[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fuf0XwkD1_6Y7BpcbatjCVeM9ObiwLSuLkq2W9Yrtzgk":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":17,"download_link":20,"security_score":21,"vuln_count":13,"unpatched_count":13,"last_vuln_date":22,"fetched_at":23,"vulnerabilities":24,"developer":25,"crawl_stats":22,"alternatives":32,"analysis":122,"fingerprints":174},"fetch-twitter-count-for-wordpress","Fetch Twitter Count","2017.08.13","klickonit","https:\u002F\u002Fprofiles.wordpress.org\u002Fklickonit\u002F","\u003Cp>** this plugin is no longer being update. Please feel free to adopt me! **\u003C\u002Fp>\n\u003Cp>Returns the current follower count of a specific Twitter account, or FALSE if not found. Can also use a shortcode.\u003C\u002Fp>\n","Returns the current follower count of a specific Twitter account, or FALSE if not found. Can also use a shortcode.",10,1916,0,"2017-07-13T17:56:00.000Z","4.8.0","4.0.0","",[19],"adopt-me","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffetch-twitter-count-for-wordpress.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":26,"total_installs":27,"avg_security_score":28,"avg_patch_time_days":29,"trust_score":30,"computed_at":31},17,130,88,30,86,"2026-04-03T23:04:58.492Z",[33,56,77,98,113],{"slug":34,"name":35,"version":36,"author":37,"author_profile":38,"description":39,"short_description":40,"active_installs":41,"downloaded":42,"rating":43,"num_ratings":11,"last_updated":44,"tested_up_to":45,"requires_at_least":46,"requires_php":47,"tags":48,"homepage":53,"download_link":54,"security_score":55,"vuln_count":13,"unpatched_count":13,"last_vuln_date":22,"fetched_at":23},"share-on-mastodon","Share on Mastodon","0.20.1","Jan Boddez","https:\u002F\u002Fprofiles.wordpress.org\u002Fjanboddez\u002F","\u003Cp>Automatically share WordPress posts on \u003Ca href=\"https:\u002F\u002Fjoinmastodon.org\u002F\" rel=\"nofollow ugc\">Mastodon\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>You choose which post types are shared, and sharing can still be disabled on a per-post basis.\u003C\u002Fp>\n\u003Cp>Supports WordPress’ new block editor, image uploads and alt text, “template tags,” and comes with a number of filter hooks for developers.\u003C\u002Fp>\n\u003Cp>More details can be found on \u003Ca href=\"https:\u002F\u002Fjan.boddez.net\u002Fwordpress\u002Fshare-on-mastodon\" rel=\"nofollow ugc\">this plugin’s web page\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Credit\u003C\u002Fh4>\n\u003Cp>Share icon by \u003Ca href=\"https:\u002F\u002Fheroicons.dev\u002F\" rel=\"nofollow ugc\">Heroicons\u003C\u002Fa>, licensed under the terms of the MIT License. Elephant illustration sourced from Mastodon’s \u003Ca href=\"https:\u002F\u002Fjoinmastodon.org\u002Fpress-kit.zip\" rel=\"nofollow ugc\">Press Kit\u003C\u002Fa>.\u003C\u002Fp>\n","Automatically share WordPress posts on Mastodon.",1000,29553,96,"2026-01-31T14:49:00.000Z","6.9.4","5.9","7.2",[19,49,50,51,52],"fediverse","mastodon","posse","syndication","https:\u002F\u002Fjan.boddez.net\u002Fwordpress\u002Fshare-on-mastodon","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fshare-on-mastodon.0.20.1.zip",100,{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":41,"downloaded":64,"rating":55,"num_ratings":65,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":69,"tags":70,"homepage":17,"download_link":75,"security_score":76,"vuln_count":13,"unpatched_count":13,"last_vuln_date":22,"fetched_at":23},"wp-rest-yoast-meta","WP REST Yoast Meta","2025.1.0","Acato","https:\u002F\u002Fprofiles.wordpress.org\u002Facato\u002F","\u003Cp>\u003Cem>This plugin is no longer updated, but is open for adoption\u003C\u002Fem>\u003Cbr \u002F>\nAs of Yoast SEO version 16.7 the functionality provided by this plugin is now \u003Ca href=\"https:\u002F\u002Fdeveloper.yoast.com\u002Fcustomization\u002Fapis\u002Frest-api\u002F\" rel=\"nofollow ugc\">part of the Yoast SEO plugin\u003C\u002Fa> itself. This plugin will no longer be updated, but is open for adoption. If you are interested in adopting this plugin, please contact the authors.