[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fxqlEQPyZ6OPmcYzx2_1VIYtY1VoDffDvx4UMcjuTRR4":3,"$fRDvVDbTgtH5ACQ341OxKGiE2x_g7IcNcAtHTofnbnbM":150,"$fMo1YV0wzbes1sxrSkDHBWVXRQ5fDTViS_V9q3RYL5IQ":155},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"discovery_status":28,"vulnerabilities":29,"developer":30,"crawl_stats":26,"alternatives":37,"analysis":38,"fingerprints":120},"jebe-cute-social-slide","Jeba Social Slide","1.0","Md Jahed","https:\u002F\u002Fprofiles.wordpress.org\u002Fjahed\u002F","\u003Cp>This plugin will enable awesome Jeba Social Slide wordpress website.\u003C\u002Fp>\n\u003Cp>Wanna see how it works? Click here: http:\u002F\u002Fprowpexpert.com\u003Cbr \u002F>\n Jeba other wordpress plugin link: https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fjeba\u003C\u002Fp>\n","Jeba Social Slide is an awesome Filter, super lightweight plugin for your wordpress website social slide.",10,1618,0,"2014-11-13T07:25:00.000Z","4.0.38","3.0.1","",[19,20,21,22],"awesome-social-slider","awosome-slide","jeba-social-slide","social-slider","http:\u002F\u002Fprowpexpert.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjebe-cute-social-slide.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":25,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"jahed",12,210,30,84,"2026-05-20T02:22:02.527Z",[],{"attackSurface":39,"codeSignals":72,"taintFlows":107,"riskAssessment":108,"analyzedAt":119},{"hooks":40,"ajaxHandlers":68,"restRoutes":69,"shortcodes":70,"cronEvents":71,"entryPointCount":13,"unprotectedCount":13},[41,47,50,54,57,61,65],{"type":42,"name":43,"callback":44,"file":45,"line":46},"action","init","jeba_social_wp_latest_jquery","jeba-social-index.php",13,{"type":42,"name":43,"callback":48,"file":45,"line":49},"plugin_function_jeba_socialform",19,{"type":42,"name":51,"callback":52,"file":45,"line":53},"wp_footer","plugin_function_jeba_social_form",26,{"type":42,"name":51,"callback":55,"file":45,"line":56},"jeba_socialform_plugin_function",37,{"type":42,"name":58,"callback":59,"file":45,"line":60},"admin_menu","jeba_add_options_page",46,{"type":42,"name":62,"callback":63,"file":45,"line":64},"admin_init","jeba_register_setting",68,{"type":42,"name":51,"callback":66,"file":45,"line":67},"jeba_social_activator",231,[],[],[],[],{"dangerousFunctions":73,"sqlUsage":74,"outputEscaping":76,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":103},[],{"prepared":13,"raw":13,"locations":75},[],{"escaped":13,"rawEcho":32,"locations":77},[78,81,83,85,87,89,91,93,95,97,99,101],{"file":45,"line":79,"context":80},111,"raw output",{"file":45,"line":82,"context":80},117,{"file":45,"line":84,"context":80},123,{"file":45,"line":86,"context":80},130,{"file":45,"line":88,"context":80},136,{"file":45,"line":90,"context":80},142,{"file":45,"line":92,"context":80},212,{"file":45,"line":94,"context":80},214,{"file":45,"line":96,"context":80},215,{"file":45,"line":98,"context":80},217,{"file":45,"line":100,"context":80},218,{"file":45,"line":102,"context":80},219,[104],{"name":105,"version":26,"knownCves":106},"jQuery",[],[],{"summary":109,"deductions":110},"The static analysis of jebe-cute-social-slide v1.0 reveals a plugin with a seemingly minimal attack surface. There are no identified AJAX handlers, REST API routes, shortcodes, or cron events that could serve as direct entry points for attackers.  Furthermore, the absence of dangerous function calls and the exclusive use of prepared statements for SQL queries are positive indicators of secure coding practices in these areas.\n\nHowever, a significant concern arises from the output escaping. With 100% of its output not being properly escaped, the plugin is highly vulnerable to Cross-Site Scripting (XSS) attacks. Any data rendered by the plugin without proper sanitization could be exploited by attackers to inject malicious scripts into the user's browser. The lack of any nonce or capability checks, while not directly exploitable due to the absence of entry points, indicates a general oversight in security best practices that could become a liability if new entry points were added in future versions.\n\nThe vulnerability history is notably clean, with no recorded CVEs. This suggests that the plugin has historically been free of publicly disclosed vulnerabilities or has not been a target for such disclosures. Coupled with the small number of code signals indicating potential issues, this might imply a less complex plugin or one that has been carefully developed and maintained concerning known security flaws. Despite the current lack of exploitable entry points and historical vulnerabilities, the critical failure in output escaping presents a substantial and immediate risk.",[111,114,117],{"reason":112,"points":113},"100% of output unescaped",8,{"reason":115,"points":116},"No capability checks",5,{"reason":118,"points":116},"No nonce checks","2026-03-17T01:19:44.886Z",{"wat":121,"direct":130},{"assetPaths":122,"generatorPatterns":125,"scriptPaths":126,"versionParams":127},[123,124],"\u002Fwp-content\u002Fplugins\u002Fjebe-cute-social-slide\u002Fjeba\u002Fsocial.slider.jquery.min.css","\u002Fwp-content\u002Fplugins\u002Fjebe-cute-social-slide\u002Fjeba\u002Fsocial.slider.jquery.min.js",[],[],[128,129],"jeba-formss-css","jebacuteformss-js",{"cssClasses":131,"htmlComments":133,"htmlAttributes":138,"restEndpoints":145,"jsGlobals":146,"shortcodeOutput":148},[132],"j_donate",[134,135,136,137],"5.1. Add settings API hook under form action.","5.2. If the form has just been submitted, this shows the notification","6.1 Add settings API hook under form action.","6.2  This function outputs some hidden fields required by the form,\nincluding a nonce, a unique number used to ensure the form has been submitted from the admin page and not somewhere else, very important for security ",[139,140,141,142,143,144],"jeba_facebook_id","jeba_twitter_id","jeba_twitter_widget_id","jeba_linkedin_id","jeba_google_id","jeba_youtube_id",[],[105,147],"$",[149],"\u003Cdiv id=\"social-slider\">\u003C\u002Fdiv>",{"error":151,"url":152,"statusCode":153,"statusMessage":154,"message":154},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fjebe-cute-social-slide\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":13,"versions":156},[]]