[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fhko9gAODiHPjyIaBo3bUbMUkOOCbCVqA7A2bw990eG0":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":37,"analysis":139,"fingerprints":248},"celebrity-polls","Celebrity Polls","1.1.0 beta","infectionrank.org","https:\u002F\u002Fprofiles.wordpress.org\u002Fsinger22-wordpress\u002F","\u003Cp>We have developed a plugin that allows you, the Admin of your blog, to\u003Cbr \u002F>\ncreate poll widgets, which can be installed on your blog from Appearance\u003Cbr \u002F>\n-> Widgets.\u003C\u002Fp>\n\u003Cp>After installation your blog reader(s) can vote either on different styles worn\u003Cbr \u002F>\nby a celebrity or which celebrity wore the same style best.\u003Cbr \u002F>\n   These styles can be found at SINGER22.com.\u003C\u002Fp>\n\u003Cp>The plugin can generate two types of widgets as discussed above,  widget for\u003C\u002Fp>\n\u003Cpre>\u003Ccode>1. Your reader to judge which celebrity wore the style Best?\n   Options provided by this widget supports judging between 2 to 3\n   Celebrities appearing in the same outfits.\n   (Select -> \"Who wore it Best\" when creating the widget.)\n\n2. Or which style looks best on selected Celebrity.\n   Options provided by this widget supports judging between 2 to 3\n   styles worn by a single Celebrity.\n   (Select -> \"Pick the best Look\" when creating the widget.)\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>After deciding on the type of widget you want to create, comes the selection\u003Cbr \u002F>\nof mode.  Pick one of the two provided:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>1. Multiple Polls (Voting continues after first vote.)\n   Once the reader has voted on the poll another one is placed in its place.\n\n2. Single selected poll (Voting stops after initial vote.)\n   After voting the reader will see the poll with results, their vote \n   plus others displayed in percents.\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Optionally style the widget by selecting size, setting background color,\u003Cbr \u002F>\npicking font face, showing border and enabling comment box.\u003C\u002Fp>\n\u003Cp>When the vote is submitted, the voter is promted to login to facebook,\u003Cbr \u002F>\nthe widget will post their vote on the wall. Any comments left\u003Cbr \u002F>\nin the comment box, if enabled, will also appear.\u003Cbr \u002F>\nFor voting voter receives $1.00 instant discount @ SINGER22.com.\u003C\u002Fp>\n\u003Cp>After creation of the widget, it will appear under Plugins -> Installed\u003Cbr \u002F>\nPlugins and Appearance -> Widgets. Select it and move it to Primary Widget\u003Cbr \u002F>\narea in order for it to appear on your blog.\u003C\u002Fp>\n\u003Cp>Feel free to ask any questions according plugin usage at wordpress@datasub.com\u003C\u002Fp>\n\u003Cp>WordPress 2.8 or above is required.\u003C\u002Fp>\n\u003Cp>More info:\u003C\u002Fp>\n","We have developed a plugin that allows you, the Admin of your blog, to",10,3880,0,"2012-05-08T15:52:00.000Z","3.3.2","2.8.0","",[19,20,21,22,23],"celebrity","facebook","singer22","social","social-network","http:\u002F\u002Fwww.datasub.com\u002Fwidget","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcelebrity-polls.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":26,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"singer22-wordpress",2,50,30,84,"2026-04-04T15:37:58.258Z",[38,60,83,102,120],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":46,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":57,"download_link":58,"security_score":59,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"simple-wall","Simple Wall","1.1.5","Sebastien SERRE","https:\u002F\u002Fprofiles.wordpress.org\u002Fsebastienserre\u002F","\u003Cp>Simple Wall embed a shortcode and a block to display a Facebook public page.