[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fuW6GbyVmUDuRwDPB4_0cg6OB65w4lEMXgdUP6fole_k":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":13,"vuln_count":27,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":167,"crawl_stats":37,"alternatives":172,"analysis":270,"fingerprints":1494},"feed-them-social","Feed Them Social – Social Media Feeds, Video, and Photo Galleries","4.4.1","slickremix","https:\u002F\u002Fprofiles.wordpress.org\u002Fslickremix\u002F","\u003Cp>Easily Create and Display Customizable Social Feeds from Instagram, Facebook, TikTok, or YouTube. Responsive on Desktops, Tablets, and Mobile Devices.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Quick\u003C\u002Fstrong> Install and Set up.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Create\u003C\u002Fstrong> as many social feeds as you want.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Display\u003C\u002Fstrong> social feeds on any post, page, or sidebar.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Responsive\u003C\u002Fstrong> Design for Social Feeds on all devices.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Saved\u003C\u002Fstrong> Feed options for easy editing.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>View\u003C\u002Fstrong> your Feed while editing the options.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Simple\u003C\u002Fstrong> Access Token fetching.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customize\u003C\u002Fstrong> Font colors.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Convert\u003C\u002Fstrong> old shortcodes to saved feed options.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Share\u003C\u002Fstrong> buttons for Instagram, Facebook, TikTok, and YouTube Feeds.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Add\u003C\u002Fstrong> Like and\u002For Follow Buttons above or below any feeds.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Works\u003C\u002Fstrong> with Gutenberg Blocks or Classic Editor.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Benefits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Easy-to-use\u003C\u002Fstrong> features.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Increases User Social engagement\u003C\u002Fstrong> on your website.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Keeps users\u003C\u002Fstrong> on your website longer.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Grow\u003C\u002Fstrong> your social media audience.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Save Time\u003C\u002Fstrong> with automatic feed updates when you post on social media.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Seamless\u003C\u002Fstrong> Feed Editing.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Super\u003C\u002Fstrong> customizable.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Compatible\u003C\u002Fstrong> with any theme.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Optimized\u003C\u002Fstrong> for performance.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Secured\u003C\u002Fstrong> feed caching.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Fast & Amazing\u003C\u002Fstrong> Plugin Support!\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Best Social Media Feed Plugin\u003C\u002Fstrong> for WordPress.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Reviews about our Plugin and Support\u003C\u002Fh3>\n\u003Cp>⭐⭐⭐⭐⭐\u003Cbr \u002F>\n\u003Cem>“Have been using it daily for more than 2 years and never failed us once. It is an amazing plugin, very simple to set up and use. Great work guys and keep up the good work!”\u003C\u002Fem> ~ \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fsaves-time-money-its-the-best-social-plugin-out-there?replies=1#post-\" rel=\"ugc\">stonerecords\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>⭐⭐⭐⭐⭐\u003Cbr \u002F>\n\u003Cem>“This is a very versatile plugin that offers a ton of customization and use options. And if you need help, their support is the best I’ve ever experienced with a WordPress plugin developer. Thanks, guys, keep it up!”\u003C\u002Fem> ~ \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fgreat-plugin-great-support-389?replies=2#post-\" rel=\"ugc\">exonfluxx\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>⭐⭐⭐⭐⭐\u003Cbr \u002F>\n\u003Cem>“Hammering out issues with most plugin teams usually takes at least 24 hours. For more complicated support issues, it can take a handful of days to fix a problem. The time between messages with the Feed Them Social support team was around 15 minutes instead of 15 hours. Fantastic.”\u003C\u002Fem> ~ \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Ffreaky-fast-support?replies=2#post-\" rel=\"ugc\">tunare\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Feed Demos\u003C\u002Fh3>\n\u003Cp>All Demos can be found on \u003Ca href=\"https:\u002F\u002Ffeedthemsocial.com\u002F\" rel=\"nofollow ugc\">FeedThemSocial.com\u003C\u002Fa>\u003Cbr \u002F>\n ✭ \u003Ca href=\"https:\u002F\u002Ffeedthemsocial.com\u002Finstagram-feed-demo\u002F\" rel=\"nofollow ugc\">Instagram Feed Demo\u003C\u002Fa>\u003Cbr \u002F>\n ✭ \u003Ca href=\"https:\u002F\u002Ffeedthemsocial.com\u002Ftiktok-feed-demo\u002F\" rel=\"nofollow ugc\">TikTok Feed Demo\u003C\u002Fa>\u003Cbr \u002F>\n ✭ \u003Ca href=\"https:\u002F\u002Ffeedthemsocial.com\u002F\" rel=\"nofollow ugc\">Facebook Page Feed Demo\u003C\u002Fa>\u003Cbr \u002F>\n ✭ \u003Ca href=\"https:\u002F\u002Ffeedthemsocial.com\u002Ffacebook-album-photos-demo\u002F\" rel=\"nofollow ugc\">Facebook Album Photos Feed Demo\u003C\u002Fa>\u003Cbr \u002F>\n ✭ \u003Ca href=\"https:\u002F\u002Ffeedthemsocial.com\u002Ffacebook-album-covers\u002F\" rel=\"nofollow ugc\">Facebook Album Covers Feed Demo\u003C\u002Fa>\u003Cbr \u002F>\n ✭ \u003Ca href=\"https:\u002F\u002Ffeedthemsocial.com\u002Fyoutube-feed-demo\u002F\" rel=\"nofollow ugc\">YouTube Feed Demo\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Premium Extension Demos\u003C\u002Fh4>\n\u003Cp>✭ \u003Ca href=\"https:\u002F\u002Ffeedthemsocial.com\u002Finstagram-hashtag-feed-demo\u002F\" rel=\"nofollow ugc\">Instagram Hashtag Demo\u003C\u002Fa>\u003Cbr \u002F>\n ✭ \u003Ca href=\"https:\u002F\u002Ffeedthemsocial.com\u002Ffacebook-page-grid-demo\u002F\" rel=\"nofollow ugc\">Facebook Page Grid Feed Demo\u003C\u002Fa>\u003Cbr \u002F>\n ✭ \u003Ca href=\"https:\u002F\u002Ffeedthemsocial.com\u002Ffacebook-videos-demo\u002F\" rel=\"nofollow ugc\">Facebook Video Feed Demo\u003C\u002Fa>\u003Cbr \u002F>\n ✭ \u003Ca href=\"https:\u002F\u002Ffeedthemsocial.com\u002Fyoutube-gallery-format-2\u002F\" rel=\"nofollow ugc\">YouTube Popup Video Feed Demo\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Instagram Slider Extension\u003C\u002Fh4>\n\u003Cp>✭ \u003Ca href=\"https:\u002F\u002Ffeedthemsocial.com\u002Finstagram-slider-feed-demo\u002F\" rel=\"nofollow ugc\">See Demo\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>TikTok Extension\u003C\u002Fh4>\n\u003Cp>✭ \u003Ca href=\"https:\u002F\u002Ffeedthemsocial.com\u002Ftiktok-feed-demo\u002F\" rel=\"nofollow ugc\">See Demo\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Combined Streams Extension\u003C\u002Fh4>\n\u003Cp>✭ \u003Ca href=\"https:\u002F\u002Ffeedthemsocial.com\u002Ffeed-them-social-combined-streams\u002F\" rel=\"nofollow ugc\">See Demo\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Facebook Photos, Albums & Video Carousel Extension\u003C\u002Fh4>\n\u003Cp>✭ \u003Ca href=\"https:\u002F\u002Ffeedthemsocial.com\u002Ffacebook-carousels-or-sliders\u002F\" rel=\"nofollow ugc\">See Demo\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Facebook Reviews Extension\u003C\u002Fh4>\n\u003Cp>✭ \u003Ca href=\"https:\u002F\u002Ffeedthemsocial.com\u002Ffacebook-page-reviews-demo\u002F\" rel=\"nofollow ugc\">See Demo\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>All Access Pass\u003C\u002Fh4>\n\u003Cp>✭ \u003Ca href=\"https:\u002F\u002Fwww.slickremix.com\u002Fdownloads\u002Fall-access-pass\u002F\" rel=\"nofollow ugc\">NEW! See Details\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Documentation & Support\u003C\u002Fh3>\n\u003Cp>Get started or learn more about the plugin and its extensions’ features using the \u003Ca href=\"https:\u002F\u002Fwww.slickremix.com\u002Fdocumentation\u002F\" rel=\"nofollow ugc\">Feed Them Social Documentation\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>All SlickRemix plugins come with FREE Basic Support! If you need help or have questions we’re here to help, just post on our \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Ffeed-them-social#new-topic-0\" rel=\"ugc\">Support Forum\u003C\u002Fa> and we’ll respond to you as quickly as we can! (usually within 48hrs)\u003C\u002Fp>\n\u003Cp>If you enjoy using our plugin please tell others. \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fsharer.php?u=https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ffeed-them-social\u002F&t=FeedThemSocial\" rel=\"nofollow ugc\">Click here to share\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Feed Them Social was Developed By SlickRemix –> \u003Ca href=\"https:\u002F\u002Fwww.slickremix.com\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.slickremix.com\u002F\u003C\u002Fa>\u003C\u002Fp>\n","Custom social media feeds for Instagram, Facebook, TikTok, & YouTube. Works with Elementor, Beaver Builder, and Gutenberg blocks.",20000,4336072,94,636,"2026-01-31T01:27:00.000Z","6.9.4","5.4","7.0",[20,21,22,23,24],"facebook","instagram","social","tiktok","youtube","https:\u002F\u002Ffeedthemsocial.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffeed-them-social.4.4.1.zip",12,0,"2024-01-31 00:00:00","2026-03-15T15:16:48.613Z",[32,48,63,76,90,100,108,123,130,137,148,160],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":39,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":29,"updated_date":44,"references":45,"days_to_patch":47},"CVE-2024-24710","feed-them-social-cross-site-request-forgery-via-reviewnagcheck","Feed Them Social \u003C= 4.2.0 - Cross-Site Request Forgery via review_nag_check","The Feed Them Social – Page, Post, Video, and Photo Galleries plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2.0. This is due to missing or incorrect nonce validation on the 'review_nag_check' function. This makes it possible for unauthenticated attackers to dismiss admin notifications via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.",null,"\u003C=4.2.0","4.2.1","low",3.5,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:R\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Cross-Site Request Forgery (CSRF)","2024-02-02 20:39:41",[46],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fe86152a6-cd8d-4466-bcc5-830413500e12?source=api-prod",3,{"id":49,"url_slug":50,"title":51,"description":52,"plugin_slug":4,"theme_slug":37,"affected_versions":53,"patched_in_version":54,"severity":55,"cvss_score":56,"cvss_vector":57,"vuln_type":43,"published_date":58,"updated_date":59,"references":60,"days_to_patch":62},"WF-057ab824-8071-4c3c-9a57-f9a0043a9ad5-feed-them-social","feed-them-social-cross-site-request-forgery","Feed Them Social \u003C= 4.0.7 - Cross-Site Request Forgery","The Feed Them Social plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.0.7. This is due to missing or incorrect nonce validation on the save_meta_box function. This makes it possible for unauthenticated attackers to invoke this function via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.","\u003C=4.0.7","4.0.8","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:N\u002FI:L\u002FA:N","2023-03-29 00:00:00","2024-01-22 19:56:02",[61],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F057ab824-8071-4c3c-9a57-f9a0043a9ad5?source=api-prod",300,{"id":64,"url_slug":65,"title":66,"description":67,"plugin_slug":4,"theme_slug":37,"affected_versions":68,"patched_in_version":69,"severity":55,"cvss_score":70,"cvss_vector":71,"vuln_type":43,"published_date":72,"updated_date":59,"references":73,"days_to_patch":75},"CVE-2023-25056","feed-them-social-cross-site-request-forgery-2","Feed Them Social \u003C= 3.0.2 - Cross-Site Request Forgery","The Feed Them Social plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.0.2. This is due to missing or incorrect nonce validation on the following functions: fts_maybe_set_transient, fts_check_nag_get, feed_them_settings, social_follow_button, fts_facebook_page_form, fts_twitter_form, fts_instagram_form, fts_youtube_form, and fts_pinterest_form. This makes it possible for unauthenticated attackers to invoke those functions via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.","\u003C=3.0.2","4.0.0",5.