[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fTrlcaR2p752xcaws0oprxUZ88BiGWjKhu-VWlTWJLiE":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":36,"analysis":135,"fingerprints":233},"hey-social","Hey Social","0.1-alpha","andrea.olivato","https:\u002F\u002Fprofiles.wordpress.org\u002Fandreaolivato\u002F","\u003Cp>\u003Cstrong>Hey Social\u003C\u002Fstrong> is the coolest way to interact with the visitors of your blog, so that they can submit your posts and pages to the most famous Social services, such as \u003Cem>Digg\u003C\u002Fem>, \u003Cem>Twitter\u003C\u002Fem>, \u003Cem>De.licio.us\u003C\u002Fem> and so on.\u003C\u002Fp>\n\u003Cp>This plugins makes heavy use of Javascript effects to impress visitors with the latest tecnique of \u003Cem>Web 2.0\u003C\u002Fem>.\u003C\u002Fp>\n\u003Cp>This plugin is based on the great work \u003Ca href=\"http:\u002F\u002Fwww.anieto2k.com\u002Fheysilver\u002Findex_en.html\" rel=\"nofollow ugc\">HeySilver\u003C\u002Fa>, a JS class which uses mootools APIs to affascinate people with an inline navigation menù a là \u003Cstrong>QuickSilver\u003C\u002Fstrong>.\u003C\u002Fp>\n","A web 2.0 way of enhancing users interaction on submitting your posts to Social services.",10,5041,0,"2008-08-04T19:08:00.000Z","2.6.1","2.5","",[19,20,21,22],"2-0","bookmarks","social","twitter","http:\u002F\u002Fblog.andreaolivato.net\u002Fen\u002Fhey-social\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhey-social.0.1-alpha.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":25,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"andreaolivato",2,20,30,84,"2026-04-05T02:30:44.016Z",[37,57,75,91,110],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":17,"tags":52,"homepage":55,"download_link":56,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"wp-ya-share","WP Ya Share","1.6.1","andreyk","https:\u002F\u002Fprofiles.wordpress.org\u002Fandreyk\u002F","\u003Cp>The WP Ya.Share plugin adds to your blog a set of buttons to save URLs of your pages\u002Fposts in popular social networks (twitter, facebook, livejournal, vkontakte etc.).\u003C\u002Fp>\n\u003Cp>Добавляет блок ‘Поделиться’ (Ya.Share, разработанный в yandex) для сохранения ссылки просматриваемой страницы вашего блога в популярных ‘социальных сервисах’ (вконтакте, жж, твиттер и т. д.).\u003C\u002Fp>\n\u003Cp>It uses the Yandex Ya.share API; I shaped it into wordpress plugin with some options only.\u003C\u002Fp>\n\u003Cp>The following options are available:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>locate “ya.share” block either in the content of a page\u002Fsingle post or in the sidebar (as a new widget);\u003C\u002Fli>\n\u003Cli>select a list of preferable social networks;\u003C\u002Fli>\n\u003Cli>button\u002Flink\u002Ficon for expanded social networks list, or nothing;\u003C\u002Fli>\n\u003Cli>left, right or centered location;\u003C\u002Fli>\n\u003Cli>above or under the content;\u003C\u002Fli>\n\u003Cli>inscription language.\u003Cbr \u002F>\nPlease feel free to contact me with your questions or suggestions.\u003C\u002Fli>\n\u003C\u002Ful>\n","Adds the Yandex 'Share in social networks' block into posts or widget to simplify saving URLs of your blog pages into social networks.",200,25272,80,4,"2014-12-14T14:52:00.000Z","4.0.38","2.8.6",[20,53,54,21,22],"facebook","share","http:\u002F\u002Fandrey.eto-ya.com\u002Fwordpress\u002Fmy-plugins\u002Fwp-ya-share","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-ya-share.zip",{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":32,"downloaded":65,"rating":13,"num_ratings":13,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":17,"tags":69,"homepage":73,"download_link":74,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"sketch-bookmarks","Sketch Bookmarks","1.2.02","holas84","https:\u002F\u002Fprofiles.wordpress.org\u002Fholas84\u002F","\u003Cp>This plugin contains amazing looking, sketched icons for only the top social bookmarking sites.