\u003Cbr \u002F>\nThis plugin allows you to add the official Facebook widget available at https:\u002F\u002Fdevelopers.facebook.com\u002Fdocs\u002Fplugins\u002Fpage-plugin without any coding.\u003Cbr \u002F>\nFacebook is a trademark owned by Meta Platform Inc. Thivinfo.com has no link with this company or this Trademark.\u003C\u002Fp>\n","Simply display your Page Facebook Wall",60,3693,1,"2025-11-28T07:20:00.000Z","6.9.4","6.3","8.0",[20,54,23,55,56],"shortcode","timeline","wall","https:\u002F\u002Fthivinfo.com\u002Fen","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-wall.1.1.5.zip",100,{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":33,"downloaded":68,"rating":69,"num_ratings":70,"last_updated":71,"tested_up_to":72,"requires_at_least":73,"requires_php":74,"tags":75,"homepage":80,"download_link":81,"security_score":82,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"social-planner","Social Planner","1.4.0","Anton Lukin","https:\u002F\u002Fprofiles.wordpress.org\u002Fantonlukin\u002F","\u003Cp>Social Planner is a WordPress plugin for scheduling announcements of posts to your social networks accounts. The following providers are currently supported: Facebook, Twitter, VK.com, OK.ru, Telegram, but you can easily add a new one yourself.\u003Cbr \u002F>\nThe whole process is completely automated. Just write a new post and either entire post or it’s nicely formatted announcement with backlink will be published to all your configured social networks. Plugin works with profiles, business pages, community pages, groups, etc.\u003C\u002Fp>\n\u003Ch4>Configuration\u003C\u002Fh4>\n\u003Cp>You need to have account with either Facebook, Twitter, VK.com, OK.ru, Telegram or all of them.\u003Cbr \u002F>\nPlease see detailed \u003Ca href=\"https:\u002F\u002Fwpset.org\u002Fsocial-planner\u002F\" rel=\"nofollow ugc\">installation instructions\u003C\u002Fa> with screenshots.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Getting social networks Authentication tokens can be a little tricky. Please note that the plugin cannot affect this.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Delayed announcement scheduling.\u003C\u002Fli>\n\u003Cli>Detailed descriptions of sending errors.\u003C\u002Fli>\n\u003Cli>Displaying previews of links in social networks.\u003C\u002Fli>\n\u003Cli>Gutenberg support.\u003C\u002Fli>\n\u003Cli>Direct links to the published posts from the “Edit” page.\u003C\u002Fli>\n\u003Cli>Simple markdown for Telegram posts.\u003C\u002Fli>\n\u003Cli>Image posts for all supported networks.\u003C\u002Fli>\n\u003Cli>Chars counter in the excerpt text area.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Supported Networks\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Facebook\u003C\u002Fstrong> — Autopost to your business page or community page with ability to make \u003Cstrong>Image\u003C\u002Fstrong> posts.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Twitter\u003C\u002Fstrong> — Autopost to your account with ability to attach \u003Cstrong>Image\u003C\u002Fstrong> to tweets.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Telegram\u003C\u002Fstrong> — Autopost to the channel, group or chat using Telegram bot.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>VK.com\u003C\u002Fstrong> — Autopost to your profile or group page with ability to make \u003Cstrong>Image\u003C\u002Fstrong> posts.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>OK.ru\u003C\u002Fstrong> — Autopost to your groups with ability to make \u003Cstrong>Image\u003C\u002Fstrong> posts.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Linkedin.com\u003C\u002Fstrong> — Autopost to your profile or group with ability to attach image.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Get support\u003C\u002Fh3>\n\u003Cp>First of all read the \u003Ca href=\"https:\u002F\u002Fwpset.org\u002Fsocial-planner\u002F#faq\" rel=\"nofollow ugc\">Frequently asked Questions\u003C\u002Fa> on the plugin documentation page.