\u003C\u002Fp>\n\u003Cp>Are you using WordPress for a headless set-up, using the WP REST API? And would you like to use the Yoast SEO plugin just like you would for any other project? This plugin adds the meta tags generated by the Yoast SEO plugin to the WP REST API output, allowing your headless set-up to implement them. Also when you are using Yoast SEO Premium you have the option to retrieve redirects throught the API: this plugin adds a custom endpoint (\u003Ccode>\u002Fwp-rest-yoast-meta\u002Fv1\u002Fredirects\u003C\u002Fcode>) to provide those redirects in a JSON format. Since Yoast 11.0 JSON LD Schema.org data is also supported and is now also available through the WP REST API when using this plugin.\u003C\u002Fp>\n\u003Ch3>Installation from within WordPress\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Visit ‘Plugins > Add New’ (or ‘My Sites > Network Admin > Plugins > Add New’ if you are on a multisite installation).\u003C\u002Fli>\n\u003Cli>Search for ‘WP REST Yoast Meta’.\u003C\u002Fli>\n\u003Cli>Activate the WP REST Yoast Meta plugin through the ‘Plugins’ menu in WordPress.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Installation manually\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Upload the \u003Ccode>wp-rest-yoast-meta\u003C\u002Fcode> folder to the \u003Ccode>\u002Fwp-content\u002Fplugins\u002F\u003C\u002Fcode> directory.\u003C\u002Fli>\n\u003Cli>Activate the WP REST Yoast Meta plugin through the ‘Plugins’ menu in WordPress.\u003C\u002Fli>\n\u003C\u002Fol>\n","Adds meta tags as generated by Yoast SEO to the WP REST API. And adds a custom endpoint to retrieve all redirects as they are set in Yoast SEO Premium …",31743,6,"2025-01-23T09:31:00.000Z","5.7.15","4.7","5.4",[19,71,72,73,74],"api","wp-rest","wp-rest-api","yoast","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-rest-yoast-meta.2025.1.0.zip",92,{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":85,"downloaded":86,"rating":13,"num_ratings":13,"last_updated":87,"tested_up_to":88,"requires_at_least":89,"requires_php":90,"tags":91,"homepage":96,"download_link":97,"security_score":21,"vuln_count":13,"unpatched_count":13,"last_vuln_date":22,"fetched_at":23},"mc-divi-title-module","Divi Title Module","1.0.2","Marie Comet","https:\u002F\u002Fprofiles.wordpress.org\u002Fchaton666\u002F","\u003Cp>This plugin adds a new module to the Divi builder, it allows to easily insert titles without going through the text module.\u003Cbr \u002F>\nYou will be able to set the level of the title (h1, h2, etc), its color, its size, among others.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.elegantthemes.com\u002Fgallery\u002Fdivi\u002F\" rel=\"nofollow ugc\">Divi\u003C\u002Fa> is a registered trademark of Elegant Themes, Inc. This plugin is not affiliated with nor endorsed by \u003Ca href=\"https:\u002F\u002Fwww.elegantthemes.com\" rel=\"nofollow ugc\">Elegant Themes\u003C\u002Fa>.\u003C\u002Fp>\n","This plugin adds a new module to the Divi builder, it allows to easily insert titles without going through the text module.",200,5133,"2020-04-08T11:08:00.000Z","5.4.19","4.4","5.2.4",[19,92,93,94,95],"divi","divi-builder","divi-module","divi-title","https:\u002F\u002Fgithub.com\u002FMarieComet\u002FMC-Divi-Module-Title\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmc-divi-title-module.1.0.2.zip",{"slug":99,"name":100,"version":101,"author":37,"author_profile":38,"description":102,"short_description":103,"active_installs":104,"downloaded":105,"rating":55,"num_ratings":106,"last_updated":107,"tested_up_to":45,"requires_at_least":17,"requires_php":17,"tags":108,"homepage":17,"download_link":112,"security_score":55,"vuln_count":13,"unpatched_count":13,"last_vuln_date":22,"fetched_at":23},"share-on-pixelfed","Share on Pixelfed","0.9.0","\u003Cp>Automatically share WordPress posts on \u003Ca href=\"https:\u002F\u002Fpixelfed.org\u002F\" rel=\"nofollow ugc\">Pixelfed\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>You choose which Post Types are shared—though sharing can still be disabled on a per-post basis. Posts without a Featured Image will not be shared. (The plugin currently doesn’t look for other images inside the post, that is.)\u003C\u002Fp>\n\u003Cp>Supports a number of filter hooks for developers, and is fully compatible with WordPress’s new block editor.