[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fux66Ew_uzcwFUAR4n5IVG6ZAY61CnD9HrIkBGQKzG0k":3,"$fx-vkqBO9vaef4Zr5sxm8IdCwthcpSccMb6e5x_iQJRE":359,"$fXFgzj5u-BzYHTq0MOYHbPn5Ma0eGNOciPacpnfYmC5U":363},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"discovery_status":31,"vulnerabilities":32,"developer":33,"crawl_stats":29,"alternatives":39,"analysis":96,"fingerprints":313},"jsocial-responsive-floating-social-sharing-media-bar","jSocial","1.0.0","delete_me","https:\u002F\u002Fprofiles.wordpress.org\u002Fprefermoo\u002F","\u003Cp>JSocial free edition is a light-weight WordPress plugin that adds a floating bar to your site to get you maximum shares.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Responsive, Customizable and Extensible\u003C\u002Fli>\n\u003Cli>WordPress Optimized\u003C\u002Fli>\n\u003Cli>Easy to understand and to read\u003C\u002Fli>\n\u003Cli>A Quality Set of Buttons\u003C\u002Fli>\n\u003Cli>Each social provider can be enabled or disabled (Selective disable)\u003C\u002Fli>\n\u003Cli>Sharing with Facebook, Twitter, Google+, \u003Cstrong>Delicious, Pinterest, Stumbleupon and Linkedin *Only in Premium Version\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Super lightweight social sharing\u003C\u002Fli>\n\u003Cli>Easy to use and integrate\u003C\u002Fli>\n\u003Cli>Massive Exposure\u003C\u002Fli>\n\u003Cli>Make it Easier for your Users to Share your Content\u003C\u002Fli>\n\u003Cli>Custom Placement\u003C\u002Fli>\n\u003Cli>And much more!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fcodecanyon.net\u002Fitem\u002Fjsocial-responsive-floating-social-sharing-bar\u002F9187628\u002F?ref=ressannedba\" rel=\"nofollow ugc\">Get Premium Version\u003C\u002Fa>\u003C\u002Fp>\n","Light-weight WordPress plugin that adds a responsive floating bar to your site to get you maximum shares.",10,1840,86,3,"2014-12-27T09:48:00.000Z","4.0.38","3.4","",[20,21,22,23,24],"floating-media-bar","floating-media-buttons-bar","responsive-social-bar","responsive-social-buttons-bar","social-bar","http:\u002F\u002Fcodecanyon.net\u002Fuser\u002Fressannedba?ref=ressannedba","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjsocial-responsive-floating-social-sharing-media-bar.zip",85,0,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":34,"display_name":7,"profile_url":8,"plugin_count":35,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":36,"trust_score":37,"computed_at":38},"prefermoo",1,30,84,"2026-05-20T06:04:26.002Z",[40,61,80],{"slug":41,"name":42,"version":43,"author":44,"author_profile":45,"description":46,"short_description":47,"active_installs":48,"downloaded":49,"rating":13,"num_ratings":50,"last_updated":51,"tested_up_to":52,"requires_at_least":53,"requires_php":18,"tags":54,"homepage":58,"download_link":59,"security_score":27,"vuln_count":35,"unpatched_count":28,"last_vuln_date":60,"fetched_at":30},"wp-sticky-social","WP Sticky Social","1.0.2","Musilda","https:\u002F\u002Fprofiles.wordpress.org\u002Fmusilda\u002F","\u003Cp>Plugin display sticky bar with icons and links your socials profiles.\u003C\u002Fp>\n\u003Cp>For icons is used Zurb Foundation Social Icons Font.\u003Cbr \u002F>\nYou can select from 22 icons, set position from top of screen, display sticky bar on right or left side, change text, icon and background color from administration.