722},"n46","$_REQUEST['oauth_user_id'] (x2)",675,{"id":724,"type":489,"label":490,"file":141,"line":722,"wp_function":491},"n47",{"id":726,"type":485,"label":594,"file":141,"line":727},"n48",339,{"id":729,"type":489,"label":730,"file":141,"line":436,"wp_function":731},"n49","echo() [XSS]","echo",{"id":733,"type":485,"label":734,"file":141,"line":595},"n50","$_REQUEST (x5)",{"id":736,"type":598,"label":599,"file":141,"line":595},"n51",{"id":738,"type":489,"label":602,"file":141,"line":603,"wp_function":604},"n52",{"id":740,"type":485,"label":741,"file":141,"line":634},"n53","$_SERVER (x8)",{"id":743,"type":598,"label":599,"file":141,"line":634},"n54",{"id":745,"type":489,"label":602,"file":141,"line":603,"wp_function":604},"n55",[747,748,749,750,751,752,753,754,755,756,757,758,759,760,761,762,763,764,765,766,767,768,769,770,771,772,773,774,775],{"from":484,"to":488,"sanitized":607},{"from":493,"to":497,"sanitized":607},{"from":499,"to":503,"sanitized":607},{"from":505,"to":508,"sanitized":607},{"from":510,"to":514,"sanitized":607},{"from":516,"to":520,"sanitized":607},{"from":522,"to":526,"sanitized":607},{"from":528,"to":532,"sanitized":607},{"from":534,"to":538,"sanitized":607},{"from":540,"to":544,"sanitized":607},{"from":546,"to":549,"sanitized":607},{"from":551,"to":555,"sanitized":607},{"from":557,"to":561,"sanitized":607},{"from":563,"to":567,"sanitized":607},{"from":569,"to":573,"sanitized":607},{"from":575,"to":578,"sanitized":607},{"from":581,"to":585,"sanitized":607},{"from":587,"to":591,"sanitized":607},{"from":593,"to":597,"sanitized":607},{"from":601,"to":700,"sanitized":607},{"from":702,"to":706,"sanitized":607},{"from":708,"to":712,"sanitized":607},{"from":714,"to":718,"sanitized":607},{"from":720,"to":724,"sanitized":607},{"from":726,"to":729,"sanitized":607},{"from":733,"to":736,"sanitized":607},{"from":736,"to":738,"sanitized":607},{"from":740,"to":743,"sanitized":607},{"from":743,"to":745,"sanitized":607},66,{"entryPoint":778,"graph":779,"unsanitizedCount":14,"severity":786},"\u003Cadmin-page-instagram> (admin-page-instagram.php:0)",{"nodes":780,"edges":784},[781,783],{"id":484,"type":485,"label":782,"file":231,"line":196},"$_SERVER['HTTP_HOST']",{"id":488,"type":489,"label":730,"file":231,"line":196,"wp_function":731},[785],{"from":484,"to":488,"sanitized":607},"low",{"entryPoint":788,"graph":789,"unsanitizedCount":804,"severity":786},"callback (bvd-social-feeds.php:666)",{"nodes":790,"edges":799},[791,792,793,794,795,796,797,798],{"id":484,"type":485,"label":703,"file":141,"line":704},{"id":488,"type":489,"label":490,"file":141,"line":704,"wp_function":491},{"id":493,"type":485,"label":709,"file":141,"line":710},{"id":497,"type":489,"label":490,"file":141,"line":710,"wp_function":491},{"id":499,"type":485,"label":715,"file":141,"line":716},{"id":503,"type":489,"label":490,"file":141,"line":716,"wp_function":491},{"id":505,"type":485,"label":721,"file":141,"line":722},{"id":508,"type":489,"label":490,"file":141,"line":722,"wp_function":491},[800,801,802,803],{"from":484,"to":488,"sanitized":607},{"from":493,"to":497,"sanitized":607},{"from":499,"to":503,"sanitized":607},{"from":505,"to":508,"sanitized":607},6,{"summary":806,"deductions":807},"The bvd-easy-social-feeds-images plugin, version 1.0.7, exhibits a mixed security posture. On the positive side, it demonstrates good practices by not having any known CVEs and utilizes prepared statements for all its SQL queries, indicating a resistance to SQL injection vulnerabilities. It also has no reported bundled libraries, reducing the risk of using outdated or vulnerable third-party code.\n\nHowever, significant concerns arise from the static analysis. A substantial number of file operations (10) and external HTTP requests (2) exist, which can be potential attack vectors if not handled securely. Crucially, none of the 163 observed output operations are properly escaped, posing a high risk of Cross-Site Scripting (XSS) vulnerabilities. Additionally, the absence of nonce checks and capability checks across all entry points, including the 3 shortcodes, makes the plugin vulnerable to CSRF attacks and unauthorized actions.