\u003C\u002Fp>\n\u003Cp>Quit confusing your readers with dozens of bookmarking options and start to really go after those bookmarking sites that are actually getting used with these amazing looking sketch icons.\u003C\u002Fp>\n\u003Cp>This plugin will duplicate the social icons that you see at the bottom of every article on Site Sketch 101.  I have also provided you with the options to choose which of the icons you wish to display and which of them you would prefer to hide.\u003C\u002Fp>\n\u003Ch4>Plugin Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>Design: This plugin features 6 Amazing looking sketched social icons that will set you apart from the crowd. You will draw people into bookmarking with this attractive display.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Options: We provide the options to choose which buttons to display. You can customize this plugin to represent the most important bookmarking sites or to accommodate smaller post widths.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>A Product of Site Sketch 101\u003C\u002Fh4>\n\u003Cp>Sketch Bookmarks was created by Nicholas Cardot from \u003Ca href=\"http:\u002F\u002Fwww.sitesketch101.com\" rel=\"nofollow ugc\">Site Sketch 101\u003C\u002Fa>. If you’re looking for the tips, advice, and knowledge necessary to make your blog into something amazing and influental then check out \u003Ca href=\"http:\u002F\u002Fwww.sitesketch101.com\" rel=\"nofollow ugc\">Site Sketch 101\u003C\u002Fa>.\u003C\u002Fp>\n","This plugin contains amazing looking, sketched icons for only the top social bookmarking sites.",11118,"2011-11-05T21:33:00.000Z","3.2.1","2.1.0",[70,71,72,22],"post","social-bookmarks","social-icons","http:\u002F\u002Fwww.sitesketch101.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsketch-bookmarks.zip",{"slug":76,"name":77,"version":78,"author":79,"author_profile":80,"description":81,"short_description":82,"active_installs":11,"downloaded":83,"rating":13,"num_ratings":13,"last_updated":84,"tested_up_to":85,"requires_at_least":86,"requires_php":17,"tags":87,"homepage":17,"download_link":90,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"socially-social-bookmarking-widget","Socially Social Bookmaring Widget","3.0","Teja Amilineni","https:\u002F\u002Fprofiles.wordpress.org\u002Fbhargavteja\u002F","\u003Cp>Socailly is an easy to use sidebar widget that displays Facebook, Twitter, Digg, StumbleUpon, YouTube & RSS icons.\u003C\u002Fp>\n","Socailly is an easy to use sidebar widget that displays Facebook, Twitter, Digg, StumbleUpon, YouTube & RSS icons.",4481,"2014-03-03T07:29:00.000Z","3.7.41","2.0.2",[88,53,71,89,22],"digg","stumbleupon","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsocially-social-bookmarking-widget.zip",{"slug":92,"name":93,"version":94,"author":95,"author_profile":96,"description":97,"short_description":98,"active_installs":11,"downloaded":99,"rating":100,"num_ratings":101,"last_updated":102,"tested_up_to":103,"requires_at_least":104,"requires_php":17,"tags":105,"homepage":108,"download_link":109,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"wp-socialshareprivacy","WP socialshareprivacy","0.6.2","boxi","https:\u002F\u002Fprofiles.wordpress.org\u002Fboxi\u002F","\u003Cp>Fügt Facebook-, Twitter- und Google+-Buttons hinzu, mit denen man Artikel komfortabel seinen Freunden empfehlen kann.