\u003C\u002Fp>\n\u003Cp>If you find a bug or want to add new feature to this plugin, create new \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fantonlukin\u002Fsocial-planner\u002Fissues\" rel=\"nofollow ugc\">issue\u003C\u002Fa> on Github or send a \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fantonlukin\u002Fsocial-planner\u002Fpulls\" rel=\"nofollow ugc\">pull reguest\u003C\u002Fa>.\u003C\u002Fp>\n","Social Planner is a WordPress plugin for scheduling announcements of posts to your social networks accounts.",5436,86,4,"2024-07-28T09:19:00.000Z","6.5.8","5.3","5.6",[76,20,77,78,79],"auto-post","linkedin","social-networks","twitter","https:\u002F\u002Fgithub.com\u002Fantonlukin\u002Fsocial-planner","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsocial-planner.1.4.0.zip",92,{"slug":84,"name":85,"version":86,"author":87,"author_profile":88,"description":89,"short_description":90,"active_installs":33,"downloaded":91,"rating":59,"num_ratings":92,"last_updated":93,"tested_up_to":94,"requires_at_least":95,"requires_php":17,"tags":96,"homepage":100,"download_link":101,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"wpb-social-master","WPB Social Master","1.0","WPBean","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpbean\u002F","\u003Ch3>WPB Social Master by http:\u002F\u002Fwpbean.com\u003C\u002Fh3>\n\u003Cp>This plugin will add responsive soricl share & follow icons.\u003C\u002Fp>\n\u003Cp>See the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwpb-social-master\u002Fscreenshots\u002F\" rel=\"ugc\">screenshot section\u003C\u002Fa> for visuals on social sharing features.\u003C\u002Fp>\n\u003Cp>Plugin Features\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Flat Social Icons.\u003C\u002Fli>\n\u003Cli>Shortcode System\u003C\u002Fli>\n\u003Cli>Advance setting panel. \u003C\u002Fli>\n\u003Cli>Full responsive and all modern browser support. \u003C\u002Fli>\n\u003Cli>Very Lightweight.\u003Cbr \u002F>\n& many More\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For running the development process Please And Please \u003Ca href=\"https:\u002F\u002Fwww.paypal.com\u002Fcgi-bin\u002Fwebscr?cmd=_s-xclick&hosted_button_id=VWQBJMQX3LCNQ\" rel=\"nofollow ugc\">Donate\u003C\u002Fa>.\u003C\u002Fp>\n","This plugin will add responsive social share & follow icons. Very easy to use, just put a shortcode.",4653,3,"2015-03-11T06:04:00.000Z","3.9.40","3.3",[97,22,98,23,99],"facebook-social","social-media","social-share","http:\u002F\u002Fdemo.wpbean.com\u002Fwpb-social-master\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpb-social-master.zip",{"slug":103,"name":104,"version":105,"author":106,"author_profile":107,"description":108,"short_description":109,"active_installs":110,"downloaded":111,"rating":13,"num_ratings":13,"last_updated":112,"tested_up_to":50,"requires_at_least":113,"requires_php":17,"tags":114,"homepage":118,"download_link":119,"security_score":59,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"catch-social-share","Catch Social Share","2.0","Catch Plugins","https:\u002F\u002Fprofiles.wordpress.org\u002Fcatchplugins\u002F","\u003Cp>Catch Social Share is a simple yet handy WordPress plugin that allows you to add social sharing buttons to your website. It is available for absolutely free. With a well-designed interface, attractive social icons, and fully customizable buttons Catch Social Share sure is the ideal solution to share your content on different social media platforms. The plugin helps you display social share buttons from seven different popular networks either above or below your content. You can also add text before the Sharing buttons and select its position—right, left, top, or bottom of your share buttons. Not only that, the share button text for each social media platform is customizable. You can also choose where you want your social sharing buttons to be displayed. With the plugin activated, you will be provided with the shortcode option as well. Simply copy and paste the shortcode [catch-social-share] directly into any post or page and enjoy displaying the social share buttons. Its focus isn’t just on social sharing buttons, but it also focuses on making your content more user-friendly and keeping visitors engaged. Download Catch Social Share plugin right away and provide your visitors an easier gateway to share your content in various social media platforms.