\u003C\u002Fp>\n\u003Cp>Icons for social profile\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Facebook\u003C\u002Fli>\n\u003Cli>Twitter\u003C\u002Fli>\n\u003Cli>Pinterest\u003C\u002Fli>\n\u003Cli>Github\u003C\u002Fli>\n\u003Cli>Linkedin\u003C\u002Fli>\n\u003Cli>Dribble\u003C\u002Fli>\n\u003Cli>Stumble Upon\u003C\u002Fli>\n\u003Cli>Behance\u003C\u002Fli>\n\u003Cli>Reddit\u003C\u002Fli>\n\u003Cli>Google plus\u003C\u002Fli>\n\u003Cli>Youtube\u003C\u002Fli>\n\u003Cli>Vimeo\u003C\u002Fli>\n\u003Cli>Flickr\u003C\u002Fli>\n\u003Cli>Slideshare\u003C\u002Fli>\n\u003Cli>Picasa\u003C\u002Fli>\n\u003Cli>Skype\u003C\u002Fli>\n\u003Cli>Instagram\u003C\u002Fli>\n\u003Cli>Foursquare\u003C\u002Fli>\n\u003Cli>Delicious\u003C\u002Fli>\n\u003Cli>Tumblr\u003C\u002Fli>\n\u003Cli>Digg\u003C\u002Fli>\n\u003Cli>WordPress\u003C\u002Fli>\n\u003C\u002Ful>\n","Plugin display sticky bar with icons and links your socials profiles.",100,9317,4,"2023-06-14T19:48:00.000Z","6.1.10","5.7",[55,56,57],"social","social-icons","sticky-social-bar","http:\u002F\u002Fmusilda.cz\u002Fwp-sticky-social\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-sticky-social.zip","2023-06-19 00:00:00",{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":11,"downloaded":69,"rating":28,"num_ratings":28,"last_updated":70,"tested_up_to":71,"requires_at_least":72,"requires_php":18,"tags":73,"homepage":78,"download_link":79,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"scrapme-advance-contact-form","scrap.me","1.3","btushar","https:\u002F\u002Fprofiles.wordpress.org\u002Fbtushar\u002F","\u003Cp>Get an advance contact form for your site and offer site wide deals with additional tools like Deal Bar, Popups, Inline Popups, Social Bar, Leave intent targeting. Before activating the plugin please register an account from http:\u002F\u002Fscrap.me and insert the API key here.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Contact Form\u003C\u002Fli>\n\u003Cli>Deal bar\u003C\u002Fli>\n\u003Cli>Social Bar\u003C\u002Fli>\n\u003Cli>Inline and Side Popups\u003C\u002Fli>\n\u003Cli>Splash Image\u003C\u002Fli>\n\u003Cli>Advance Lead Routing to multiple users\u003C\u002Fli>\n\u003C\u002Fol>\n","Get an advance contact form for your site and offer site wide deals with additional tools like Deal Bar, Popups, Inline Popups, Social Bar, Leave inte &hellip;",1416,"2016-07-22T10:18:00.000Z","4.7.33","3.0.1",[74,75,76,24,77],"contact-form","deal-bar","in-site-deal-management","splash-image","http:\u002F\u002Fscrap.me\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fscrapme-advance-contact-form.zip",{"slug":81,"name":82,"version":43,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":11,"downloaded":87,"rating":28,"num_ratings":28,"last_updated":88,"tested_up_to":71,"requires_at_least":89,"requires_php":18,"tags":90,"homepage":18,"download_link":94,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":95},"social-bar-lite","Social Bar Lite","infranetworking","https:\u002F\u002Fprofiles.wordpress.org\u002Finfranetworking\u002F","\u003Ch3>English\u003C\u002Fh3>\n\u003Cp>A floating bar plugin that allows your visitors connect them to your Twitter and Facebook social network in a fast, secure and instant way. Increase the number of followers of your Twitter and Facebook account in a 200%, change its background color, text color, enable it or disable it with just one click.\u003C\u002Fp>\n\u003Ch3>Español\u003C\u002Fh3>\n\u003Cp>Plugin de una barra flotante que permite a tus visitantes conectarse a tu red social de Twitter y Facebook de una forma rápida, segura e inmediata. Aumenta un 200% el número de seguidores en tu cuenta de Twitter y de Facebook, cambia los colores de fondo de la barra, el color de texto, actívala o desactívala con un solo click.