\n\nThe taint analysis reveals 6 flows with unsanitized paths, which, while not classified as critical or high severity by the analysis, still represent a potential risk for path traversal or unintended file access. The plugin's vulnerability history being entirely clear is a positive sign, but it doesn't negate the immediate risks identified in the static and taint analyses. In conclusion, while the plugin avoids common database and known vulnerability issues, its lack of output escaping and insufficient authorization checks on its entry points present considerable security weaknesses that require immediate attention.",[808,811,813,815,817,819],{"reason":809,"points":810},"All output operations are unescaped",20,{"reason":812,"points":190},"No nonce checks present",{"reason":814,"points":190},"No capability checks present",{"reason":816,"points":238},"Taint flows with unsanitized paths (6)",{"reason":818,"points":183},"Numerous file operations (10)",{"reason":820,"points":126},"External HTTP requests (2)","2026-04-16T12:43:34.341Z",{"wat":823,"direct":830},{"assetPaths":824,"generatorPatterns":826,"scriptPaths":827,"versionParams":828},[825],"\u002Fwp-content\u002Fplugins\u002Fbvd-easy-social-feeds-images\u002Fbvd-social-feeds-user-style.css",[],[],[829],"bvd-social-feeds-user-style.css?ver=",{"cssClasses":831,"htmlComments":832,"htmlAttributes":833,"restEndpoints":835,"jsGlobals":836,"shortcodeOutput":839},[],[],[834],"data-bvd-social-feed",[],[837,838],"BVD_SOCIAL_FEEDS_INSTAGRAM_LOADER","BVD_SOCIAL_FEEDS_INSTAGRAM_GRID",[840,841,842],"[bvd-instagram-feed]","[bvd-facebook-feed]","[bvd-twitter-feed]",{"error":844,"url":845,"statusCode":846,"statusMessage":847,"message":847},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fbvd-easy-social-feeds-images\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":849,"versions":850},7,[851,856,863,870,877,884,891],{"version":6,"download_url":26,"svn_tag_url":852,"released_at":29,"has_diff":607,"diff_files_changed":853,"diff_lines":29,"trac_diff_url":854,"vulnerabilities":855,"is_current":844},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fbvd-easy-social-feeds-images\u002Ftags\u002F1.0.7\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fbvd-easy-social-feeds-images%2Ftags%2F1.0.6&new_path=%2Fbvd-easy-social-feeds-images%2Ftags%2F1.0.7",[],{"version":857,"download_url":858,"svn_tag_url":859,"released_at":29,"has_diff":607,"diff_files_changed":860,"diff_lines":29,"trac_diff_url":861,"vulnerabilities":862,"is_current":607},"1.0.6","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbvd-easy-social-feeds-images.1.0.6.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fbvd-easy-social-feeds-images\u002Ftags\u002F1.0.6\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fbvd-easy-social-feeds-images%2Ftags%2F1.0.5&new_path=%2Fbvd-easy-social-feeds-images%2Ftags%2F1.0.6",[],{"version":864,"download_url":865,"svn_tag_url":866,"released_at":29,"has_diff":607,"diff_files_changed":867,"diff_lines":29,"trac_diff_url":868,"vulnerabilities":869,"is_current":607},"1.0.5","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbvd-easy-social-feeds-images.1.0.5.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fbvd-easy-social-feeds-images\u002Ftags\u002F1.0.5\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fbvd-easy-social-feeds-images%2Ftags%2F1.0.4&new_path=%2Fbvd-easy-social-feeds-images%2Ftags%2F1.0.5",[],{"version":871,"download_url":872,"svn_tag_url":873,"released_at":29,"has_diff":607,"diff_files_changed":874,"diff_lines":29,"trac_diff_url":875,"vulnerabilities":876,"is_current":607},"1.0.4","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbvd-easy-social-feeds-images.1.0.4.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fbvd-easy-social-feeds-images\u002Ftags\u002F1.0.4\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fbvd-easy-social-feeds-images%2Ftags%2F1.0.3&new_path=%2Fbvd-easy-social-feeds-images%2Ftags%2F1.0.4",[],{"version":878,"download_url":879,"svn_tag_url":880,"released_at":29,"has_diff":607,"diff_files_changed":881,"diff_lines":29,"trac_diff_url":882,"vulnerabilities":883,"is_current":607},"1.0.3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbvd-easy-social-feeds-images.1.0.3.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fbvd-easy-social-feeds-images\u002Ftags\u002F1.0.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fbvd-easy-social-feeds-images%2Ftags%2F1.0.2&new_path=%2Fbvd-easy-social-feeds-images%2Ftags%2F1.0.3",[],{"version":885,"download_url":886,"svn_tag_url":887,"released_at":29,"has_diff":607,"diff_files_changed":888,"diff_lines":29,"trac_diff_url":889,"vulnerabilities":890,"is_current":607},"1.0.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbvd-easy-social-feeds-images.1.0.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fbvd-easy-social-feeds-images\u002Ftags\u002F1.0.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fbvd-easy-social-feeds-images%2Ftags%2F1.0.1&new_path=%2Fbvd-easy-social-feeds-images%2Ftags%2F1.0.2",[],{"version":892,"download_url":893,"svn_tag_url":894,"released_at":29,"has_diff":607,"diff_files_changed":895,"diff_lines":29,"trac_diff_url":29,"vulnerabilities":896,"is_current":607},"1.0.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbvd-easy-social-feeds-images.1.0.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fbvd-easy-social-feeds-images\u002Ftags\u002F1.0.1\u002F",[],[]]