\u003C\u002Fp>\n","Catch Social Share - Catch Social Share is a simple yet feature-rich social sharing WordPress plugin that adds social share buttons on your site.",40,10150,"2026-02-16T16:21:00.000Z","5.9",[115,116,117,99],"facebook-social-share","social-media-share","social-network-share","http:\u002F\u002Fwww.catchplugins.com\u002Fplugins\u002Fcatch-social-share","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcatch-social-share.2.0.zip",{"slug":121,"name":122,"version":86,"author":123,"author_profile":124,"description":125,"short_description":126,"active_installs":11,"downloaded":127,"rating":59,"num_ratings":48,"last_updated":128,"tested_up_to":129,"requires_at_least":130,"requires_php":17,"tags":131,"homepage":137,"download_link":138,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"business-badges","Business Badges","qualisure","https:\u002F\u002Fprofiles.wordpress.org\u002Fqualisure\u002F","\u003Cp>English:\u003Cbr \u002F>\nBusiness Badges allows you to display fully customizable social badges on your website, like Google Business badge, Google Plus badge or facebook badge. It creates a widget.\u003Cbr \u002F>\nEngage people, be in more circles and get more followers.\u003Cbr \u002F>\nGoogle+, Google business, Google Maps\u003C\u002Fp>\n\u003Cp>Español:\u003Cbr \u002F>\nBusiness Badges permite insertar facilmente una insignia de google en su sitio web. Este plugin crea un widget para permitir la inserción en cualquier parte permitida por el tema.\u003Cbr \u002F>\nPara insertar una insignia de facebook son necesarias varias claves que se pueden obtener en la página de facebook.\u003Cbr \u002F>\nEste plugin ha sido revisado por el equipo de WordPress y el código es abierto y gratuito.\u003C\u002Fp>\n\u003Ch3>Configuring and Using the Plugin\u003C\u002Fh3>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>For questions, feature requests, and support concerning the Business Badges plugin, please refer to http:\u002F\u002Fqualisure.es\u002Fcontacto.\u003C\u002Fp>\n","Business Badges allows you to display customizable social badges on your website, like Google Business badge, facebook badge. Google+ badge Widget.",1738,"2015-11-03T12:31:00.000Z","4.2.39","3.9",[132,133,134,135,136],"facebook-like","follow-us-google-plus","google-business","google-plus","social-networks-badges","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbusiness-badges\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbusiness-badges.zip",{"attackSurface":140,"codeSignals":161,"taintFlows":176,"riskAssessment":231,"analyzedAt":247},{"hooks":141,"ajaxHandlers":157,"restRoutes":158,"shortcodes":159,"cronEvents":160,"entryPointCount":13,"unprotectedCount":13},[142,148,153],{"type":143,"name":144,"callback":145,"file":146,"line":147},"action","wp_enqueue_scripts","s22survey_stylesheet","s22survey.php",25,{"type":149,"name":150,"callback":151,"file":146,"line":152},"filter","favorite_actions","s22survey_add_menu_favorite",64,{"type":143,"name":154,"callback":155,"file":146,"line":156},"admin_menu","s22survey_add_admin_menu",68,[],[],[],[],{"dangerousFunctions":162,"sqlUsage":163,"outputEscaping":165,"fileOperations":92,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":175},[],{"prepared":13,"raw":13,"locations":164},[],{"escaped":13,"rawEcho":92,"locations":166},[167,171,173],{"file":168,"line":169,"context":170},"adminmenu.php",19,"raw