\u003C\u002Fp>\n","A floating bar plugin that allows your visitors connect them to your Twitter and Facebook social network",2267,"2016-08-17T14:57:00.000Z","4.x",[91,92,55,24,93],"bar","lite","twitter","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsocial-bar-lite.zip","2026-04-06T09:54:40.288Z",{"attackSurface":97,"codeSignals":126,"taintFlows":272,"riskAssessment":299,"analyzedAt":312},{"hooks":98,"ajaxHandlers":114,"restRoutes":122,"shortcodes":123,"cronEvents":124,"entryPointCount":125,"unprotectedCount":125},[99,105,108,111],{"type":100,"name":101,"callback":102,"file":103,"line":104},"action","plugins_loaded","anonymous","includes\u002Fclass-jsocial.php",141,{"type":100,"name":106,"callback":102,"file":103,"line":107},"admin_menu",155,{"type":100,"name":109,"callback":102,"file":103,"line":110},"wp_enqueue_scripts",170,{"type":100,"name":112,"callback":102,"file":103,"line":113},"wp_footer",172,[115,119],{"action":116,"nopriv":117,"callback":102,"hasNonce":117,"hasCapCheck":117,"file":103,"line":118},"jsocial",false,173,{"action":116,"nopriv":120,"callback":102,"hasNonce":117,"hasCapCheck":117,"file":103,"line":121},true,174,[],[],[],2,{"dangerousFunctions":127,"sqlUsage":128,"outputEscaping":130,"fileOperations":28,"externalRequests":125,"nonceChecks":28,"capabilityChecks":35,"bundledLibraries":271},[],{"prepared":28,"raw":28,"locations":129},[],{"escaped":50,"rawEcho":27,"locations":131},[132,135,136,138,139,141,142,144,145,147,148,150,151,153,155,157,159,161,163,165,166,168,169,171,172,174,175,177,178,180,181,183,184,186,187,189,191,193,195,197,199,202,205,206,208,209,211,212,214,215,217,219,221,223,225,227,229,231,233,235,237,240,241,242,244,245,246,248,249,250,252,253,255,256,257,258,260,261,263,264,265,266,267,268,270],{"file":133,"line":110,"context":134},"admin\u002Fpartials\u002Fjsocial-admin-display.php","raw output",{"file":133,"line":110,"context":134},{"file":133,"line":137,"context":134},176,{"file":133,"line":137,"context":134},{"file":133,"line":140,"context":134},182,{"file":133,"line":140,"context":134},{"file":133,"line":143,"context":134},190,{"file":133,"line":143,"context":134},{"file":133,"line":146,"context":134},196,{"file":133,"line":146,"context":134},{"file":133,"line":149,"context":134},202,{"file":133,"line":149,"context":134},{"file":133,"line":152,"context":134},221,{"file":133,"line":154,"context":134},227,{"file":133,"line":156,"context":134},235,{"file":133,"line":158,"context":134},241,{"file":133,"line":160,"context":134},247,{"file":133,"line":162,"context":134},253,{"file":133,"line":164,"context":134},261,{"file":133,"line":164,"context":134},{"file":133,"line":167,"context":134},267,{"file":133,"line":167,"context":134},{"file":133,"line":170,"context":134},273,{"file":133,"line":170,"context":134},{"file":133,"line":173,"context":134},279,{"file":133,"line":173,"context":134},{"file":133,"line":176,"context":134},287,{"file":133,"line":176,"context":134},{"file":133,"line":179,"context":134},293,{"file":133,"line":179,"context":134},{"file":133,"line":182,"context":134},299,{"file":133,"line":182,"context":134},{"file":133,"line":185,"context":134},305,{"file":133,"line":185,"context":134},{"file":133,"line":188,"context":134},449,{"file":133,"line":190,"context":134},469,{"file":133,"line":192,"context":134},473,{"file":133,"line":194,"context":134