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:N\u002FI:L\u002FA:L","2023-02-21 00:00:00",[74],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F736d08ca-3f65-4232-96a9-303bafbf3471?source=api-prod",336,{"id":77,"url_slug":78,"title":79,"description":80,"plugin_slug":4,"theme_slug":37,"affected_versions":81,"patched_in_version":82,"severity":55,"cvss_score":83,"cvss_vector":84,"vuln_type":85,"published_date":86,"updated_date":59,"references":87,"days_to_patch":89},"CVE-2022-2940","feed-them-social-for-twitter-feed-youtube-and-more-subscriber-stored-cross-site-scripting","Feed Them Social – for Twitter feed, Youtube and more \u003C= 2.9.9 - Subscriber+ Stored Cross-Site Scripting","The Feed Them Social plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘access_token’ parameter in the function fts_instagram_token_ajax in versions up to, and including, 2.9.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, subscriber and above, to inject arbitrary web scripts stored in the plugin options.","\u003C=2.9.9","3.0.1",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2022-11-14 00:00:00",[88],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F1d07eefc-f406-4da4-addb-559caa6dc208?source=api-prod",435,{"id":91,"url_slug":92,"title":93,"description":94,"plugin_slug":4,"theme_slug":37,"affected_versions":81,"patched_in_version":82,"severity":95,"cvss_score":96,"cvss_vector":97,"vuln_type":43,"published_date":86,"updated_date":59,"references":98,"days_to_patch":89},"CVE-2022-2942","feed-them-social-for-twitter-feed-youtube-and-more-cross-site-request-forgery-to-settings-update","Feed Them Social – for Twitter feed, Youtube and more \u003C= 2.9.9 - Cross-Site Request Forgery to Settings update","The Feed Them Social plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.9.9. This is due to missing or incorrect nonce validation on various functions such as fts_instagram_token_ajax(). This makes it possible for unauthenticated attackers to trigger settings updates via forged request granted they can trick a site administrator into performing an action such as clicking on a link.","high",8.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:H\u002FI:H\u002FA:H",[99],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F97460a9c-e996-4170-afa3-47db9097f3f4?source=api-prod",{"id":101,"url_slug":102,"title":79,"description":103,"plugin_slug":4,"theme_slug":37,"affected_versions":81,"patched_in_version":82,"severity":55,"cvss_score":83,"cvss_vector":84,"vuln_type":85,"published_date":104,"updated_date":59,"references":105,"days_to_patch":107},"CVE-2022-2532","feed-them-social-for-twitter-feed-youtube-and-more-subscriber-stored-cross-site-scripting-2","The Feed Them Social plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘access_token’  parameter in the function fts_encrypt_token_ajax in versions up to, and including, 2.9.8.6  due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, subscriber and above, to inject arbitrary web scripts stored in the plugin options.","2022-07-26 00:00:00",[106],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F2cf5879f-82ae-41de-b220-aaec45c96c87?source=api-prod",546,{"id":109,"url_slug":110,"title":111,"description":112,"plugin_slug":4,"theme_slug":37,"affected_versions":113,"patched_in_version":114,"severity":115,"cvss_score":116,"cvss_vector":117,"vuln_type":118,"published_date":119,"updated_date":59,"references":120,"days_to_patch":122},"CVE-2022-2437","feed-them-social-for-twitter-feed-youtube-and-more-unauthenticated-phar-deserialization","Feed Them Social – for Twitter feed, Youtube and more \u003C= 2.9.8.5 - Unauthenticated PHAR Deserialization","The Feed Them Social – for Twitter feed, Youtube and more plugin for WordPress is vulnerable to deserialization of untrusted input via the 'fts_url' parameter in versions up to, and including 2.9.8.5. This makes it possible for unauthenticated attackers to call files using a PHAR wrapper that will deserialize the data and call arbitrary PHP Objects that can be used to perform a variety of malicious actions granted a POP chain is also present. It also requires that the attacker is successful in uploading a file with the serialized payload.","\u003C=2.9.8.5","2.9.8.6","critical",9.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Deserialization of Untrusted Data","2022-07-12 00:00:00",[121],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F50bcea94-b12a-4b31-b0c1-bba834ea9bd0?source=api-prod",560,{"id":124,"url_slug":125,"title":126,"description":127,"plugin_slug":4,"theme_slug":37,"affected_versions":113,"patched_in_version":114,"severity":115,"cvss_score":116,"cvss_vector":117,"vuln_type":43,"published_date":119,"updated_date":59,"references":128,"days_to_patch":122},"WF-8599cb81-4f51-40b5-a0aa-5d27f2ae085d-feed-them-social","feed-them-social-for-twitter-feed-youtube-and-more-cross-site-request-forgery-to-plugin-settings-update","Feed Them Social – for Twitter feed, Youtube and more \u003C= 2.9.8.5 - Cross-Site Request Forgery to Plugin Settings Update","The Feed Them Social plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.9.8.5. This is due to missing or incorrect nonce validation on the fts_refresh_token_ajax function. This makes it possible for unauthenticated attackers to update plugin settings.",[129],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F8599cb81-4f51-40b5-a0aa-5d27f2ae085d?source=api-prod",{"id":131,"url_slug":132,"title":133,"description":134,"plugin_slug":4,"theme_slug":37,"affected_versions":81,"patched_in_version":82,"severity":55,"cvss_score":83,"cvss_vector":84,"vuln_type":85,"published_date":119,"updated_date":59,"references":135,"days_to_patch":122},"CVE-2022-2383","feed-them-social-for-twitter-feed-youtube-and-more-reflected-cross-site-scripting","Feed Them Social – for Twitter feed, Youtube and more \u003C= 2.9.9 - Reflected Cross-Site Scripting","The Feed Them Social plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘expires_in’ parameter in versions up to, and including, 2.9.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",[136],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Faa9c2a67-e254-4dde-9f58-81281e98cdb2?source=api-prod",{"id":138,"url_slug":139,"title":140,"description":141,"plugin_slug":4,"theme_slug":37,"affected_versions":142,"patched_in_version":143,"severity":55,"cvss_score":56,"cvss_vector":57,"vuln_type":43,"published_date":144,"updated_date":59,"references":145,"days_to_patch":147},"CVE-2020-36739","feed-them-social-page-post-video-and-photo-galleries-cross-site-request-forgery-bypass","Feed Them Social – Page, Post, Video, and Photo Galleries \u003C= 2.8.6 - Cross-Site Request Forgery Bypass","The Feed Them Social – Page, Post, Video, and Photo Galleries plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.8.6. This is due to missing or incorrect nonce validation on the my_fts_fb_load_more() function. This makes it possible for unauthenticated attackers to load feeds via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.","\u003C2.8.7","2.8.7","2020-09-16 00:00:00",[146],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F1fcbe3d1-449c-4135-bbf5-9ea9236e5328?source=api-prod",1224,{"id":149,"url_slug":150,"title":151,"description":152,"plugin_slug":4,"theme_slug":37,"affected_versions":153,"patched_in_version":154,"severity":115,"cvss_score":116,"cvss_vector":117,"vuln_type":155,"published_date":156,"updated_date":59,"references":157,"days_to_patch":159},"CVE-2015-9351","feed-them-social-arbitrary-shortcode-execution","Feed Them Social \u003C= 1.6.9 - Arbitrary Shortcode Execution","The feed-them-social plugin before 1.7.0 for WordPress has possible shortcode execution in the Facebook Feeds load more button.","\u003C=1.6.9","1.7.0","Improper Control of Generation of Code ('Code Injection')","2015-02-02 00:00:00",[158],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F67c7e67e-3e68-4f49-9d81-fa0ed451376e?source=api-prod",3277,{"id":161,"url_slug":162,"title":163,"description":164,"plugin_slug":4,"theme_slug":37,"affected_versions":153,"patched_in_version":154,"severity":55,"cvss_score":83,"cvss_vector":84,"vuln_type":85,"published_date":156,"updated_date":59,"references":165,"days_to_patch":159},"CVE-2015-9350","feed-them-social-reflected-cross-site-scripting","Feed Them Social \u003C= 1.6.9 - Reflected Cross-Site Scripting","The feed-them-social plugin before 1.7.0 for WordPress has reflected XSS in the Facebook Feeds load more button.",[166],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fb5d69895-2fe6-40cf-8d4d-aa274067495a?source=api-prod",{"slug":7,"display_name":7,"profile_url":8,"plugin_count":168,"total_installs":11,"avg_security_score":13,"avg_patch_time_days":169,"trust_score":170,"computed_at":171},1,959,75,"2026-04-04T07:07:36.107Z",[173,190,212,231,245],{"slug":174,"name":175,"version":176,"author":177,"author_profile":178,"description":179,"short_description":180,"active_installs":28,"downloaded":181,"rating":28,"num_ratings":28,"last_updated":182,"tested_up_to":16,"requires_at_least":183,"requires_php":184,"tags":185,"homepage":187,"download_link":188,"security_score":189,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"yoapy-social-poster","YoApy Social Poster","1.7.10","YoApy","https:\u002F\u002Fprofiles.wordpress.org\u002Fyoapy\u002F","\u003Cp>Schedule and publish posts to Facebook, Instagram, YouTube, and TikTok directly from your WordPress dashboard.\u003C\u002Fp>\n\u003Cp>Features:\u003Cbr \u002F>\n* Schedule posts to multiple social networks\u003Cbr \u002F>\n* Support for image posts, video posts, stories, and YouTube Live schedules\u003Cbr \u002F>\n* Easy-to-use interface integrated with WordPress\u003Cbr \u002F>\n* Automatic caption generation from post content\u003Cbr \u002F>\n* Support for all major social networks: Facebook, Instagram, YouTube, and TikTok\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin relies on the YoApy API to function.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Service:\u003C\u002Fstrong> YoApy API\u003C\u002Fli>\n\u003Cli>\u003Cstrong>URL:\u003C\u002Fstrong> https:\u002F\u002Fapi.yoapy.com\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Purpose:\u003C\u002Fstrong> To authenticate your social media accounts and publish posts on your behalf.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data Sent:\u003C\u002Fstrong> When you connect an account, we send the authorization code to obtain an access token. When you publish a post, we send the post content (text, media URLs) and the target social account IDs.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Terms of Service:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fyoapy.com\u002Fterms\" rel=\"nofollow ugc\">YoApy Terms\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy Policy:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fyoapy.com\u002Fprivacy\" rel=\"nofollow ugc\">YoApy Privacy Policy\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Schedule and publish posts to Facebook, Instagram, YouTube, and TikTok directly from your WordPress dashboard.",1002,"2026-03-04T01:58:00.000Z","5.0","7.4",[20,21,186,23,24],"social-media","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fyoapy-social-poster.1.7.10.zip",100,{"slug":191,"name":192,"version":193,"author":194,"author_profile":195,"description":196,"short_description":197,"active_installs":11,"downloaded":198,"rating":199,"num_ratings":200,"last_updated":201,"tested_up_to":16,"requires_at_least":187,"requires_php":184,"tags":202,"homepage":208,"download_link":209,"security_score":13,"vuln_count":210,"unpatched_count":28,"last_vuln_date":211,"fetched_at":30},"instagram-slider-widget","Social Slider Feed","2.3.3","Themeisle","https:\u002F\u002Fprofiles.wordpress.org\u002Fthemeisle\u002F","\u003Cp>Social Slider Feed lets you easily display Instagram, Facebook, and YouTube feeds anywhere on your WordPress site. Create responsive sliders, grids, masonry layouts and more using widgets or shortcodes, with full control over layout, spacing, image sizes, and ordering.\u003C\u002Fp>\n\u003Cp>Designed for fast setup and maximum flexibility, Social Slider Feed helps you keep your website engaging by automatically showcasing your latest social content.