\u003Cbr \u002F>\nDabei werden keine Daten der Leser ohne deren Zustimmung an die Betreiber der Netzwerk-Plattformen gesendet.\u003C\u002Fp>\n\u003Cp>Wie das ganze funktioniert, beschreibt der Artikel \u003Ca href=\"http:\u002F\u002Fwww.heise.de\u002Fct\u002Fartikel\u002F2-Klicks-fuer-mehr-Datenschutz-1333879.html\" title=\"heise online\" rel=\"nofollow ugc\">2 Klicks für mehr Datenschutz\u003C\u002Fa>\u003Cbr \u002F>\nauf heise online. Dieses Plugin verwendet das \u003Ca href=\"http:\u002F\u002Fwww.heise.de\u002Fextras\u002Fsocialshareprivacy\u002F\" title=\"jQuery Plug-In socialshareprivacy\" rel=\"nofollow ugc\">heise socialshareprivacy\u003C\u002Fa>-jQuery-Plugin,\u003Cbr \u002F>\num diese Funktion in WordPress bereitzustellen.\u003C\u002Fp>\n","Datenschutzfreundliche Social-Media-Einbindung (Facebook, Twitter und Google+)",5095,60,1,"2012-03-11T13:50:00.000Z","3.3.2","3.0.1",[106,53,107,71,22],"button","googleplus","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fwp-socialshareprivacy\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-socialshareprivacy.0.6.2.zip",{"slug":111,"name":112,"version":113,"author":114,"author_profile":115,"description":116,"short_description":117,"active_installs":118,"downloaded":119,"rating":120,"num_ratings":121,"last_updated":122,"tested_up_to":123,"requires_at_least":124,"requires_php":125,"tags":126,"homepage":130,"download_link":131,"security_score":132,"vuln_count":133,"unpatched_count":13,"last_vuln_date":134,"fetched_at":27},"nextend-facebook-connect","Nextend Social Login and Register","3.1.23","Nextendweb","https:\u002F\u002Fprofiles.wordpress.org\u002Fnextendweb\u002F","\u003Cp>Nextend Social Login is a professional, easy to use and free WordPress plugin. It lets your visitors  register and login to your site using their social profiles (Facebook, Google, X (formerly Twitter), etc.) instead of forcing them to spend valuable time to fill out the default registration form. Besides that, they don’t need to wait for validation emails or keep track of their username and password anymore.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Ftry-nextend-social-login.nextendweb.com\u002Fwp-login.php\" rel=\"nofollow ugc\">Demo\u003C\u002Fa>  |  \u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=buPTza2-6xc&list=PLSawiBnEUNftt3EDqnP2jIXeh6q0pZ5D8&index=1\" rel=\"nofollow ugc\">Tutorial videos\u003C\u002Fa>  |  \u003Ca href=\"https:\u002F\u002Fsocial-login.nextendweb.com\u002Fdocumentation\u002F\" rel=\"nofollow ugc\">Docs\u003C\u002Fa>  |  \u003Ca href=\"https:\u002F\u002Fsocial-login.nextendweb.com\u002Fsupport\u002F\" rel=\"nofollow ugc\">Support\u003C\u002Fa>  |  \u003Ca href=\"https:\u002F\u002Fsocial-login.nextendweb.com\u002Fpricing\u002F\" rel=\"nofollow ugc\">Pro Addon\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FbuPTza2-6xc?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>Nextend Social Login seamlessly integrates with your existing WordPress login and registration form. Existing users can add or remove their social accounts at their WordPress profile page. A single user can attach as many social account as they want allowing them to log in with Facebook, Google or X (formerly Twitter).\u003C\u002Fp>\n\u003Ch4>Three popular providers: Facebook, Google and X (formerly Twitter)\u003C\u002Fh4>\n\u003Cp>Providers are the services which the visitors can use to register and log in to your site. Nextend Social Login allows your visitors to log in with their account from the most popular social networks: Facebook, Google and X (formerly Twitter).