},477,{"file":133,"line":196,"context":134},581,{"file":133,"line":198,"context":134},594,{"file":200,"line":201,"context":134},"public\u002Fclass-jsocial-public.php",143,{"file":203,"line":204,"context":134},"public\u002Fcss\u002Fjsocial-custom.php",26,{"file":203,"line":204,"context":134},{"file":203,"line":207,"context":134},29,{"file":203,"line":207,"context":134},{"file":203,"line":210,"context":134},32,{"file":203,"line":210,"context":134},{"file":203,"line":213,"context":134},35,{"file":203,"line":213,"context":134},{"file":203,"line":216,"context":134},39,{"file":203,"line":218,"context":134},43,{"file":203,"line":220,"context":134},50,{"file":203,"line":222,"context":134},60,{"file":203,"line":224,"context":134},67,{"file":203,"line":226,"context":134},71,{"file":203,"line":228,"context":134},78,{"file":203,"line":230,"context":134},79,{"file":203,"line":232,"context":134},87,{"file":203,"line":234,"context":134},124,{"file":203,"line":236,"context":134},125,{"file":238,"line":239,"context":134},"public\u002Fpartials\u002Fjsocial-public-display.php",37,{"file":238,"line":239,"context":134},{"file":238,"line":239,"context":134},{"file":238,"line":243,"context":134},40,{"file":238,"line":243,"context":134},{"file":238,"line":243,"context":134},{"file":238,"line":247,"context":134},44,{"file":238,"line":247,"context":134},{"file":238,"line":247,"context":134},{"file":238,"line":251,"context":134},48,{"file":238,"line":251,"context":134},{"file":238,"line":254,"context":134},54,{"file":238,"line":254,"context":134},{"file":238,"line":222,"context":134},{"file":238,"line":222,"context":134},{"file":238,"line":259,"context":134},66,{"file":238,"line":259,"context":134},{"file":238,"line":262,"context":134},72,{"file":238,"line":262,"context":134},{"file":238,"line":228,"context":134},{"file":238,"line":228,"context":134},{"file":238,"line":37,"context":134},{"file":238,"line":37,"context":134},{"file":238,"line":269,"context":134},90,{"file":238,"line":269,"context":134},[],[273,291],{"entryPoint":274,"graph":275,"unsanitizedCount":125,"severity":290},"jsocial_callback (public\u002Fclass-jsocial-public.php:112)",{"nodes":276,"edges":288},[277,282],{"id":278,"type":279,"label":280,"file":200,"line":281},"n0","source","$_GET (x2)",117,{"id":283,"type":284,"label":285,"file":200,"line":286,"wp_function":287},"n1","sink","wp_remote_get() [SSRF]",123,"wp_remote_get",[289],{"from":278,"to":283,"sanitized":117},"medium",{"entryPoint":292,"graph":293,"unsanitizedCount":125,"severity":290},"\u003Cclass-jsocial-public> (public\u002Fclass-jsocial-public.php:0)",{"nodes":294,"edges":297},[295,296],{"id":278,"type":279,"label":280,"file":200,"line":281},{"id":283,"type":284,"label":285,"file":200,"line":286,"wp_function":287},[298],{"from":278,"to":283,"sanitized":117},{"summary":300,"deductions":301},"The 'jsocial-responsive-floating-social-sharing-media-bar' plugin version 1.0.0 presents a mixed security posture.  While it avoids dangerous functions, uses prepared statements for all SQL queries, and has no recorded vulnerability history, several significant concerns arise from the static analysis.  The plugin's attack surface is small but critically, both of its AJAX handlers lack authentication checks. This means any user, even an unauthenticated one, could potentially trigger these handlers, leading to unauthorized actions if the handlers perform sensitive operations.  