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Display Instagram, Facebook, and YouTube feeds anywhere using widgets or shortcodes\u003C\u002Fli>\n\u003Cli>Support for multiple accounts and multiple feeds at the same time\u003C\u002Fli>\n\u003Cli>Multiple layout options: slider, grid, masonry, thumbnails, and more\u003C\u002Fli>\n\u003Cli>Fully responsive with separate layout settings for desktop and mobile\u003C\u002Fli>\n\u003Cli>Show images and videos in a built-in lightbox without leaving your site\u003C\u002Fli>\n\u003Cli>Display post captions\u003C\u002Fli>\n\u003Cli>Sort posts by date, popularity, or randomly\u003C\u002Fli>\n\u003Cli>Show or hide account name and social icons\u003C\u002Fli>\n\u003Cli>Fast setup with intuitive settings and one-click account authorization\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>How It Works\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Connect your Instagram, Facebook, or YouTube account from the plugin settings\u003C\u002Fli>\n\u003Cli>Create a feed and customize its layout and display options\u003C\u002Fli>\n\u003Cli>Add it to your site using a widget or shortcode\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>We’re here to help. Feel free to open a new thread on the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Finstagram-slider-widget\u002F\" rel=\"ugc\">Support Forum\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Useful Resources\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>If you like this plugin, you’re sure to love \u003Ca href=\"https:\u002F\u002Fthemeisle.com\u002Fwordpress-plugins\u002F\" rel=\"nofollow ugc\">our other plugins\u003C\u002Fa> as well.\u003C\u002Fli>\n\u003Cli>Our blog is a great place to \u003Ca href=\"https:\u002F\u002Fthemeisle.com\u002Fblog\u002F\" rel=\"nofollow ugc\">learn more about WordPress\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Get the most out of your website with our helpful \u003Ca href=\"https:\u002F\u002Fyoutube.com\u002Fplaylist?list=PLmRasCVwuvpSep2MOsIoE0ncO9JE3FcKP\" rel=\"nofollow ugc\">WordPress YouTube Tutorials\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n","Display Instagram, Facebook and YouTube feeds in widgets, posts, pages, or anywhere else on your website.",2718250,78,125,"2026-03-05T12:45:00.000Z",[203,204,205,206,207],"facebook-feed","instagram-feed","instagram-gallery","social-feed","youtube-feed","https:\u002F\u002Fcm-wp.com\u002Finstagram-slider-widget","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Finstagram-slider-widget.2.3.3.zip",10,"2025-03-03 00:00:00",{"slug":213,"name":214,"version":215,"author":216,"author_profile":217,"description":218,"short_description":219,"active_installs":220,"downloaded":221,"rating":222,"num_ratings":223,"last_updated":224,"tested_up_to":225,"requires_at_least":226,"requires_php":184,"tags":227,"homepage":229,"download_link":230,"security_score":189,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"powr-social-feed","Social Media Feed for WordPress","2.1.0","POWR","https:\u002F\u002Fprofiles.wordpress.org\u002Fpowr\u002F","\u003Cp>\u003Cstrong>Boost social engagement and grow your brand on Instagram, Facebook, TikTok and YouTube with Social Media Feed by POWR\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Easily display your social media content on your website to increase time on site, enhance brand recognition, and grow your following.\u003C\u002Fp>\n\u003Cp>Connect and showcase content from Instagram, Reels, TikTok, Facebook, Pinterest, YouTube, Vimeo, and more, all in one dynamic feed.\u003C\u002Fp>\n\u003Cp>With automatic social media updates, your feed will always stay fresh and relevant.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>15+ million POWR plugin users worldwide can’t be wrong!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>🛠️ Embed Social Feed in 4 Simple Steps\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Connect your social media source\u003C\u002Fli>\n\u003Cli>Modify your content, choose content refresh rate, post approvals, etc.\u003C\u002Fli>\n\u003Cli>Fully customize your layout, size, background, hover effects, and more\u003C\u002Fli>\n\u003Cli>Publish!\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>✨ Social Feed Plugin Feature Highlights\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Connect to Instagram, Facebook, TikTok, Pinterest, YouTube, Vimeo, or even RSS\u003C\u002Fli>\n\u003Cli>Display images, photos, videos, and text in one responsive gallery\u003C\u002Fli>\n\u003Cli>Follow @handles, #hashtags, account, or site URLs.\u003C\u002Fli>\n\u003Cli>Adjust the width, height, columns, size, background color, spacing and more\u003C\u002Fli>\n\u003Cli>Customize your feed layout, header style, post settings, lightbox, and much more\u003C\u002Fli>\n\u003Cli>Approve posts before they go live on your site\u003C\u002Fli>\n\u003Cli>Keep your content up-to-date with automatic feed updates\u003C\u002Fli>\n\u003Cli>Mobile responsive on any device\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>POWR Social Feed has all you need for free, but there are many other features available on upgrade like:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Connect up to 15 social channels all in one feed\u003C\u002Fli>\n\u003Cli>Up to 50 posts per feed\u003C\u002Fli>\n\u003Cli>Content auto-refresh every 20 minutes\u003C\u002Fli>\n\u003Cli>Unlimited access to 60+ plugins like contact form, popup, countdown timer, image slider, and more for one \u003Ca href=\"https:\u002F\u002Fwww.powr.io\u002Fbusiness\" rel=\"nofollow ugc\">deeply discounted price\u003C\u002Fa>. Over $900\u002Fyr in savings!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🥇 Popular Social Feed Types on WordPress Websites\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Instagram Feed:\u003C\u002Fstrong> Display your latest Instagram posts to keep content fresh and engaging\u003Cbr \u002F>\n\u003Cstrong>Facebook Feed:\u003C\u002Fstrong> Embed your Facebook page posts, allowing visitors to see updates without leaving\u003Cbr \u002F>\n\u003Cstrong>TikTok Feed:\u003C\u002Fstrong> Show TikTok videos to highlight trending content or user-generated media\u003Cbr \u002F>\n\u003Cstrong>Pinterest Feed:\u003C\u002Fstrong> Integrate your Pinterest boards or pins, making it easy to share visual inspiration\u003Cbr \u002F>\n\u003Cstrong>YouTube Feed:\u003C\u002Fstrong> Stream videos from a YouTube channel or playlist for easy video content integration\u003Cbr \u002F>\n\u003Cstrong>Vimeo Feed:\u003C\u002Fstrong> Embed Vimeo videos in a dynamic feed to showcase high-quality video content\u003Cbr \u002F>\n\u003Cstrong>RSS Feed:\u003C\u002Fstrong> Pull in content from an RSS feed to automatically update your website with the latest articles or news\u003Cbr \u002F>\n\u003Cstrong>Tumblr Feed:\u003C\u002Fstrong> Display Tumblr blog posts, keeping content fresh and connected\u003Cbr \u002F>\n\u003Cstrong>Flickr Feed:\u003C\u002Fstrong> Showcase Flickr photo albums or galleries to highlight visual storytelling\u003C\u002Fp>\n\u003Ch3>💙 Why WordPress Users Love POWR Social Feed\u003C\u002Fh3>\n\u003Cblockquote>\n\u003Cp>\u003Cem>“Don’t even consider anything else. Not only is the product outstanding, heads & shoulders above anything else but the support is SUPERB. Use >this app. I reiterate, don’t even THINK about anything else. This is the best Social Feed with outstanding support!”\u003C\u002Fem> – \u003Cstrong>paralegalsperdiemh\u003C\u002Fstrong>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin connects to \u003Ca href=\"https:\u002F\u002Fwww.powr.io\u002F\" rel=\"nofollow ugc\">POWR.io\u003C\u002Fa> to enable its functionality and transmits the user’s email address for authentication purposes.\u003C\u002Fp>\n\u003Cp>It sends the user’s email every time the widget is loaded.\u003Cbr \u002F>\nThis service is provided by “POWR”: \u003Ca href=\"https:\u002F\u002Fwww.powr.io\u002Fterms\" rel=\"nofollow ugc\">Terms of Use\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.powr.io\u002Fprivacy\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>✅ Not just great social feed plugins — Over 60 No-Code WordPress Plugins Available\u003C\u002Fh3>\n\u003Cp>With a complete library at your fingertips, here are our WordPress users’ favorites:\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpowr-popup\u002F\" rel=\"ugc\">Popup\u003C\u002Fa>: Increase conversions with a pop-up sign-up form, or create a special promotion popup with a coupon code and keep visitors on your site with an exit intent popup. Integrates with Mailchimp and Zapier to make managing contacts a breeze.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpowr-pack\u002F\" rel=\"ugc\">Form Builder\u003C\u002Fa>: Allows you to create fully customizable forms without coding. It features advanced elements like conditional logic, multi-page forms, and file uploads. The tool also supports payment collection, integrations, and automated responses, making it ideal for lead generation, customer feedback, and e-commerce transactions.\u003C\u002Fp>\n\u003Cp>Photo + Video Gallery: Easily create and customize image and video galleries for your website, enhancing visual appeal and engagement. Features include responsive design, hover effects, and social sharing to showcase products, portfolios, or events.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpowr-multi-slider\" rel=\"ugc\">Image Slider\u003C\u002Fa>: Increase visitor trust with a slideshow of photos, videos, or customer testimonials. Add images, videos, events, and promotional banners with call-to-action buttons to create a beautiful slideshow for your WordPress site. Choose from different transition styles and automatically repeat slides to keep visitors engaged and active.\u003C\u002Fp>\n\u003Cp>PayPal Button: Collect payments quickly and securely on your WordPress site. Accept one-time payments, set up subscriptions, or collect donations. Customize the button text, receive email notifications when a payment is made, and design your autoresponder email to ensure successful payments.\u003C\u002Fp>\n\u003Cp>You can also get \u003Cstrong>unlimited access to 60+ plugins\u003C\u002Fstrong> like contact form, popup, countdown timer, image slider, and more for one \u003Ca href=\"https:\u002F\u002Fwww.powr.io\u002Fbusiness\" rel=\"nofollow ugc\">deeply discounted price\u003C\u002Fa>. Over $900\u002Fyr in savings!\u003C\u002Fp>\n\u003Ch3>📚 Article Library\u003C\u002Fh3>\n\u003Cp>The \u003Ca href=\"https:\u002F\u002Fblog.powr.io\u002F\" rel=\"nofollow ugc\">POWR Blog\u003C\u002Fa> is a library of over 1,000 articles from more than 300 authors worldwide. Learn more about how to grow your business with topics like: lead generation, digital marketing, website optimization, social media, small business, and customer loyalty.\u003C\u002Fp>\n\u003Ch3>👩🏻‍🔧 FAST AND FREE CUSTOMER SUPPORT\u003C\u002Fh3>\n\u003Cp>If you have any questions or need help getting up and running, we’re here to help! POWR offers free support, and our awesome support team is available 24 hours a day. You can also visit our \u003Ca href=\"https:\u002F\u002Fhelp.powr.io\u002Fhc\u002Fen-us\u002Fsections\u002F115000675448-Social-Feed\" rel=\"nofollow ugc\">Help Center\u003C\u002Fa> for tips, support, and answers to common questions.\u003C\u002Fp>\n\u003Cp>You can also join the \u003Ca href=\"https:\u002F\u002Fcommunity.powr.io\u002F\" rel=\"nofollow ugc\">POWR Community\u003C\u002Fa> for free! Talk directly to the developers, support team, and marketing, or make direct feature requests.\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin connects to the POWR.io API to provide plugin functionality. The connection is necessary to authenticate and display the plugin content within your WordPress site.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Service\u003C\u002Fstrong>: POWR.io API\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Purpose\u003C\u002Fstrong>: To authenticate and render the plugin widget on your WordPress site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data Sent\u003C\u002Fstrong>: The plugin sends the current user’s email address, web site url, ip, and the username to the POWR.io API for authentication purposes.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>When\u003C\u002Fstrong>: This data is sent when the admin settings page is accessed or when the shortcode is used to display the plugin.