\u003C\u002Fp>\n\u003Ch4>Free version features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>One click registration and login via Facebook, Google and X (formerly Twitter)\u003C\u002Fli>\n\u003Cli>Your current users can easily connect their Facebook, Google or X (formerly Twitter) profiles with their account\u003C\u002Fli>\n\u003Cli>Social accounts are tied to a WordPress user account so every account can be accessed with and without social account\u003C\u002Fli>\n\u003Cli>You can define custom redirect URL after the registration (upon first login) using any of the social accounts.\u003C\u002Fli>\n\u003Cli>You can define custom redirect URL after each login with any of the enabled social accounts.\u003C\u002Fli>\n\u003Cli>Display Facebook, Google, X (formerly Twitter) profile picture as avatar\u003C\u002Fli>\n\u003Cli>Login widget and shortcodes\u003C\u002Fli>\n\u003Cli>Customizable designs to match your site\u003C\u002Fli>\n\u003Cli>Editable and translatable texts on the login buttons\u003C\u002Fli>\n\u003Cli>Very simple to setup and use\u003C\u002Fli>\n\u003Cli>Clean, user friendly UI\u003C\u002Fli>\n\u003Cli>Fast and helpful support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Additional features in the \u003Ca href=\"https:\u002F\u002Fsocial-login.nextendweb.com\u002F\" rel=\"nofollow ugc\">Pro addon\u003C\u002Fa>\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WooCommerce compatibility\u003C\u002Fli>\n\u003Cli>BuddyPress compatibility\u003C\u002Fli>\n\u003Cli>UserPro compatibility\u003C\u002Fli>\n\u003Cli>Ultimate Member compatibility\u003C\u002Fli>\n\u003Cli>Easy Digital Downloads compatibility\u003C\u002Fli>\n\u003Cli>Pro providers: LinkedIn, Amazon, VKontakte, WordPress.com, Yahoo, PayPal, Disqus, Apple, GitHub, Microsoft, Line, Discord, Slack, TikTok, Steam, Twitch, Kakao, Reddit, Spotify and more coming soon\u003C\u002Fli>\n\u003Cli>Configure whether email address should be asked on registration at each provider\u003C\u002Fli>\n\u003Cli>Configure whether username should be asked on registration at each provider\u003C\u002Fli>\n\u003Cli>Choose from icons or wide buttons\u003C\u002Fli>\n\u003Cli>Several login layouts\u003C\u002Fli>\n\u003Cli>Restrict specific user roles from using the social logins. (You can restrict different roles for each provider.)\u003C\u002Fli>\n\u003Cli>Assign specific user roles to the newly registered users who use any social login provider. (You can set different roles for each provider.)\u003C\u002Fli>\n\u003Cli>Show the name of the linked providers in the Users table\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Usage\u003C\u002Fh4>\n\u003Cp>After you activated the plugin configure and enable the provider you want to use, then the plugin will automatically\u003C\u002Fp>\n\u003Cul>\n\u003Cli>add the login buttons to the WordPress login page. See screenshot #1\u003C\u002Fli>\n\u003Cli>add the account linking buttons to the WordPress profile page. See screenshot #2\u003C\u002Fli>\n\u003C\u002Ful>\n","One click registration & login plugin for Facebook, Google, X (formerly Twitter) and more. Quick setup and easy configuration.",200000,7588989,98,441,"2026-02-23T09:51:00.000Z","6.9.4","4.9","7.4",[53,127,128,22,129],"google","social-login","x","https:\u002F\u002Fsocial-login.nextendweb.