The taint analysis also indicates flows with unsanitized paths, though they did not reach a critical or high severity level in this analysis, this warrants attention.  The extremely low percentage of properly escaped output (4%) is a major red flag, suggesting a high risk of Cross-Site Scripting (XSS) vulnerabilities, allowing attackers to inject malicious scripts into the site.",[302,304,307,310],{"reason":303,"points":11},"AJAX handlers without authentication checks",{"reason":305,"points":306},"Low percentage of properly escaped output (XSS risk)",8,{"reason":308,"points":309},"Flows with unsanitized paths (potential injection)",5,{"reason":311,"points":309},"Missing nonce checks on AJAX handlers","2026-04-16T12:56:03.609Z",{"wat":314,"direct":334},{"assetPaths":315,"generatorPatterns":322,"scriptPaths":323,"versionParams":327},[316,317,318,319,320,321],"\u002Fwp-content\u002Fplugins\u002Fjsocial-responsive-floating-social-sharing-media-bar\u002Fadmin\u002Fcss\u002Fjsocial-main.css","\u002Fwp-content\u002Fplugins\u002Fjsocial-responsive-floating-social-sharing-media-bar\u002Fadmin\u002Fcss\u002Fjsocial-vendor.css","\u002Fwp-content\u002Fplugins\u002Fjsocial-responsive-floating-social-sharing-media-bar\u002Fadmin\u002Fjs\u002Fjsocial-main.js","\u002Fwp-content\u002Fplugins\u002Fjsocial-responsive-floating-social-sharing-media-bar\u002Fadmin\u002Fjs\u002Fjsocial-vendor.js","\u002Fwp-content\u002Fplugins\u002Fjsocial-responsive-floating-social-sharing-media-bar\u002Fpublic\u002Fcss\u002Fjsocial-responsive-floating-social-sharing-media-bar-public.css","\u002Fwp-content\u002Fplugins\u002Fjsocial-responsive-floating-social-sharing-media-bar\u002Fpublic\u002Fjs\u002Fjsocial-responsive-floating-social-sharing-media-bar-public.js",[],[324,325,326],"admin\u002Fjs\u002Fjsocial-main.js","admin\u002Fjs\u002Fjsocial-vendor.js","public\u002Fjs\u002Fjsocial-responsive-floating-social-sharing-media-bar-public.js",[328,329,330,331,332,333],"jsocial-vendor-css-admin?ver=","jsocial-main-css-admin?ver=","jsocial-vendor-js-admin?ver=","jsocial-main-js-admin?ver=","jsocial-responsive-floating-social-sharing-media-bar-public-css?ver=","jsocial-responsive-floating-social-sharing-media-bar-public-js?ver=",{"cssClasses":335,"htmlComments":343,"htmlAttributes":346,"restEndpoints":353,"jsGlobals":354,"shortcodeOutput":356},[336,337,338,339,340,341,342],"jsocial-fixed-top","jsocial-fixed-right","jsocial-fixed-bottom","jsocial-fixed-left","jsocial-bar-main","jsocial-bar-item","jsocial-bar-label",[344,345],"\u003C!-- START jsocial social sharing bar -->","\u003C!-- END jsocial social sharing bar -->",[347,348,349,350,351,352],"data-jsocial-position","data-jsocial-align","data-jsocial-color","data-jsocial-text-color","data-jsocial-show-label","data-jsocial-fixed",[],[355],"jsocial_admin",[357,358],"[jsocial]","[jsocial-bar]",{"error":120,"url":360,"statusCode":361,"statusMessage":362,"message":362},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fjsocial-responsive-floating-social-sharing-media-bar\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":35,"versions":364},[365],{"version":366,"download_url":367,"svn_tag_url":368,"released_at":29,"has_diff":117,"diff_files_changed":369,"diff_lines":29,"trac_diff_url":29,"vulnerabilities":370,"is_current":117},"1.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjsocial-responsive-floating-social-sharing-media-bar.1.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fjsocial-responsive-floating-social-sharing-media-bar\u002Ftags\u002F1.1\u002F",[],[]]