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Service Provider\u003C\u002Fstrong>: POWR.io\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.powr.io\u002Fterms\" rel=\"nofollow ugc\">Terms of Service\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.powr.io\u002Fprivacy\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","Keep your website content up to date and increase SEO by displaying all of your social media accounts, #hashtags in one place with customized design.",400,23781,82,22,"2025-04-21T10:37:00.000Z","6.8.5","6.7",[203,21,204,206,228],"tiktok-feed","https:\u002F\u002Fwww.powr.io\u002Fsocial-feed-website-app","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpowr-social-feed.2.1.0.zip",{"slug":232,"name":233,"version":234,"author":235,"author_profile":236,"description":237,"short_description":238,"active_installs":28,"downloaded":239,"rating":28,"num_ratings":28,"last_updated":240,"tested_up_to":16,"requires_at_least":183,"requires_php":184,"tags":241,"homepage":187,"download_link":243,"security_score":189,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":244},"trollishly-social-media-profile-assistant","Trollishly Social Media Profile Assistant","1.0.0","trollishly","https:\u002F\u002Fprofiles.wordpress.org\u002Ftrollishly\u002F","\u003Cp>Trollishly Social Media Profile Assistant allows WordPress site owners to display a clean and modern Follow bar directly under the post header on single post pages.\u003C\u002Fp>\n\u003Cp>Site administrators can enter their TikTok, Instagram, and YouTube profile URLs from the plugin settings page. The plugin automatically displays clickable icons for each profile that open in a new tab so readers can easily follow your brand or creator accounts.\u003C\u002Fp>\n\u003Cp>Key features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>TikTok, Instagram, and YouTube profile link support\u003C\u002Fli>\n\u003Cli>Simple settings screen under Settings \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Trollishly Social Media Profiles\u003C\u002Fli>\n\u003Cli>Modern and lightweight Follow bar design\u003C\u002Fli>\n\u003Cli>Works automatically on all single post pages\u003C\u002Fli>\n\u003Cli>No JavaScript required\u003C\u002Fli>\n\u003Cli>No external API calls\u003C\u002Fli>\n\u003Cli>GDPR friendly since no tracking or external requests are made\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin is useful for creators, influencers, brands, and publishers who want to promote their social media profiles without adding heavy scripts or complicated integrations.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is licensed under the GPLv2 or later.\u003C\u002Fp>\n\u003Cp>You can redistribute it and modify it under the terms of the GNU General Public License as published by the Free Software Foundation either version 2 of the License or any later version.\u003C\u002Fp>\n","Adds a customizable Follow bar under the post header with TikTok, Instagram, and YouTube profile links configured from the admin settings screen.",123,"2025-12-11T13:43:00.000Z",[242,21,186,23,24],"follow-buttons","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftrollishly-social-media-profile-assistant.zip","2026-03-15T14:54:45.397Z",{"slug":246,"name":247,"version":248,"author":249,"author_profile":250,"description":251,"short_description":252,"active_installs":253,"downloaded":254,"rating":255,"num_ratings":256,"last_updated":257,"tested_up_to":258,"requires_at_least":259,"requires_php":17,"tags":260,"homepage":266,"download_link":267,"security_score":268,"vuln_count":168,"unpatched_count":28,"last_vuln_date":269,"fetched_at":30},"oa-social-login","Social Login","5.10.0","Claude","https:\u002F\u002Fprofiles.wordpress.org\u002Fclaudeschlesser\u002F","\u003Ch4>Social Login Plugin\u003C\u002Fh4>\n\u003Cp>Social Login is a \u003Cstrong>professionally developed\u003C\u002Fstrong> and free WordPress plugin that allows your visitors to \u003Cstrong>comment, login and register with 40+ Social Networks\u003C\u002Fstrong> like for example Facebook, Twitter \u002F X, TikTok, Google, LinkedIn, PayPal, LiveJournal, Instagram, Вконтакте or Yahoo amongst other.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Data Protection Guarantee\u003C\u002Fstrong>\u003Cbr \u002F>\nSocial Login is fully compliant with all European and U.S. data protection laws. As required by the General Data Protection Regulation (GDPR) the OneAll Terms of Service include a Data Processing Agreement that we can countersign on request.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Seamless Integration\u003C\u002Fstrong>\u003Cbr \u002F>\nSocial Login is fully customizable and seamlessly integrates with your existing login\u002Fregistration system so that your users don’t have to start from scratch. Existing existing accounts can add\u002Fremove their social network accounts in their WordPress profile settings and then also use the linked social networks to login.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Eliminates Spam and Bot Registrations\u003C\u002Fstrong>\u003Cbr \u002F>\nGet rid of long and complicated forms, improve your data quality and instantly eliminate spam and bot registrations. Social Login increases registration rates by up to 50% and provides permission-based access to users’ social network profile data, allowing you to start delivering a personalized experience.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Maintenance Free\u003C\u002Fstrong>\u003Cbr \u002F>\nDo not take the risk of losing any users or customers due to outdated social network integrations. Unlike other Social Login providers we monitor the APIs and technologies of the different social networks and update our service as soon as changes arise.\u003C\u002Fp>\n\u003Cp>By using OneAll you can be sure that your social media integration will always run smoothly and with the most up-to-date calls.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Fully Customizable\u003C\u002Fstrong>\u003Cbr \u002F>\nYou can easily configure which social accounts to enable\u002Fdisable for social login and on which areas of the website the social login icons should be displayed:\u003Cbr \u002F>\n* On the comment formular\u003Cbr \u002F>\n* On the login page\u003Cbr \u002F>\n* On the registration page\u003Cbr \u002F>\n* In your sidebar\u003Cbr \u002F>\n* With a shortcode\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Fully Compatible With Other Plugins\u003C\u002Fstrong>\u003Cbr \u002F>\nSocial Login uses standard WordPress hooks and is compatible with all plugins that follow WordPress coding conventions,\u003Cbr \u002F>\nlike per example BuddyPress or WooCommerce amongst others.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Data Export\u003C\u002Fstrong>\u003Cbr \u002F>\nEasily export your users or automatically push data of users that login using Social Login to Mailchimp or Campaign Monitor.\u003Cbr \u002F>\nThis feature is available in the premium version of Social Login and can be enabled in your OneAll account.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>45+ Social Networks\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Apple\u003C\u002Fli>\n\u003Cli>Amazon\u003C\u002Fli>\n\u003Cli>Battle.net\u003C\u002Fli>\n\u003Cli>Blogger\u003C\u002Fli>\n\u003Cli>Discord\u003C\u002Fli>\n\u003Cli>Draugiem\u003C\u002Fli>\n\u003Cli>Dribbble\u003C\u002Fli>\n\u003Cli>Epic Games\u003C\u002Fli>\n\u003Cli>Facebook\u003C\u002Fli>\n\u003Cli>Foursquare\u003C\u002Fli>\n\u003Cli>Github.com\u003C\u002Fli>\n\u003Cli>Google\u003C\u002Fli>\n\u003Cli>Instagram\u003C\u002Fli>\n\u003Cli>Line\u003C\u002Fli>\n\u003Cli>LinkedIn\u003C\u002Fli>\n\u003Cli>LiveJournal\u003C\u002Fli>\n\u003Cli>Mail.ru\u003C\u002Fli>\n\u003Cli>Meetup\u003C\u002Fli>\n\u003Cli>Mixer\u003C\u002Fli>\n\u003Cli>Odnoklassniki\u003C\u002Fli>\n\u003Cli>OpenID\u003C\u002Fli>\n\u003Cli>Patreon\u003C\u002Fli>\n\u003Cli>PayPal\u003C\u002Fli>\n\u003Cli>Pinterest\u003C\u002Fli>\n\u003Cli>PixelPin \u003C\u002Fli>\n\u003Cli>Reddit\u003C\u002Fli>\n\u003Cli>Skyrock.com\u003C\u002Fli>\n\u003Cli>SoundCloud        \u003C\u002Fli>\n\u003Cli>Spotify\u003C\u002Fli>\n\u003Cli>StackExchange\u003C\u002Fli>\n\u003Cli>Steam\u003C\u002Fli>\n\u003Cli>Strava\u003C\u002Fli>\n\u003Cli>TikTok\u003C\u002Fli>\n\u003Cli>Tumblr\u003C\u002Fli>\n\u003Cli>Twitch.tv\u003C\u002Fli>\n\u003Cli>Twitter \u002F X\u003C\u002Fli>\n\u003Cli>Vimeo\u003C\u002Fli>\n\u003Cli>VKontakte\u003C\u002Fli>\n\u003Cli>Weibo\u003C\u002Fli>\n\u003Cli>Windows Live\u003C\u002Fli>\n\u003Cli>WordPress.com\u003C\u002Fli>\n\u003Cli>XING\u003C\u002Fli>\n\u003Cli>Yahoo\u003C\u002Fli>\n\u003Cli>Yandex\u003C\u002Fli>\n\u003Cli>YouTube\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Social Login Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>GDPR compliant\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Social Link\u003C\u002Fstrong> – Users can use social login to link multiple social network accounts to their WordPress account.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Woocommerce Connect\u003C\u002Fstrong> – Automatic integration of the social login icons on the Woocommerce checkout, login and registration pages.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Woocommerce Profile\u003C\u002Fstrong> – Fill the user’s billing address with the first name, last name and email address received from the social network.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>BuddyPress Connect\u003C\u002Fstrong> – Automatic integration of the social login icons on the BuddyPress account and registration pages.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>BuddyPress Profile\u003C\u002Fstrong> – Use the social network avatar as BuddyPress avatar and fill out custom fields.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User Insights\u003C\u002Fstrong> – Access the analytics dashboard to discover which social networks your users prefer.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic Emails\u003C\u002Fstrong> – Send emails to users that register using social login.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic Notifications\u003C\u002Fstrong> – Send notifications to admins for every users that registers using social login.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Comment Approval\u003C\u002Fstrong> – Automatically approve comments left by users that connected by using social login.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Email Retrieval\u003C\u002Fstrong>  – Ask users to enter their email when social login did not receive it from the social network.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Redirections\u003C\u002Fstrong> – Fully customize the page to redirect user to after having connected using social login.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Integrated Widget\u003C\u002Fstrong> – Simply use the social login widget to display the icons wherever you want.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>ShortCodes\u003C\u002Fstrong> – Easily embed social login anywhere by using the available shortcodes.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Hook\u003C\u002Fstrong> – Customize the social login behaviour by using the integrated hooks.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Icon Themes\u003C\u002Fstrong> – Choose amongst three different social login icon themes.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Documentation\u003C\u002Fstrong> – Access a \u003Ca href=\"https:\u002F\u002Fdocs.oneall.com\u002Fplugins\u002Fguide\u002Fsocial-login-wordpress\u002F\" rel=\"nofollow ugc\">complete documentation\u003C\u002Fa> on the available Social Login hooks and filters for WordPress.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Support\u003C\u002Fstrong> – Any questions about Social Login? Our support team is there to assist you. \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Social Login Premium Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Authentication Filters\u003C\u002Fstrong> – Use customisable filters to restrict which users may login with social login.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data Export\u003C\u002Fstrong> – Automatically export social login data to Campaign Monitor or MailChimp or export as CSV.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User Insights\u003C\u002Fstrong> – Access analytics and get demographic information about your social login users.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Icon Themes\u003C\u002Fstrong> – Choose amongst twenty different social login icon themes or use you own icons.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Professionally Developed and Maintained\u003C\u002Fstrong>\u003Cbr \u002F>\nSocial Login is maintained by \u003Ca href=\"https:\u002F\u002Fwww.oneall.com\" rel=\"nofollow ugc\">OneAll\u003C\u002Fa>, a technology company offering a set of web-delivered tools to simplify the integration of 40+ social networks into business and personal websites and apps.\u003C\u002Fp>\n\u003Cp>The OneAll API unifies 40+ Social Networks and consolidates the most powerful social network features in a single solution. You can work with multiple social networks at once and you will obtain a standardized field structure for data received from any of the social networks. Save time and development resources and focus on your core business.