\u003C\u002Fp>\n\u003Cp>More details can be found on \u003Ca href=\"https:\u002F\u002Fjan.boddez.net\u002Fwordpress\u002Fshare-on-pixelfed\" rel=\"nofollow ugc\">this plugin’s web page\u003C\u002Fa>.\u003C\u002Fp>\n","Automatically share WordPress (image) posts on Pixelfed.",70,3325,1,"2026-02-07T10:24:00.000Z",[19,109,49,110,111],"crosspost","pixelfed","share","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fshare-on-pixelfed.0.9.0.zip",{"slug":114,"name":115,"version":6,"author":7,"author_profile":8,"description":116,"short_description":117,"active_installs":118,"downloaded":119,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":120,"homepage":17,"download_link":121,"security_score":21,"vuln_count":13,"unpatched_count":13,"last_vuln_date":22,"fetched_at":23},"add-image-to-rss-feed","Add Image to RSS Feed","\u003Cp>** this plugin is no longer being update. Please feel free to adopt me! **\u003C\u002Fp>\n\u003Cp>Automatically adds the featured image to RSS feed posts\u003C\u002Fp>\n","** this plugin is no longer being update. Please feel free to adopt me! **",20,2944,[19],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadd-image-to-rss-feed.zip",{"attackSurface":123,"codeSignals":148,"taintFlows":161,"riskAssessment":162,"analyzedAt":173},{"hooks":124,"ajaxHandlers":140,"restRoutes":141,"shortcodes":142,"cronEvents":147,"entryPointCount":106,"unprotectedCount":13},[125,131,136],{"type":126,"name":127,"callback":128,"priority":11,"file":129,"line":130},"filter","plugin_action_links","horshipsrectors_twitter_count_plugin_page_menu","fetch-twitter-count-for-wordpress.php",89,{"type":132,"name":133,"callback":134,"file":129,"line":135},"action","admin_menu","horshipsrectors_twitter_count_plugin_add_page",102,{"type":132,"name":137,"callback":138,"file":129,"line":139},"admin_init","horshipsrectors_twitter_count_plugin_settings",103,[],[],[143],{"tag":144,"callback":145,"file":129,"line":146},"horshipsrectors_twitter_count","horshipsrectors_twitter_count_shortcode",187,[],{"dangerousFunctions":149,"sqlUsage":150,"outputEscaping":152,"fileOperations":106,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":160},[],{"prepared":13,"raw":13,"locations":151},[],{"escaped":13,"rawEcho":153,"locations":154},2,[155,158],{"file":129,"line":156,"context":157},164,"raw output",{"file":129,"line":159,"context":157},170,[],[],{"summary":163,"deductions":164},"The 'fetch-twitter-count-for-wordpress' plugin v2017.08.13 presents a mixed security posture. On the positive side, it demonstrates good practices by having no known CVEs, no unpatched vulnerabilities, and utilizing prepared statements for all SQL queries. The absence of external HTTP requests and a small attack surface are also commendable. However, significant concerns arise from the code analysis.  The plugin fails to perform output escaping on any of its outputs, leaving it vulnerable to Cross-Site Scripting (XSS) attacks. Additionally, there are no nonce or capability checks implemented, meaning that its single shortcode entry point could potentially be exploited without proper authorization if it handles sensitive data or performs actions that require user permissions. The lack of taint analysis results also makes it difficult to fully assess potential data leakage or injection vulnerabilities.\n\nWhile the plugin has a clean vulnerability history, the identified code-level weaknesses, particularly the complete lack of output escaping and authorization checks on its entry point, introduce tangible risks. The absence of these fundamental security measures is a significant concern that outweighs the lack of historical vulnerabilities. Without addressing these issues, the plugin remains susceptible to exploitation, despite its otherwise clean record and good SQL handling.",[165,168,171],{"reason":166,"points":167},"No output escaping",8,{"reason":169,"points":170},"Missing nonce checks",5,{"reason":172,"points":170},"Missing capability checks","2026-03-17T00:59:47.968Z",{"wat":175,"direct":180},{"assetPaths":176,"generatorPatterns":177,"scriptPaths":178,"versionParams":179},[],[],[],[],{"cssClasses":181,"htmlComments":182,"htmlAttributes":183,"restEndpoints":184,"jsGlobals":185,"shortcodeOutput":186},[],[],[],[],[],[144]]