output",{"file":168,"line":172,"context":170},22,{"file":168,"line":174,"context":170},29,[],[177,215],{"entryPoint":178,"graph":179,"unsanitizedCount":92,"severity":214},"s22survey_write_managemenu (adminmenu.php:4)",{"nodes":180,"edges":208},[181,185,190,194,196,199,203],{"id":182,"type":183,"label":184,"file":168,"line":172},"n0","source","$_GET['html']",{"id":186,"type":187,"label":188,"file":168,"line":172,"wp_function":189},"n1","sink","echo() [XSS]","echo",{"id":191,"type":183,"label":192,"file":168,"line":193},"n2","$_SERVER",14,{"id":195,"type":187,"label":188,"file":168,"line":174,"wp_function":189},"n3",{"id":197,"type":183,"label":198,"file":168,"line":172},"n4","$_GET['shlink']",{"id":200,"type":201,"label":202,"file":168,"line":172},"n5","transform","→ setNewWidget()",{"id":204,"type":187,"label":205,"file":168,"line":206,"wp_function":207},"n6","fopen() [File Access]",89,"fopen",[209,211,212,213],{"from":182,"to":186,"sanitized":210},false,{"from":191,"to":195,"sanitized":210},{"from":197,"to":200,"sanitized":210},{"from":200,"to":204,"sanitized":210},"medium",{"entryPoint":216,"graph":217,"unsanitizedCount":92,"severity":214},"\u003Cadminmenu> (adminmenu.php:0)",{"nodes":218,"edges":226},[219,220,221,222,223,224,225],{"id":182,"type":183,"label":184,"file":168,"line":172},{"id":186,"type":187,"label":188,"file":168,"line":172,"wp_function":189},{"id":191,"type":183,"label":192,"file":168,"line":193},{"id":195,"type":187,"label":188,"file":168,"line":174,"wp_function":189},{"id":197,"type":183,"label":198,"file":168,"line":172},{"id":200,"type":201,"label":202,"file":168,"line":172},{"id":204,"type":187,"label":205,"file":168,"line":206,"wp_function":207},[227,228,229,230],{"from":182,"to":186,"sanitized":210},{"from":191,"to":195,"sanitized":210},{"from":197,"to":200,"sanitized":210},{"from":200,"to":204,"sanitized":210},{"summary":232,"deductions":233},"The celebrity-polls plugin v1.1.0 beta presents a mixed security posture. On the positive side, the plugin demonstrates good practices regarding database interactions, with all SQL queries utilizing prepared statements. Furthermore, it reports zero known CVEs, indicating a historical lack of publicly disclosed vulnerabilities. This suggests a level of diligence in maintaining the codebase. However, significant concerns arise from the static analysis. The lack of any output escaping is a critical weakness, potentially exposing users to Cross-Site Scripting (XSS) vulnerabilities if any of the analyzed outputs are user-controlled. The presence of two flows with unsanitized paths, even without a critical severity rating, warrants attention as it suggests potential for path traversal or insecure file handling, especially considering the three file operations. The absence of nonce and capability checks, alongside an apparent zero attack surface for entry points, is unusual and could either mean the plugin is very basic or that the analysis tools missed potential interaction points.  The lack of these fundamental WordPress security checks, coupled with the unsanitized paths and unescaped output, creates a risk profile that cannot be ignored despite the absence of known CVEs.",[234,237,240,243,245],{"reason":235,"points":236},"0% output escaping found",8,{"reason":238,"points":239},"2 flows with unsanitized paths",6,{"reason":241,"points":242},"0 nonce checks",5,{"reason":244,"points":242},"0 capability checks",{"reason":246,"points":70},"3 file operations with no explicit security checks evident","2026-03-17T01:02:40.951Z",{"wat":249,"direct":255},{"assetPaths":250,"generatorPatterns":252,"scriptPaths":253,"versionParams":254},[251],"\u002Fwp-content\u002Fplugins\u002Fcelebrity-polls\u002Fs22survey.css",[],[],[],{"cssClasses":256,"htmlComments":257,"htmlAttributes":258,"restEndpoints":259,"jsGlobals":260,"shortcodeOutput":261},[],[],[],[],[],[]]