\u003C\u002Fp>\n\u003Ch3>Testimonials\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Used by thousands of users around the world!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cem>The plugin in is one of the best I’ve seen so far. Extremely easy to implement and run. The support is great too.\u003Cbr \u002F>\nNo concerns on my side. Keep it up!\u003C\u002Fem>\u003Cbr \u002F>\n\u003Cstrong>livia\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cem>Loving the service, seen a massive increase in painless signups to my blog. Thanks!\u003C\u002Fem>\u003Cbr \u002F>\n\u003Cstrong>Richard B.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cem>You have no idea how it THRILLED me to integrate oneall. It was SO amazingly easy, your team has simplified the whole process of signing up for\u003Cbr \u002F>\nauthorization on multiple social media sites. I HAD NO QUESTIONS\u002FSTEPS THAT YOU HADN’T ALREADY ANTICIPATED. It saved me HOURS of work!\u003C\u002Fem>\u003Cbr \u002F>\n\u003Cstrong>Kelly C.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cem>This is cool. Nice work. I’m VERY impressed. You’ve made this about as painless as it gets and the value it adds is incredible.\u003C\u002Fem>\u003Cbr \u002F>\n\u003Cstrong>Jason M.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cem>This service is simply remarkable, I’ve tried integrating logins before and it has never been this easy!\u003C\u002Fem>\u003Cbr \u002F>\n\u003Cstrong>Andrew C.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cem>I found it extremely straightforward. I just figured it out easily and make my website capable of connecting\u003Cbr \u002F>\nto many social networks by your plugin.\u003C\u002Fem>\u003Cbr \u002F>\n\u003Cstrong>Deha K.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cem>Just wanted to let you know how happy i am that i stumbled onto your service. This was the 6 Facebook\u002FTwitter integration\u003Cbr \u002F>\ni tried and was starting to lose hope that i could actually find one that worked for me.\u003C\u002Fem>\u003Cbr \u002F>\n\u003Cstrong>Kyle L.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cem>I would like to thank YOU! Seriously, the WordPress plugin has been a huge life saver for me.\u003C\u002Fem>\u003Cbr \u002F>\n\u003Cstrong>Piero B.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cem>Thank you for the wonderful plugin\u003C\u002Fem>\u003Cbr \u002F>\n\u003Cstrong>Martin P.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cem>The service is excellent for what i need, simple to set up. All situations about seting up are well explained, so\u003Cbr \u002F>\nthere are no difficulties\u003C\u002Fem>\u003Cbr \u002F>\n\u003Cstrong>Facundo S.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cem>I really like the plugin, the capabilities you provide for management and your prompt reply for support.\u003C\u002Fem>\u003Cbr \u002F>\n\u003Cstrong>Tom B.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cem>It was extremely easy to set up and use.  The documentation to set up the FB and twitter API\u003Cbr \u002F>\nwas easy to follow and implement. I was struggling with a couple of other plugins till I stumbled on this one.\u003C\u002Fem>\u003Cbr \u002F>\n\u003Cstrong>Deepa V.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cem>Works like a charm!\u003C\u002Fem>\u003Cbr \u002F>\n\u003Cstrong>Fredrik L.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cem>Not sure how you can improve it’s a Damn! Good product. 100% User friendly easy to setup. Thanks!\u003C\u002Fem>\u003Cbr \u002F>\n\u003Cstrong>Cody L.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cem>So far oneall.com is the perfect solution for my site and works flawlessly.  I am extremely impressed and grateful.\u003C\u002Fem>\u003Cbr \u002F>\n\u003Cstrong>Terry P.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cem>I’ve gone in and tweaked it, tested it and it’s good to go now! Wonderful, I feel like a grown up blogger now.\u003C\u002Fem>\u003Cbr \u002F>\n\u003Cstrong>Brian J.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cem>I am really impressed with your product! Its very dynamic and its gives me the flexibility I need for integration into my own business.\u003C\u002Fem>\u003Cbr \u002F>\n\u003Cstrong>Braxton D.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cem>Your delivery is superb. You should change your name to WONall because you won it all with me. You are awesome, stay that way please.\u003C\u002Fem>\u003Cbr \u002F>\n\u003Cstrong>Nicholas L.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cem>I especially enjoy the step by step process that guides you through the Social website App creation process. In the end I would like to thank you\u003Cbr \u002F>\nfor putting together such a great product that so many users can implement with ease.\u003C\u002Fem>\u003Cbr \u002F>\n\u003Cstrong>Stefan C.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cem>Thanks for a such a great plugin! I was really impressed with the simplicity of the installation directions and the clean design.\u003C\u002Fem>\u003Cbr \u002F>\n\u003Cstrong>Janae S.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cem>I love your service the way it is, it’s amazing how easy the logging-in-via-social-network is integrated into a wordpress website!\u003C\u002Fem>\u003Cbr \u002F>\n\u003Cstrong>Martin S.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cem>The site and the plugin are working magnificently. Thank you one million times for making your products\u002Fservices available in the manner that you have.\u003C\u002Fem>\u003Cbr \u002F>\n\u003Cstrong>Herman G.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cem>Very user friendly, there are guides and screenshot on how to set things up. Thank you so much for this awesome plugin!\u003C\u002Fem>\u003Cbr \u002F>\n\u003Cstrong>Cebututs\u003C\u002Fstrong>\u003C\u002Fp>\n","With Social Login your users can login, register and comment with 40+ Social Networks. Maintenance Free. Uptime Guarantee. Fulltime devs",5000,942142,86,364,"2024-12-02T15:57:00.000Z","6.7.5","3.0",[261,262,263,264,265],"facebook-login","linkedin-login","social-login","tiktok-login","twitter-login","http:\u002F\u002Fwww.oneall.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Foa-social-login.zip",89,"2024-11-22 15:08:42",{"attackSurface":271,"codeSignals":579,"taintFlows":1040,"riskAssessment":1479,"analyzedAt":1493},{"hooks":272,"ajaxHandlers":541,"restRoutes":568,"shortcodes":569,"cronEvents":577,"entryPointCount":578,"unprotectedCount":28},[273,279,282,284,287,292,296,299,303,307,312,316,319,323,327,331,335,340,344,348,351,355,359,362,366,369,373,377,382,385,389,394,397,401,404,407,413,417,420,424,428,431,434,436,438,440,442,445,448,449,453,458,463,467,470,473,477,481,485,488,492,496,499,502,506,511,515,519,522,526,530,533,534,538],{"type":274,"name":275,"callback":276,"file":277,"line":278},"action","admin_notices","failedPhpVersionNotice","ActivatePlugin.php",54,{"type":274,"name":275,"callback":280,"file":277,"line":281},"displayInstallNotice",72,{"type":274,"name":275,"callback":283,"file":277,"line":170},"displayUpdateNotice",{"type":274,"name":285,"callback":286,"priority":210,"file":277,"line":199},"upgrader_process_complete","upgradeCompleted",{"type":288,"name":289,"callback":290,"priority":210,"file":277,"line":291},"filter","plugin_row_meta","leaveFeedbackLink",84,{"type":274,"name":293,"callback":294,"file":277,"line":295},"admin_init","setPluginReviewOption",87,{"type":274,"name":275,"callback":297,"file":277,"line":298},"ratingNoticeHtml",428,{"type":274,"name":300,"callback":301,"file":277,"line":302},"activated_plugin","checkActivatedPlugin",521,{"type":274,"name":304,"callback":305,"file":277,"line":306},"automatic_updates_complete","checkAutoUpdatedPlugins",524,{"type":274,"name":308,"callback":309,"file":310,"line":311},"init","ftsCpt","admin\\cpt\\FeedsCPT.php",161,{"type":274,"name":313,"callback":314,"file":310,"line":315},"admin_menu","addFeedSubMenu",164,{"type":274,"name":313,"callback":317,"file":310,"line":318},"removeDefaultAddNewButton",167,{"type":274,"name":320,"callback":321,"file":310,"line":322},"current_screen","redirectToNewFeed",170,{"type":288,"name":324,"callback":325,"file":310,"line":326},"post_updated_messages","ftsUpdatedMessages",173,{"type":288,"name":328,"callback":329,"file":310,"line":330},"manage_fts_posts_columns","ftsSetCustomEditColumns",176,{"type":274,"name":332,"callback":333,"priority":210,"file":310,"line":334},"manage_fts_posts_custom_column","ftsCustomEditColumn",177,{"type":288,"name":336,"callback":337,"priority":338,"file":310,"line":339},"gettext","setFeedButtonText",20,180,{"type":274,"name":341,"callback":342,"file":310,"line":343},"add_meta_boxes","addFeedMetaboxes",183,{"type":288,"name":345,"callback":346,"priority":210,"file":310,"line":347},"attribute_escape","ftsRenameSubmenuName",186,{"type":274,"name":320,"callback":349,"file":310,"line":350},"currentFeedCptId",192,{"type":274,"name":352,"callback":353,"file":310,"line":354},"admin_action_ftsDuplicatePostAsDraft","ftsDuplicatePostAsDraft",194,{"type":288,"name":356,"callback":357,"priority":210,"file":310,"line":358},"page_row_actions","ftsDuplicatePostLink",195,{"type":288,"name":360,"callback":357,"priority":210,"file":310,"line":361},"fts_row_actions",196,{"type":274,"name":363,"callback":364,"file":310,"line":365},"post_submitbox_start","ftsDuplicatePostAddDuplicatePostButton",197,{"type":288,"name":356,"callback":367,"priority":210,"file":310,"line":368},"removeEditMenuLinks",200,{"type":288,"name":370,"callback":371,"file":310,"line":372},"body_class","addCustomBodyClassFrontend",202,{"type":288,"name":374,"callback":375,"file":310,"line":376},"admin_body_class","addCustomBodyClassAdmin",304,{"type":288,"name":378,"callback":379,"file":380,"line":381},"cron_schedules","ftsCronSchedules","admin\\cron_jobs\\CronJobs.php",90,{"type":274,"name":308,"callback":383,"file":380,"line":384},"registerCronActions",93,{"type":274,"name":386,"callback":387,"file":380,"line":388},"fts_clear_cache_event","clearCacheTask",256,{"type":274,"name":390,"callback":391,"file":392,"line":393},"wp_enqueue_scripts","anonymous","admin\\modules\\beaver-builder\\includes\\module.php",28,{"type":274,"name":308,"callback":395,"file":392,"line":396},"closure",122,{"type":274,"name":398,"callback":395,"file":399,"line":400},"elementor\u002Fpreview\u002Fenqueue_styles","admin\\modules\\elementor\\includes\\customElementor.php",13,{"type":274,"name":402,"callback":395,"file":399,"line":403},"elementor\u002Fpreview\u002Fenqueue_scripts",27,{"type":274,"name":405,"callback":395,"file":399,"line":406},"elementor\u002Feditor\u002Fafter_enqueue_scripts",58,{"type":274,"name":408,"callback":409,"priority":410,"file":411,"line":412},"elementor\u002Fwidgets\u002Fwidgets_registered","register_widgets",99,"admin\\modules\\elementor\\includes\\module.php",32,{"type":288,"name":414,"callback":414,"priority":210,"file":415,"line":416},"fts_update_option","admin\\settings\\SettingsFunctions.php",42,{"type":288,"name":418,"callback":418,"priority":210,"file":415,"line":419},"fts_get_settings",45,{"type":288,"name":421,"callback":422,"priority":210,"file":415,"line":423},"fts_settings_sanitize_text","ftsSanitizeTextField",48,{"type":288,"name":425,"callback":426,"priority":210,"file":415,"line":427},"fts_after_setting_output","ftsAddSettingTooltip",51,{"type":274,"name":293,"callback":429,"file":430,"line":199},"showNotices","admin\\settings\\SettingsPage.php",{"type":274,"name":313,"callback":432,"file":430,"line":433},"addSubmenuPage",81,{"type":274,"name":293,"callback":435,"file":430,"line":291},"registerSettings",{"type":288,"name":425,"callback":437,"priority":210,"file":430,"line":295},"dateTranslateFields",{"type":288,"name":425,"callback":439,"priority":210,"file":430,"line":381},"customDateTimeFields",{"type":274,"name":275,"callback":395,"file":430,"line":441},156,{"type":274,"name":313,"callback":432,"file":443,"line":444},"admin\\SystemInfo.php",88,{"type":274,"name":293,"callback":446,"file":447,"line":427},"ftsPluginVersionCheck","includes\\ErrorHandler.php",{"type":274,"name":275,"callback":395,"file":447,"line":396},{"type":274,"name":308,"callback":450,"file":451,"line":452},"ftsClearCacheScript","includes\\FeedCache.php",80,{"type":288,"name":454,"callback":455,"file":456,"line":457},"widget_text","do_shortcode","includes\\FeedFunctions.php",113,{"type":274,"name":459,"callback":460,"priority":461,"file":456,"line":462},"wp_before_admin_bar_render","ftsAdminBarMenu",999,139,{"type":274,"name":464,"callback":465,"