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnextend-facebook-connect.3.1.23.zip",89,6,"2025-11-27 14:54:41",{"attackSurface":136,"codeSignals":148,"taintFlows":191,"riskAssessment":219,"analyzedAt":232},{"hooks":137,"ajaxHandlers":144,"restRoutes":145,"shortcodes":146,"cronEvents":147,"entryPointCount":13,"unprotectedCount":13},[138],{"type":139,"name":140,"callback":141,"file":142,"line":143},"action","wp_head","hs_all","hey-social.php",43,[],[],[],[],{"dangerousFunctions":149,"sqlUsage":150,"outputEscaping":152,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":190},[],{"prepared":13,"raw":13,"locations":151},[],{"escaped":13,"rawEcho":153,"locations":154},17,[155,158,160,163,165,167,169,171,173,175,176,178,180,182,184,186,188],{"file":142,"line":156,"context":157},36,"raw output",{"file":142,"line":159,"context":157},40,{"file":161,"line":162,"context":157},"js\\plugins\\home.php",14,{"file":161,"line":164,"context":157},21,{"file":161,"line":166,"context":157},28,{"file":161,"line":168,"context":157},35,{"file":161,"line":170,"context":157},42,{"file":161,"line":172,"context":157},49,{"file":174,"line":11,"context":157},"js\\plugins\\location.php",{"file":174,"line":153,"context":157},{"file":174,"line":177,"context":157},24,{"file":174,"line":179,"context":157},31,{"file":174,"line":181,"context":157},38,{"file":174,"line":183,"context":157},45,{"file":174,"line":185,"context":157},52,{"file":174,"line":187,"context":157},59,{"file":174,"line":189,"context":157},66,[],[192,209],{"entryPoint":193,"graph":194,"unsanitizedCount":133,"severity":208},"\u003Chome> (js\\plugins\\home.php:0)",{"nodes":195,"edges":205},[196,200],{"id":197,"type":198,"label":199,"file":161,"line":31},"n0","source","$_GET (x6)",{"id":201,"type":202,"label":203,"file":161,"line":162,"wp_function":204},"n1","sink","echo() [XSS]","echo",[206],{"from":197,"to":201,"sanitized":207},false,"low",{"entryPoint":210,"graph":211,"unsanitizedCount":218,"severity":208},"\u003Clocation> (js\\plugins\\location.php:0)",{"nodes":212,"edges":216},[213,215],{"id":197,"type":198,"label":214,"file":174,"line":11},"$_GET['page'] (x9)",{"id":201,"type":202,"label":203,"file":174,"line":11,"wp_function":204},[217],{"from":197,"to":201,"sanitized":207},9,{"summary":220,"deductions":221},"The plugin 'hey-social' v0.1-alpha exhibits a mixed security posture. On one hand, the absence of known CVEs and the use of prepared statements for all SQL queries are positive indicators. However, the static analysis reveals significant security concerns, most notably that 100% of its output is not properly escaped. This is a critical flaw that could lead to Cross-Site Scripting (XSS) vulnerabilities, allowing attackers to inject malicious scripts into the user's browser when content generated by the plugin is displayed.\n\nFurthermore, the taint analysis identified two flows with unsanitized paths, which, while not rated as critical or high severity in this report, represent potential pathways for injection attacks if not handled carefully. The lack of nonce checks and capability checks on any entry points (though the entry point count is zero) suggests a lack of robust access control and potential for CSRF if entry points are added in the future without proper safeguards. The alpha version status also implies the code may not have undergone extensive security hardening.",[222,225,227,230],{"reason":223,"points":224},"100% of output not properly escaped",15,{"reason":226,"points":133},"Taint flows with unsanitized paths (2)",{"reason":228,"points":229},"No nonce checks on potential entry points",5,{"reason":231,"points":229},"No capability checks on potential entry points","2026-03-17T05:41:14.915Z",{"wat":234,"direct":242},{"assetPaths":235,"generatorPatterns":238,"scriptPaths":239,"versionParams":241},[236,237],"\u002Fwp-content\u002Fplugins\u002Fhey-social\u002Fjs\u002Fmootools-mod.js","\u002Fwp-content\u002Fplugins\u002Fhey-social\u002Fcss\u002Fhey-social.css",[],[236,240],"\u002Fwp-content\u002Fplugins\u002Fhey-social\u002Fjs\u002Fhey-social.php",[],{"cssClasses":243,"htmlComments":244,"htmlAttributes":245,"restEndpoints":246,"jsGlobals":247,"shortcodeOutput":248},[],[],[],[],[],[]]