[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fTFWdjKuN7mkZx1SsVFfAWTs_TSWKddeaP1l7rGrf63c":3,"$fUTxNSO3lA7o1p_GfudFUwwn-730qmtAWEZDhOFF6pZA":182,"$fP8Zk69eUEUSz30RF5jzNl9agGsHnsLnpLU_LDm32xaw":187},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"discovery_status":31,"vulnerabilities":32,"developer":33,"crawl_stats":29,"alternatives":40,"analysis":41,"fingerprints":145},"easy-social-signal-counter","Easy Social Signal Counter","0.1","Jayasri Nagrale","https:\u002F\u002Fprofiles.wordpress.org\u002Fjayasrinagrale\u002F","\u003Cp>Easy Social Signal Counter is a light-weight plugin that measures the social activity on each of your blog posts and shows it to you in a easily understandable, tabular format.\u003Cbr \u002F>\nIf you are serious about taking your blog to the next level and increasing engagement on your blog – you need a tool to measure your social media efforts and know which posts to focus on.\u003Cbr \u002F>\nThis is a plugin that helps you measure and track the social engagement on your posts.\u003C\u002Fp>\n\u003Cp>This plugin doesn’t require any external javascript files – what that means for you is that this plugin will not make your site slow down or clog your webpages with heavy files.\u003Cbr \u002F>\nEasy Social Signal Counter will run only when you open it and show you all your social stats – in one neat table.\u003C\u002Fp>\n\u003Cp>If you have suggestions for a new add-on, feel free to email me at jine.feather@gmail.com\u003Cbr \u002F>\nWant regular updates? Please signup here – http:\u002F\u002Feepurl.com\u002Fbahjyr – Thanks!\u003C\u002Fp>\n\u003Cp>Now mesaure, track and plan to increase the social activity on your blog – this plugin will show you the results.\u003C\u002Fp>\n","Easy Social Signal Counter is a light-weight plugin that measures & displays the social activity on each of your blog posts in a tabular format.",10,2032,100,2,"2015-01-01T06:45:00.000Z","3.4.2","3.0.1","",[20,21,22,23,24],"facebook-counter","pinterest-counter","social-activity-counter","social-media-measurement","twitter-counter","http:\u002F\u002Fwww.jinedesign.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feasy-social-signal-counter.zip",85,0,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":34,"display_name":7,"profile_url":8,"plugin_count":35,"total_installs":36,"avg_security_score":37,"avg_patch_time_days":38,"trust_score":27,"computed_at":39},"jayasrinagrale",3,810,87,30,"2026-05-19T19:30:36.713Z",[],{"attackSurface":42,"codeSignals":54,"taintFlows":89,"riskAssessment":127,"analyzedAt":144},{"hooks":43,"ajaxHandlers":50,"restRoutes":51,"shortcodes":52,"cronEvents":53,"entryPointCount":28,"unprotectedCount":28},[44],{"type":45,"name":46,"callback":47,"file":48,"line":49},"action","admin_menu","easySocialSignalCounter_add_to_menu","easy-social-signal-counter.php",13,[],[],[],[],{"dangerousFunctions":55,"sqlUsage":56,"outputEscaping":58,"fileOperations":87,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":88},[],{"prepared":28,"raw":28,"locations":57},[],{"escaped":14,"rawEcho":49,"locations":59},[60,63,65,67,69,71,73,75,77,79,81,83,85],{"file":48,"line":61,"context":62},27,"raw output",{"file":48,"line":64,"context":62},61,{"file":48,"line":66,"context":62},114,{"file":48,"line":68,"context":62},124,{"file":48,"line":70,"context":62},126,{"file":48,"line":72,"context":62},128,{"file":48,"line":74,"context":62},167,{"file":48,"line":76,"context":62},168,{"file":48,"line":78,"context":62},169,{"file":48,"line":80,"context":62},171,{"file":48,"line":82,"context":62},172,{"file":48,"line":84,"context":62},174,{"file":48,"line":86,"context":62},197,4,[],[90,115],{"entryPoint":91,"graph":92,"unsanitizedCount":35,"severity":114},"easySocialSignalCounter (easy-social-signal-counter.php:77)",{"nodes":93,"edges":110},[94,99,104,108],{"id":95,"type":96,"label":97,"file":48,"line":98},"n0","source","$_SERVER",89,{"id":100,"type":101,"label":102,"file":48,"line":68,"wp_function":103},"n1","sink","echo() [XSS]","echo",{"id":105,"type":96,"label":106,"file":48,"line":107},"n2","$_GET (x2)",88,{"id":109,"type":101,"label":102,"file":48,"line":70,"wp_function":103},"n3",[111,113],{"from":95,"to":100,"sanitized":112},false,{"from":105,"to":109,"sanitized":112},"medium",{"entryPoint":116,"graph":117,"unsanitizedCount":35,"severity":126},"\u003Ceasy-social-signal-counter> (easy-social-signal-counter.php:0)",{"nodes":118,"edges":123},[119,120,121,122],{"id":95,"type":96,"label":97,"file":48,"line":98},{"id":100,"type":101,"label":102,"file":48,"line":68,"wp_function":103},{"id":105,"type":96,"label":106,"file":48,"line":107},{"id":109,"type":101,"label":102,"file":48,"line":70,"wp_function":103},[124,125],{"from":95,"to":100,"sanitized":112},{"from":105,"to":109,"sanitized":112},"low",{"summary":128,"deductions":129},"The \"easy-social-signal-counter\" plugin v0.1 exhibits a concerning security posture primarily due to a significant lack of robust security controls. While the static analysis reports a seemingly low attack surface with zero identified AJAX handlers, REST API routes, shortcodes, or cron events, this can be misleading.  The critical finding is the complete absence of nonce and capability checks across any potential entry points, coupled with a very low rate of output escaping (only 13% properly escaped). This indicates that even if entry points are not immediately obvious, any mechanism that does exist is likely vulnerable to cross-site scripting (XSS) attacks and potential privilege escalation if malicious data can be injected and rendered without proper sanitization.  The taint analysis also found two flows with unsanitized paths, which, while not classified as critical or high severity in this version, represent a direct indicator of potential code injection vulnerabilities that could be exploited in future versions or with slightly different attack vectors.\n\nThe vulnerability history is completely clean, with no recorded CVEs. This could suggest either a history of good security practices or, more likely given the current code analysis findings, that the plugin is either very new, not widely used, or has simply not yet been targeted or thoroughly audited. The lack of any historical vulnerabilities, combined with the current code's weaknesses, should not be interpreted as a sign of security. It more strongly suggests that the plugin's security mechanisms are underdeveloped and ripe for exploitation.  Therefore, despite the clean CVE history, the plugin should be considered high risk due to the fundamental security controls that are missing and the identified taint flows.",[130,133,135,138,141],{"reason":131,"points":132},"Missing nonce checks on potential entry points",15,{"reason":134,"points":132},"Missing capability checks on potential entry points",{"reason":136,"points":137},"Low output escaping rate (13%)",8,{"reason":139,"points":140},"Taint flows with unsanitized paths",7,{"reason":142,"points":143},"File operations present without clear context\u002Fchecks",5,"2026-04-16T12:40:07.306Z",{"wat":146,"direct":151},{"assetPaths":147,"generatorPatterns":148,"scriptPaths":149,"versionParams":150},[],[],[],[],{"cssClasses":152,"htmlComments":155,"htmlAttributes":163,"restEndpoints":178,"jsGlobals":179,"shortcodeOutput":181},[153,154],"wrap","widefat",[156,157,158,159,160,161,162],"\u003C!-- pagination -->","\u003C!-- displaying the data start -->","\u003C!-- the loop -->","\u003C!-- end of the loop -->","\u003C!-- displaying the data end -->","\u003C!-- Begin MailChimp Signup Form -->","\u003C!--End mc_embed_signup-->",[164,165,166,167,168,169,170,171,172,173,174,175,176,164,177],"target=\"_blank\"","name=\"EMAIL\"","id=\"mce-EMAIL\"","placeholder=\"email address\"","required","name=\"subscribe\"","id=\"mc-embedded-subscribe\"","class=\"button\"","action=\"http:\u002F\u002Fwww.jinedesign.us9.list-manage.com\u002Fsubscribe\u002Fpost?u=1baba192588e5fd5b2767055c&id=d8f85aac2e\"","method=\"post\"","id=\"mc-embedded-subscribe-form\"","name=\"mc-embedded-subscribe-form\"","class=\"validate\"","novalidate",[],[180],"window.__SSR",[],{"error":183,"url":184,"statusCode":185,"statusMessage":186,"message":186},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Feasy-social-signal-counter\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":28,"versions":188},[]]