file":456,"line":466},"admin_enqueue_scripts","feedThemAdminCss",144,{"type":274,"name":464,"callback":468,"file":456,"line":469},"feedThemSettings",147,{"type":274,"name":464,"callback":471,"file":456,"line":472},"feedThemSystemInfoCss",151,{"type":274,"name":390,"callback":474,"file":475,"line":476},"tiktokHead","includes\\feeds\\tiktok\\TiktokFeed.php",103,{"type":274,"name":390,"callback":478,"file":479,"line":480},"registerFrontendStylesScripts","includes\\FeedShortcode.php",155,{"type":274,"name":308,"callback":482,"priority":483,"file":484,"line":381},"loadPluginComponents",5,"LoadPlugin.php",{"type":274,"name":308,"callback":486,"file":484,"line":487},"loadTextdomain",102,{"type":274,"name":293,"callback":489,"file":490,"line":491},"addSubmitMetaBox","metabox\\MetaboxFunctions.php",213,{"type":274,"name":493,"callback":494,"file":490,"line":495},"admin_post_slickmetabox_form","saveMetaBox",216,{"type":274,"name":497,"callback":494,"priority":210,"file":490,"line":498},"save_post",220,{"type":274,"name":464,"callback":500,"file":490,"line":501},"metaboxScriptsStyles",224,{"type":274,"name":503,"callback":504,"file":490,"line":505},"admin_footer","ftsPluginLicense",228,{"type":288,"name":507,"callback":508,"priority":210,"file":509,"line":510},"fts_update_single_option","updateSingleOption","options\\OptionsFunctions.php",44,{"type":288,"name":512,"callback":513,"priority":210,"file":509,"line":514},"fts_get_options_array","get_options_array",47,{"type":274,"name":275,"callback":516,"file":517,"line":518},"pluginKeyEmptyAdminNotice","updater\\UpdaterCheckClass.php",63,{"type":274,"name":275,"callback":520,"file":517,"line":521},"pluginKeyNotValidAdminNotice",65,{"type":288,"name":523,"callback":524,"priority":210,"file":517,"line":525},"pre_set_site_transient_update_plugins","checkUpdate",158,{"type":288,"name":527,"callback":528,"priority":210,"file":517,"line":529},"plugins_api","pluginsApiFilter",159,{"type":274,"name":293,"callback":531,"file":517,"line":532},"showChangelog",162,{"type":288,"name":523,"callback":524,"priority":210,"file":517,"line":388},{"type":274,"name":313,"callback":535,"file":536,"line":537},"licenseMenu","updater\\UpdaterLicensePage.php",149,{"type":274,"name":293,"callback":539,"file":536,"line":540},"registerOptions",150,[542,548,551,553,555,558,561,564,567],{"action":543,"nopriv":544,"callback":543,"hasNonce":545,"hasCapCheck":544,"file":546,"line":547},"ftsAccessTokenTypeAjax",false,true,"admin\\cpt\\access_tokens\\AccessTokenOptions.php",110,{"action":549,"nopriv":544,"callback":549,"hasNonce":545,"hasCapCheck":545,"file":550,"line":518},"ftsExportFeedOptionsAjax","admin\\cpt\\FeedOptionsImportExport.php",{"action":552,"nopriv":544,"callback":552,"hasNonce":545,"hasCapCheck":545,"file":550,"line":521},"ftsImportFeedOptionsAjax",{"action":554,"nopriv":544,"callback":554,"hasNonce":545,"hasCapCheck":545,"file":451,"line":433},"ftsClearCacheAjax",{"action":556,"nopriv":544,"callback":556,"hasNonce":545,"hasCapCheck":544,"file":456,"line":557},"ftsEncryptTokenAjax",115,{"action":559,"nopriv":544,"callback":559,"hasNonce":545,"hasCapCheck":545,"file":456,"line":560},"ftsDecryptTokenAjax",116,{"action":562,"nopriv":544,"callback":562,"hasNonce":545,"hasCapCheck":545,"file":456,"line":563},"ftsRefreshFeedAjax",117,{"action":565,"nopriv":544,"callback":565,"hasNonce":545,"hasCapCheck":545,"file":456,"line":566},"myFtsFbLoadMore",121,{"action":565,"nopriv":545,"callback":565,"hasNonce":545,"hasCapCheck":545,"file":456,"line":396},[],[570,573],{"tag":571,"callback":572,"file":546,"line":457},"fts_fb_page_token","ftsFbPageTokenFunc",{"tag":574,"callback":575,"file":479,"line":576},"feed_them_social","displayFeedShortcodeFilter",152,[],11,{"dangerousFunctions":580,"sqlUsage":581,"outputEscaping":593,"fileOperations":168,"externalRequests":1037,"nonceChecks":1038,"capabilityChecks":393,"bundledLibraries":1039},[],{"prepared":582,"raw":583,"locations":584},18,2,[585,589],{"file":586,"line":587,"context":588},"blocks\\BlockLoader.php",131,"$wpdb->get_results() with variable interpolation",{"file":590,"line":591,"context":592},"uninstall.php",39,"$wpdb->get_col() with variable interpolation",{"escaped":594,"rawEcho":595,"locations":596},1518,235,[597,599,600,601,603,605,607,609,611,612,614,615,617,618,620,622,624,626,628,630,632,634,636,638,640,642,644,646,648,650,652,654,656,658,660,662,664,666,668,670,672,674,675,677,679,680,681,682,684,685,688,690,691,692,693,695,697,700,702,704,705,707,709,711,713,715,716,718,719,720,722,724,726,728,730,732,734,736,738,740,742,744,746,748,750,752,754,756,758,760,762,764,766,768,770,772,774,776,778,780,782,784,786,788,790,793,794,795,796,798,800,802,803,805,807,808,810,812,814,816,818,820,822,824,826,828,830,832,834,835,837,839,841,842,844,846,848,850,852,853,855,857,859,861,863,865,867,869,871,873,875,878,880,882,884,886,888,890,892,894,896,898,900,902,904,906,908,910,912,914,917,919,921,923,924,926,927,929,931,933,934,936,938,939,941,943,945,947,949,951,953,955,956,957,958,960,962,964,966,968,970,972,975,977,979,981,982,984,986,988,990,992,994,996,998,1000,1002,1004,1006,1008,1010,1012,1014,1016,1018,1019,1021,1023,1024,1026,1027,1029,1031,1033,1035],{"file":277,"line":557,"context":598},"raw output",{"file":277,"line":472,"context":598},{"file":277,"line":326,"context":598},{"file":277,"line":602,"context":598},470,{"file":277,"line":604,"context":598},471,{"file":277,"line":606,"context":598},472,{"file":277,"line":608,"context":598},473,{"file":277,"line":610,"context":598},474,{"file":546,"line":472,"context":598},{"file":546,"line":613,"context":598},171,{"file":546,"line":343,"context":598},{"file":546,"line":616,"context":598},201,{"file":546,"line":491,"context":598},{"file":546,"line":619,"context":598},225,{"file":546,"line":621,"context":598},236,{"file":546,"line":623,"context":598},250,{"file":546,"line":625,"context":598},259,{"file":546,"line":627,"context":598},262,{"file":546,"line":629,"context":598},271,{"file":546,"line":631,"context":598},281,{"file":546,"line":633,"context":598},291,{"file":546,"line":635,"context":598},301,{"file":546,"line":637,"context":598},305,{"file":546,"line":639,"context":598},315,{"file":546,"line":641,"context":598},325,{"file":546,"line":643,"context":598},381,{"file":546,"line":645,"context":598},398,{"file":546,"line":647,"context":598},401,{"file":546,"line":649,"context":598},407,{"file":546,"line":651,"context":598},414,{"file":546,"line":653,"context":598},569,{"file":546,"line":655,"context":598},578,{"file":546,"line":657,"context":598},591,{"file":546,"line":659,"context":598},601,{"file":546,"line":661,"context":598},680,{"file":546,"line":663,"context":598},747,{"file":665,"line":170,"context":598},"admin\\cpt\\access_tokens\\single\\FacebookAccessFunctions.php",{"file":665,"line":667,"context":598},98,{"file":665,"line":669,"context":598},174,{"file":665,"line":671,"context":598},182,{"file":665,"line":673,"context":598},193,{"file":665,"line":616,"context":598},{"file":665,"line":676,"context":598},223,{"file":678,"line":540,"context":598},"admin\\cpt\\access_tokens\\single\\InstagramAccessFunctions.php",{"file":678,"line":334,"context":598},{"file":678,"line":347,"context":598},{"file":678,"line":365,"context":598},{"file":678,"line":683,"context":598},205,{"file":678,"line":491,"context":598},{"file":686,"line":687,"context":598},"admin\\cpt\\access_tokens\\single\\InstagramBusinessAccessFunctions.php",92,{"file":686,"line":689,"context":598},141,{"file":686,"line":343,"context":598},{"file":686,"line":350,"context":598},{"file":686,"line":372,"context":598},{"file":686,"line":694,"context":598},210,{"file":686,"line":696,"context":598},232,{"file":698,"line":699,"context":598},"admin\\cpt\\access_tokens\\single\\TiktokAccessFunctions.php",215,{"file":698,"line":701,"context":598},231,{"file":698,"line":703,"context":598},249,{"file":698,"line":625,"context":598},{"file":698,"line":706,"context":598},267,{"file":708,"line":667,"context":598},"admin\\cpt\\access_tokens\\single\\YoutubeAccessFunctions.php",{"file":708,"line":710,"context":598},138,{"file":708,"line":712,"context":598},203,{"file":708,"line":714,"context":598},211,{"file":708,"line":498,"context":598},{"file":708,"line":717,"context":598},233,{"file":550,"line":547,"context":598},{"file":310,"line":491,"context":598},{"file":310,"line":721,"context":598},610,{"file":310,"line":723,"context":598},619,{"file":310,"line":725,"context":598},622,{"file":310,"line":727,"context":598},811,{"file":310,"line":729,"context":598},849,{"file":310,"line":731,"context":598},864,{"file":310,"line":733,"context":598},878,{"file":310,"line":735,"context":598},893,{"file":310,"line":737,"context":598},896,{"file":310,"line":739,"context":598},899,{"file":310,"line":741,"context":598},902,{"file":310,"line":743,"context":598},905,{"file":310,"line":745,"context":598},908,{"file":310,"line":747,"context":598},911,{"file":310,"line":749,"context":598},914,{"file":310,"line":751,"context":598},934,{"file":310,"line":753,"context":598},946,{"file":310,"line":755,"context":598},948,{"file":310,"line":757,"context":598},950,{"file":310,"line":759,"context":598},969,{"file":310,"line":761,"context":598},983,{"file":310,"line":763,"context":598},985,{"file":310,"line":765,"context":598},989,{"file":310,"line":767,"context":598},991,{"file":310,"line":769,"context":598},996,{"file":310,"line":771,"context":598},998,{"file":310,"line":773,"context":598},1018,{"file":310,"line":775,"context":598},1031,{"file":310,"line":777,"context":598},1036,{"file":310,"line":779,"context":598},1055,{"file":310,"line":781,"context":598},1085,{"file":310,"line":783,"context":598},1090,{"file":310,"line":785,"context":598},1097,{"file":310,"line":787,"context":598},1102,{"file":310,"line":789,"context":598},1129,{"file":791,"line":792,"context":598},"admin\\cpt\\options\\FeedCPTOptions.php",191,{"file":791,"line":350,"context":598},{"file":791,"line":673,"context":598},{"file":392,"line":563,"context":598},{"file":399,"line":797,"context":598},126,{"file":415,"line":799,"context":598},234,{"file":415,"line":801,"context":598},265,{"file":415,"line":635,"context":598},{"file":415,"line":804,"context":598},337,{"file":415,"line":806,"context":598},388,{"file":415,"line":298,"context":598},{"file":415,"line":809,"context":598},469,{"file":415,"line":811,"context":598},497,{"file":415,"line":813,"context":598},571,{"file":415,"line":815,"context":598},605,{"file":415,"line":817,"context":598},642,{"file":415,"line":819,"context":598},686,{"file":415,"line":821,"context":598},715,{"file":415,"line":823,"context":598},730,{"file":430,"line":825,"context":598},711,{"file":430,"line":827,"context":598},751,{"file":430,"line":829,"context":598},789,{"file":430,"line":831,"context":598},807,{"file":430,"line":833,"context":598},814,{"file":430,"line":833,"context":598},{"file":430,"line":836,"context":598},815,{"file":430,"line":838,"context":598},850,{"file":430,"line":840,"context":598},851,{"file":430,"line":731,"context":598},{"file":430,"line":843,"context":598},865,{"file":430,"line":845,"context":598},877,{"file":430,"line":847,"context":598},937,{"file":430,"line":849,"context":598},945,{"file":443,"line":851,"context":598},157,{"file":443,"line":388,"context":598},{"file":443,"line":854,"context":598},263,{"file":443,"line":856,"context":598},270,{"file":443,"line":858,"context":598},277,{"file":443,"line":860,"context":598},284,{"file":456,"line":862,"context":598},774,{"file":456,"line":864,"context":598},880,{"file":456,"line":866,"context":598},962,{"file":456,"line":868,"context":598},1260,{"file":456,"line":870,"context":598},1284,{"file":456,"line":872,"context":598},1305,{"file":456,"line":874,"context":598},1410,{"file":876,"line":877,"context":598},"includes\\feeds\\facebook\\FacebookFeed.php",1739,{"file":876,"line":879,"context":598},1818,{"file":876,"line":881,"context":598},1843,{"file":883,"line":813,"context":598},"includes\\feeds\\facebook\\FacebookFeedPostTypes.php",{"file":883,"line":885,"context":598},629,{"file":883,"line":887,"context":598},695,{"file":883,"line":889,"context":598},740,{"file":883,"line":891,"context":598},778,{"file":883,"line":893,"context":598},1147,{"file":883,"line":895,"context":598},1194,{"file":883,"line":897,"context":598},1235,{"file":883,"line":899,"context":598},1252,{"file":883,"line":901,"context":598},1283,{"file":883,"line":903,"context":598},1290,{"file":883,"line":905,"context":598},1301,{"file":883,"line":907,"context":598},1430,{"file":883,"line":909,"context":598},1512,{"file":883,"line":911,"context":598},2022,{"file":883,"line":913,"context":598},2045,{"file":915,"line":916,"context":598},"includes\\feeds\\instagram\\InstagramFeed.php",609,{"file":915,"line":918,"context":598},678,{"file":915,"line":920,"context":598},689,{"file":915,"line":922,"context":598},708,{"file":915,"line":823,"context":598},{"file":915,"line":925,"context":598},735,{"file":915,"line":727,"context":598},{"file":915,"line":928,"context":598},827,{"file":915,"line":930,"context":598},837,{"file":915,"line":932,"context":598},876,{"file":915,"line":753,"context":598},{"file":915,"line":935,"context":598},988,{"file":915,"line":937,"context":598},1155,{"file":915,"line":937,"context":598},{"file":915,"line":940,"context":598},1168,{"file":475,"line":942,"context":598},691,{"file":475,"line":944,"context":598},697,{"file":475,"line":946,"context":598},738,{"file":475,"line":948,"context":598},765,{"file":475,"line":950,"context":598},894,{"file":475,"line":952,"context":598},903,{"file":475,"line":954,"context":598},907,{"file":475,"line":954,"context":598},{"file":475,"line":954,"context":598},{"file":475,"line":954,"context":598},{"file":475,"line":959,"context":598},965,{"file":475,"line":961,"context":598},1003,{"file":475,"line":963,"context":598},1009,{"file":475,"line":965,"context":598},1012,{"file":475,"line":967,"context":598},1013,{"file":475,"line":969,"context":598},1014,{"file":475,"line":971,"context":598},1199,{"file":973,"line":974,"context":598},"includes\\feeds\\youtube\\YoutubeFeed.php",352,{"file":973,"line":976,"context":598},356,{"file":973,"line":978,"context":598},360,{"file":973,"line":980,"context":598},427,{"file":973,"line":606,"context":598},{"file":973,"line":983,"context":598},504,{"file":973,"line":985,"context":598},505,{"file":973,"line":987,"context":598},573,{"file":973,"line":989,"context":598},595,{"file":973,"line":991,"context":598},596,{"file":973,"line":993,"context":598},611,{"file":973,"line":995,"context":598},632,{"file":973,"line":997,"context":598},633,{"file":973,"line":999,"context":598},676,{"file":973,"line":1001,"context":598},860,{"file":973,"line":1003,"context":598},863,{"file":973,"line":1005,"context":598},866,{"file":479,"line":1007,"context":598},335,{"file":479,"line":1009,"context":598},341,{"file":479,"line":1011,"context":598},346,{"file":479,"line":1013,"context":598},351,{"file":479,"line":1015,"context":598},358,{"file":490,"line":1017,"context":598},530,{"file":490,"line":997,"context":598},{"file":509,"line":1020,"context":598},390,{"file":517,"line":1022,"context":598},85,{"file":517,"line":547,"context":598},{"file":536,"line":1025,"context":598},222,{"file":536,"line":696,"context":598},{"file":536,"line":1028,"context":598},272,{"file":536,"line":1030,"context":598},275,{"file":536,"line":1032,"context":598},288,{"file":536,"line":1034,"context":598},297,{"file":536,"line":1036,"context":598},406,9,24,[],[1041,1066,1086,1100,1137,1146,1156,1178,1209,1233,1263,1272,1284,1293,1301,1311,1324,1334,1346,1355,1363,1371,1380,1389,1397,1410,1434,1451,1471],{"entryPoint":1042,"graph":1043,"unsanitizedCount":1065,"severity":55},"ftsRenderLocationsListHtml (admin\\cpt\\access_tokens\\AccessTokenOptions.php:544)",{"nodes":1044,"edges":1062},[1045,1050,1056,1060],{"id":1046,"type":1047,"label":1048,"file":546,"line":1049},"n0","source","$_GET (x15)",562,{"id":1051,"type":1052,"label":1053,"file":546,"line":1054,"wp_function":1055},"n1","sink","echo() [XSS]",567,"echo",{"id":1057,"type":1047,"label":1058,"file":546,"line":1059},"n2","$_GET (x4)",561,{"id":1061,"type":1052,"label":1053,"file":546,"line":653,"wp_function":1055},"n3",[1063,1064],{"from":1046,"to":1051,"sanitized":545},{"from":1057,"to":1061,"sanitized":544},4,{"entryPoint":1067,"graph":1068,"unsanitizedCount":483,"severity":55},"ftsRenderFinalScriptsHtml (admin\\cpt\\access_tokens\\AccessTokenOptions.php:662)",{"nodes":1069,"edges":1082},[1070,1073,1074,1076,1077,1080],{"id":1046,"type":1047,"label":1071,"file":546,"line":1072},"$_REQUEST['fts_dynamic_name'] (x3)",667,{"id":1051,"type":1052,"label":1053,"file":546,"line":1072,"wp_function":1055},{"id":1057,"type":1047,"label":1075,"file":546,"line":1072},"$_REQUEST['next_url']",{"id":1061,"type":1052,"label":1053,"file":546,"line":1072,"wp_function":1055},{"id":1078,"type":1047,"label":1079,"file":546,"line":661},"n4","$_GET['post'] (x2)",{"id":1081,"type":1052,"label":1053,"file":546,"line":661,"wp_function":1055},"n5",[1083,1084,1085],{"from":1046,"to":1051,"sanitized":544},{"from":1057,"to":1061,"sanitized":545},{"from":1078,"to":1081,"sanitized":544},{"entryPoint":1087,"graph":1088,"unsanitizedCount":168,"severity":55},"ftsAccessTokenTypeAjax (admin\\cpt\\access_tokens\\AccessTokenOptions.php:795)",{"nodes":1089,"edges":1097},[1090,1093,1096],{"id":1046,"type":1047,"label":1091,"file":546,"line":1092},"$_REQUEST",842,{"id":1051,"type":1094,"label":1095,"file":546,"line":1092},"transform","→ getAccessTokenOptions()",{"id":1057,"type":1052,"label":1053,"file":546,"line":641,"wp_function":1055},[1098,1099],{"from":1046,"to":1051,"sanitized":544},{"from":1051,"to":1057,"sanitized":544},{"entryPoint":1101,"graph":1102,"unsanitizedCount":168,"severity":55},"\u003CAccessTokenOptions> (admin\\cpt\\access_tokens\\AccessTokenOptions.php:0)",{"nodes":1103,"edges":1129},[1104,1106,1108,1111,1113,1114,1115,1117,1119,1121,1123,1125,1127],{"id":1046,"type":1047,"label":1105,"file":546,"line":1020},"$_GET (x23)",{"id":1051,"type":1052,"label":1053,"file":546,"line":1107,"wp_function":1055},395,{"id":1057,"type":1047,"label":1109,"file":546,"line":1110},"$_REQUEST (x10)",454,{"id":1061,"type":1052,"label":1053,"file":546,"line":1112,"wp_function":1055},456,{"id":1078,"type":1047,"label":1071,"file":546,"line":1072},{"id":1081,"type":1052,"label":1053,"file":546,"line":1072,"wp_function":1055},{"id":1116,"type":1047,"label":1075,"file":546,"line":1072},"n6",{"id":1118,"type":1052,"label":1053,"file":546,"line":1072,"wp_function":1055},"n7",{"id":1120,"type":1047,"label":1079,"file":546,"line":661},"n8",{"id":1122,"type":1052,"label":1053,"file":546,"line":661,"wp_function":1055},"n9",{"id":1124,"type":1047,"label":1091,"file":546,"line":1092},"n10",{"id":1126,"type":1094,"label":1095,"file":546,"line":1092},"n11",{"id":1128,"type":1052,"label":1053,"file":546,"line":641,"wp_function":1055},"n12",[1130,1131,1132,1133,1134,1135,1136],{"from":1046,"to":1051,"sanitized":545},{"from":1057,"to":1061,"sanitized":545},{"from":1078,"to":1081,"sanitized":545},{"from":1116,"to":1118,"sanitized":545},{"from":1120,"to":1122,"sanitized":545},{"from":1124,"to":1126,"sanitized":544},{"from":1126,"to":1128,"sanitized":544},{"entryPoint":1138,"graph":1139,"unsanitizedCount":168,"severity":55},"ftsSystemInfoSupportTicket (admin\\SystemInfo.php:165)",{"nodes":1140,"edges":1144},[1141,1143],{"id":1046,"type":1047,"label":1142,"file":443,"line":354},"$_SERVER",{"id":1051,"type":1052,"label":1053,"file":443,"line":361,"wp_function":1055},[1145],{"from":1046,"to":1051,"sanitized":544},{"entryPoint":1147,"graph":1148,"unsanitizedCount":168,"severity":55},"displayFacebook (includes\\feeds\\facebook\\FacebookFeed.php:366)",{"nodes":1149,"edges":1154},[1150,1153],{"id":1046,"type":1047,"label":1151,"file":876,"line":1152},"$_REQUEST['fts_dynamic_name']",1046,{"id":1051,"type":1052,"label":1053,"file":876,"line":1152,"wp_function":1055},[1155],{"from":1046,"to":1051,"sanitized":544},{"entryPoint":1157,"graph":1158,"unsanitizedCount":1177,"severity":55},"ftsFacebookLoadmore (includes\\feeds\\facebook\\FacebookFeed.php:1716)",{"nodes":1159,"edges":1173},[1160,1162,1163,1166,1168,1171],{"id":1046,"type":1047,"label":1161,"file":876,"line":877},"$_REQUEST['fts_dynamic_name'] (x6)",{"id":1051,"type":1052,"label":1053,"file":876,"line":877,"wp_function":1055},{"id":1057,"type":1047,"label":1164,"file":876,"line":1165},"$_REQUEST (x16)",1744,{"id":1061,"type":1052,"label":1053,"file":876,"line":1167,"wp_function":1055},1757,{"id":1078,"type":1047,"label":1169,"file":876,"line":1170},"$_REQUEST (x2)",1877,{"id":1081,"type":1052,"label":1053,"file":876,"line":1172,"wp_function":1055},1879,[1174,1175,1176],{"from":1046,"to":1051,"sanitized":544},{"from":1057,"to":1061,"sanitized":545},{"from":1078,"to":1081,"sanitized":544},8,{"entryPoint":1179,"graph":1180,"unsanitizedCount":483,"severity":55},"displayInstagram (includes\\feeds\\instagram\\InstagramFeed.php:222)",{"nodes":1181,"edges":1201},[1182,1185,1186,1187,1188,1189,1190,1192,1194,1195,1197,1199],{"id":1046,"type":1047,"label":1183,"file":915,"line":1184},"$_REQUEST (x41)",518,{"id":1051,"type":1052,"label":1053,"file":915,"line":989,"wp_function":1055},{"id":1057,"type":1047,"label":1071,"file":915,"line":935},{"id":1061,"type":1052,"label":1053,"file":915,"line":935,"wp_function":1055},{"id":1078,"type":1047,"label":1075,"file":915,"line":935},{"id":1081,"type":1052,"label":1053,"file":915,"line":935,"wp_function":1055},{"id":1116,"type":1047,"label":1091,"file":915,"line":1191},522,{"id":1118,"type":1094,"label":1193,"file":915,"line":1191},"→ useCacheCheck()",{"id":1120,"type":1052,"label":1053,"file":456,"line":874,"wp_function":1055},{"id":1122,"type":1047,"label":1196,"file":915,"line":916},"$_REQUEST (x4)",{"id":1124,"type":1094,"label":1198,"file":915,"line":916},"→ socialFollowButton()",{"id":1126,"type":1052,"label":1053,"file":456,"line":1200,"wp_function":1055},1110,[1202,1203,1204,1205,1206,1207,1208],{"from":1046,"to":1051,"sanitized":545},{"from":1057,"to":1061,"sanitized":545},{"from":1078,"to":1081,"sanitized":545},{"from":1116,"to":1118,"sanitized":544},{"from":1118,"to":1120,"sanitized":544},{"from":1122,"to":1124,"sanitized":544},{"from":1124,"to":1126,"sanitized":544},{"entryPoint":1210,"graph":1211,"unsanitizedCount":483,"severity":55},"\u003CInstagramFeed> (includes\\feeds\\instagram\\InstagramFeed.php:0)",{"nodes":1212,"edges":1225},[1213,1214,1215,1216,1217,1218,1219,1220,1221,1222,1223,1224],{"id":1046,"type":1047,"label":1183,"file":915,"line":1184},{"id":1051,"type":1052,"label":1053,"file":915,"line":989,"wp_function":1055},{"id":1057,"type":1047,"label":1071,"file":915,"line":935},{"id":1061,"type":1052,"label":1053,"file":915,"line":935,"wp_function":1055},{"id":1078,"type":1047,"label":1075,"file":915,"line":935},{"id":1081,"type":1052,"label":1053,"file":915,"line":935,"wp_function":1055},{"id":1116,"type":1047,"label":1091,"file":915,"line":1191},{"id":1118,"type":1094,"label":1193,"file":915,"line":1191},{"id":1120,"type":1052,"label":1053,"file":456,"line":874,"wp_function":1055},{"id":1122,"type":1047,"label":1196,"file":915,"line":916},{"id":1124,"type":1094,"label":1198,"file":915,"line":916},{"id":1126,"type":1052,"label":1053,"file":456,"line":1200,"wp_function":1055},[1226,1227,1228,1229,1230,1231,1232],{"from":1046,"to":1051,"sanitized":545},{"from":1057,"to":1061,"sanitized":545},{"from":1078,"to":1081,"sanitized":545},{"from":1116,"to":1118,"sanitized":544},{"from":1118,"to":1120,"sanitized":544},{"from":1122,"to":1124,"sanitized":544},{"from":1124,"to":1126,"sanitized":544},{"entryPoint":1234,"graph":1235,"unsanitizedCount":1262,"severity":55},"displayYoutube (includes\\feeds\\youtube\\YoutubeFeed.php:107)",{"nodes":1236,"edges":1255},[1237,1240,1241,1244,1246,1247,1248,1250,1252,1253,1254],{"id":1046,"type":1047,"label":1238,"file":973,"line":1239},"$_REQUEST['fts_dynamic_name'] (x9)",410,{"id":1051,"type":1052,"label":1053,"file":973,"line":1239,"wp_function":1055},{"id":1057,"type":1047,"label":1242,"file":973,"line":1243},"$_REQUEST (x6)",240,{"id":1061,"type":1052,"label":1053,"file":973,"line":1245,"wp_function":1055},482,{"id":1078,"type":1047,"label":1075,"file":973,"line":999},{"id":1081,"type":1052,"label":1053,"file":973,"line":999,"wp_function":1055},{"id":1116,"type":1047,"label":1249,"file":973,"line":1243},"$_REQUEST (x13)",{"id":1118,"type":1052,"label":1053,"file":973,"line":1251,"wp_function":1055},692,{"id":1120,"type":1047,"label":1091,"file":973,"line":75},{"id":1122,"type":1094,"label":1193,"file":973,"line":75},{"id":1124,"type":1052,"label":1053,"file":456,"line":874,"wp_function":1055},[1256,1257,1258,1259,1260,1261],{"from":1046,"to":1051,"sanitized":544},{"from":1057,"to":1061,"sanitized":544},{"from":1078,"to":1081,"sanitized":544},{"from":1116,"to":1118,"sanitized":545},{"from":1120,"to":1122,"sanitized":544},{"from":1122,"to":1124,"sanitized":544},17,{"entryPoint":1264,"graph":1265,"unsanitizedCount":168,"severity":55},"displayMetaboxContent (metabox\\MetaboxFunctions.php:557)",{"nodes":1266,"edges":1270},[1267,1269],{"id":1046,"type":1047,"label":1268,"file":490,"line":995},"$_GET",{"id":1051,"type":1052,"label":1053,"file":490,"line":997,"wp_function":1055},[1271],{"from":1046,"to":1051,"sanitized":544},{"entryPoint":1273,"graph":1274,"unsanitizedCount":28,"severity":40},"ftsFbPageTokenFunc (admin\\cpt\\access_tokens\\AccessTokenOptions.php:349)",{"nodes":1275,"edges":1281},[1276,1278,1279,1280],{"id":1046,"type":1047,"label":1277,"file":546,"line":1020},"$_GET (x3)",{"id":1051,"type":1052,"label":1053,"file":546,"line":1107,"wp_function":1055},{"id":1057,"type":1047,"label":1091,"file":546,"line":1110},{"id":1061,"type":1052,"label":1053,"file":546,"line":1112,"wp_function":1055},[1282,1283],{"from":1046,"to":1051,"sanitized":545},{"from":1057,"to":1061,"sanitized":545},{"entryPoint":1285,"graph":1286,"unsanitizedCount":28,"severity":40},"getAccessTokenButton (admin\\cpt\\access_tokens\\single\\YoutubeAccessFunctions.php:67)",{"nodes":1287,"edges":1291},[1288,1289],{"id":1046,"type":1047,"label":1277,"file":708,"line":170},{"id":1051,"type":1052,"label":1053,"file":708,"line":1290,"wp_function":1055},91,[1292],{"from":1046,"to":1051,"sanitized":545},{"entryPoint":1294,"graph":1295,"unsanitizedCount":28,"severity":40},"\u003CYoutubeAccessFunctions> (admin\\cpt\\access_tokens\\single\\YoutubeAccessFunctions.php:0)",{"nodes":1296,"edges":1299},[1297,1298],{"id":1046,"type":1047,"label":1058,"file":708,"line":170},{"id":1051,"type":1052,"label":1053,"file":708,"line":1290,"wp_function":1055},[1300],{"from":1046,"to":1051,"sanitized":545},{"entryPoint":1302,"graph":1303,"unsanitizedCount":28,"severity":40},"ftsShortcodeMetaBox (admin\\cpt\\FeedsCPT.php:1119)",{"nodes":1304,"edges":1309},[1305,1307],{"id":1046,"type":1047,"label":1268,"file":310,"line":1306},1124,{"id":1051,"type":1052,"label":1053,"file":310,"line":1308,"wp_function":1055},1130,[1310],{"from":1046,"to":1051,"sanitized":545},{"entryPoint":1312,"graph":1313,"unsanitizedCount":28,"severity":40},"ftsDuplicatePostAsDraft (admin\\cpt\\FeedsCPT.php:1151)",{"nodes":1314,"edges":1322},[1315,1318],{"id":1046,"type":1047,"label":1316,"file":310,"line":1317},"$_POST",1169,{"id":1051,"type":1052,"label":1319,"file":310,"line":1320,"wp_function":1321},"get_results() [SQLi]",1238,"get_results",[1323],{"from":1046,"to":1051,"sanitized":545},{"entryPoint":1325,"graph":1326,"unsanitizedCount":28,"severity":40},"ftsDuplicatePostAddDuplicatePostButton (admin\\cpt\\FeedsCPT.php:1312)",{"nodes":1327,"edges":1332},[1328,1330],{"id":1046,"type":1047,"label":1268,"file":310,"line":1329},1317,{"id":1051,"type":1052,"label":1053,"file":310,"line":1331,"wp_function":1055},1320,[1333],{"from":1046,"to":1051,"sanitized":545},{"entryPoint":1335,"graph":1336,"unsanitizedCount":28,"severity":40},"\u003CFeedsCPT> (admin\\cpt\\FeedsCPT.php:0)",{"nodes":1337,"edges":1343},[1338,1340,1341,1342],{"id":1046,"type":1047,"label":1339,"file":310,"line":1306},"$_GET (x2)",{"id":1051,"type":1052,"label":1053,"file":310,"line":1308,"wp_function":1055},{"id":1057,"type":1047,"label":1316,"file":310,"line":1317},{"id":1061,"type":1052,"label":1319,"file":310,"line":1320,"wp_function":1321},[1344,1345],{"from":1046,"to":1051,"sanitized":545},{"from":1057,"to":1061,"sanitized":545},{"entryPoint":1347,"graph":1348,"unsanitizedCount":28,"severity":40},"displaySettingsPage (admin\\settings\\SettingsPage.php:619)",{"nodes":1349,"edges":1353},[1350,1351],{"id":1046,"type":1047,"label":1058,"file":430,"line":997},{"id":1051,"type":1052,"label":1053,"file":430,"line":1352,"wp_function":1055},693,[1354],{"from":1046,"to":1051,"sanitized":545},{"entryPoint":1356,"graph":1357,"unsanitizedCount":28,"severity":40},"\u003CSettingsPage> (admin\\settings\\SettingsPage.php:0)",{"nodes":1358,"edges":1361},[1359,1360],{"id":1046,"type":1047,"label":1058,"file":430,"line":997},{"id":1051,"type":1052,"label":1053,"file":430,"line":1352,"wp_function":1055},[1362],{"from":1046,"to":1051,"sanitized":545},{"entryPoint":1364,"graph":1365,"unsanitizedCount":168,"severity":40},"\u003CSystemInfo> (admin\\SystemInfo.php:0)",{"nodes":1366,"edges":1369},[1367,1368],{"id":1046,"type":1047,"label":1142,"file":443,"line":354},{"id":1051,"type":1052,"label":1053,"file":443,"line":361,"wp_function":1055},[1370],{"from":1046,"to":1051,"sanitized":544},{"entryPoint":1372,"graph":1373,"unsanitizedCount":28,"severity":40},"ftsRefreshFeedAjax (includes\\FeedFunctions.php:1272)",{"nodes":1374,"edges":1378},[1375,1377],{"id":1046,"type":1047,"label":1091,"file":456,"line":1376},1280,{"id":1051,"type":1052,"label":1053,"file":456,"line":870,"wp_function":1055},[1379],{"from":1046,"to":1051,"sanitized":545},{"entryPoint":1381,"graph":1382,"unsanitizedCount":28,"severity":40},"ftsDecryptTokenAjax (includes\\FeedFunctions.php:1296)",{"nodes":1383,"edges":1387},[1384,1386],{"id":1046,"type":1047,"label":1091,"file":456,"line":1385},1304,{"id":1051,"type":1052,"label":1053,"file":456,"line":872,"wp_function":1055},[1388],{"from":1046,"to":1051,"sanitized":545},{"entryPoint":1390,"graph":1391,"unsanitizedCount":28,"severity":40},"\u003CFeedFunctions> (includes\\FeedFunctions.php:0)",{"nodes":1392,"edges":1395},[1393,1394],{"id":1046,"type":1047,"label":1169,"file":456,"line":1376},{"id":1051,"type":1052,"label":1053,"file":456,"line":870,"wp_function":1055},[1396],{"from":1046,"to":1051,"sanitized":545},{"entryPoint":1398,"graph":1399,"unsanitizedCount":28,"severity":40},"\u003CFacebookFeed> (includes\\feeds\\facebook\\FacebookFeed.php:0)",{"nodes":1400,"edges":1407},[1401,1403,1404,1406],{"id":1046,"type":1047,"label":1402,"file":876,"line":1152},"$_REQUEST['fts_dynamic_name'] (x7)",{"id":1051,"type":1052,"label":1053,"file":876,"line":1152,"wp_function":1055},{"id":1057,"type":1047,"label":1405,"file":876,"line":1165},"$_REQUEST (x18)",{"id":1061,"type":1052,"label":1053,"file":876,"line":1167,"wp_function":1055},[1408,1409],{"from":1046,"to":1051,"sanitized":545},{"from":1057,"to":1061,"sanitized":545},{"entryPoint":1411,"graph":1412,"unsanitizedCount":28,"severity":40},"displayTiktok (includes\\feeds\\tiktok\\TiktokFeed.php:425)",{"nodes":1413,"edges":1429},[1414,1417,1419,1421,1422,1424,1425,1428],{"id":1046,"type":1047,"label":1415,"file":475,"line":1416},"$_REQUEST (x25)",508,{"id":1051,"type":1052,"label":1053,"file":475,"line":1418,"wp_function":1055},800,{"id":1057,"type":1047,"label":1071,"file":475,"line":1420},1070,{"id":1061,"type":1052,"label":1053,"file":475,"line":1420,"wp_function":1055},{"id":1078,"type":1047,"label":1423,"file":475,"line":1420},"$_REQUEST['since_id']",{"id":1081,"type":1052,"label":1053,"file":475,"line":1420,"wp_function":1055},{"id":1116,"type":1047,"label":1426,"file":475,"line":1427},"$_REQUEST['max_id']",1071,{"id":1118,"type":1052,"label":1053,"file":475,"line":1427,"wp_function":1055},[1430,1431,1432,1433],{"from":1046,"to":1051,"sanitized":545},{"from":1057,"to":1061,"sanitized":545},{"from":1078,"to":1081,"sanitized":545},{"from":1116,"to":1118,"sanitized":545},{"entryPoint":1435,"graph":1436,"unsanitizedCount":28,"severity":40},"\u003CTiktokFeed> (includes\\feeds\\tiktok\\TiktokFeed.php:0)",{"nodes":1437,"edges":1446},[1438,1439,1440,1441,1442,1443,1444,1445],{"id":1046,"type":1047,"label":1415,"file":475,"line":1416},{"id":1051,"type":1052,"label":1053,"file":475,"line":1418,"wp_function":1055},{"id":1057,"type":1047,"label":1071,"file":475,"line":1420},{"id":1061,"type":1052,"label":1053,"file":475,"line":1420,"wp_function":1055},{"id":1078,"type":1047,"label":1423,"file":475,"line":1420},{"id":1081,"type":1052,"label":1053,"file":475,"line":1420,"wp_function":1055},{"id":1116,"type":1047,"label":1426,"file":475,"line":1427},{"id":1118,"type":1052,"label":1053,"file":475,"line":1427,"wp_function":1055},[1447,1448,1449,1450],{"from":1046,"to":1051,"sanitized":545},{"from":1057,"to":1061,"sanitized":545},{"from":1078,"to":1081,"sanitized":545},{"from":1116,"to":1118,"sanitized":545},{"entryPoint":1452,"graph":1453,"unsanitizedCount":168,"severity":40},"\u003CYoutubeFeed> (includes\\feeds\\youtube\\YoutubeFeed.php:0)",{"nodes":1454,"edges":1465},[1455,1456,1457,1459,1460,1461,1462,1463,1464],{"id":1046,"type":1047,"label":1238,"file":973,"line":1239},{"id":1051,"type":1052,"label":1053,"file":973,"line":1239,"wp_function":1055},{"id":1057,"type":1047,"label":1458,"file":973,"line":1243},"$_REQUEST (x20)",{"id":1061,"type":1052,"label":1053,"file":973,"line":1245,"wp_function":1055},{"id":1078,"type":1047,"label":1075,"file":973,"line":999},{"id":1081,"type":1052,"label":1053,"file":973,"line":999,"wp_function":1055},{"id":1116,"type":1047,"label":1091,"file":973,"line":75},{"id":1118,"type":1094,"label":1193,"file":973,"line":75},{"id":1120,"type":1052,"label":1053,"file":456,"line":874,"wp_function":1055},[1466,1467,1468,1469,1470],{"from":1046,"to":1051,"sanitized":545},{"from":1057,"to":1061,"sanitized":545},{"from":1078,"to":1081,"sanitized":545},{"from":1116,"to":1118,"sanitized":544},{"from":1118,"to":1120,"sanitized":544},{"entryPoint":1472,"graph":1473,"unsanitizedCount":28,"severity":40},"\u003CMetaboxFunctions> (metabox\\MetaboxFunctions.php:0)",{"nodes":1474,"edges":1477},[1475,1476],{"id":1046,"type":1047,"label":1268,"file":490,"line":995},{"id":1051,"type":1052,"label":1053,"file":490,"line":997,"wp_function":1055},[1478],{"from":1046,"to":1051,"sanitized":545},{"summary":1480,"deductions":1481},"The \"feed-them-social\" plugin, version 4.4.1, exhibits a mixed security posture. While the static analysis indicates a strong adherence to security best practices with no unprotected entry points, 90% prepared SQL queries, 87% properly escaped output, and a significant number of nonce and capability checks, there are areas of concern. The presence of 13 taint flows with unsanitized paths, even without critical or high severity, suggests potential for unexpected behavior or minor vulnerabilities if user input is not meticulously handled at every juncture. The plugin also performs 9 external HTTP requests, which, if not properly validated or sanitized, could introduce risks.\n\nThe plugin's vulnerability history, however, presents a more significant concern. With 12 known CVEs, including 3 critical and 1 high severity, and a recent vulnerability in January 2024, this indicates a pattern of security weaknesses. The common vulnerability types like CSRF, XSS, Deserialization, and Code Injection are particularly troubling, as they can lead to severe compromises. The fact that there are currently no unpatched CVEs is a positive sign, suggesting prompt remediation for recent issues, but the historical prevalence of severe vulnerabilities is a strong indicator of past systemic issues that may resurface or have underlying causes not immediately apparent in the static analysis of this specific version.",[1482,1484,1486,1488,1491],{"reason":1483,"points":210},"13 taint flows with unsanitized paths",{"reason":1485,"points":338},"12 known CVEs, 3 critical, 1 high",{"reason":1487,"points":210},"Recent vulnerability in Jan 2024",{"reason":1489,"points":1490},"Common vuln types: CSRF, XSS, Deserialization, Code Injection",15,{"reason":1492,"points":47},"9 external HTTP requests","2026-03-16T17:28:35.596Z",{"wat":1495,"direct":1506},{"assetPaths":1496,"generatorPatterns":1501,"scriptPaths":1502,"versionParams":1503},[1497,1498,1499,1500],"\u002Fwp-content\u002Fplugins\u002Ffeed-them-social\u002Fadmin\u002Fcss\u002Ffeed-them-social-admin.css","\u002Fwp-content\u002Fplugins\u002Ffeed-them-social\u002Fadmin\u002Fjs\u002Ffeed-them-social-admin.js","\u002Fwp-content\u002Fplugins\u002Ffeed-them-social\u002Ffeed-them-social.php","\u002Fwp-content\u002Fplugins\u002Ffeed-them-social\u002Fadmin\u002Fcpt\u002Foptions\u002FSettingsOptionsJS.php",[],[1498],[1504,1505],"feed-them-social\u002Fadmin\u002Fcss\u002Ffeed-them-social-admin.css?ver=","feed-them-social\u002Fadmin\u002Fjs\u002Ffeed-them-social-admin.js?ver=",{"cssClasses":1507,"htmlComments":1523,"htmlAttributes":1524,"restEndpoints":1529,"jsGlobals":1530,"shortcodeOutput":1532},[1508,1509,1510,1511,1512,1513,1514,1515,1516,1517,1518,1519,1520,1521,1522],"fts-color-picker","fts-required-extension-wrap","feed-them-social-req-extension","fts-social-selector","tabbed","fts-show-how-to-message","like-box-wrap","display-comments-wrap","fts-facebook-grid-options-wrap","feed-them-social-admin-input-label","fts-facebook-load-more-options-wrap","fts-facebook-load-more-options2-wrap","slider_options_wrap","fb-video-play-btn-options-content","facebook-message-generator",[],[1525,1526,1527,1528],"data-fts-cache-time","data-fts-feed-id","data-fts-ajax-url","data-fts-social-feed-id",[],[1531],"fts_color_picker",[1533,1534,1535,1536,1537,1538,1539,1540,1541],"[fts_instagram]","[fts_twitter]","[fts_facebook]","[fts_youtube]","[fts_tiktok]","[fts_snapchat]","[fts_pinterest]","[fts_linkedin]","[fts_reviews]"]