[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fgpCtZZ1RueNhABFPh6zPt8n0oebbdC-AnZMixygQ6GU":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":14,"tags":17,"homepage":20,"download_link":21,"security_score":22,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":24,"vulnerabilities":25,"developer":26,"crawl_stats":23,"alternatives":34,"analysis":125,"fingerprints":234},"mixi-check","mixi Check for Sharedaddy","1.1","Keisuke Nemoto","https:\u002F\u002Fprofiles.wordpress.org\u002Fnemooon\u002F","\u003Cp>Add to Sharedaddy support service.\u003C\u002Fp>\n\u003Cp>Sharedaddyプラグインにmixiチェックを追加します。\u003C\u002Fp>\n\u003Cp>\u003Cstrong>PHP5 REQUIRE\u003C\u002Fstrong>\u003C\u002Fp>\n","Add to Sharedaddy support service.",10,2449,0,"","3.2.1","2.8",[18,19],"mixi","sharedaddy","http:\u002F\u002Fnemooon.jp\u002Fplugins\u002Fmixi-check\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmixi-check.1.1.zip",100,null,"2026-03-15T10:48:56.248Z",[],{"slug":27,"display_name":7,"profile_url":8,"plugin_count":28,"total_installs":29,"avg_security_score":30,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},"nemooon",3,50,90,30,87,"2026-04-05T09:46:14.267Z",[35,51,74,94,108],{"slug":36,"name":37,"version":38,"author":7,"author_profile":8,"description":39,"short_description":10,"active_installs":31,"downloaded":40,"rating":13,"num_ratings":13,"last_updated":41,"tested_up_to":15,"requires_at_least":42,"requires_php":14,"tags":43,"homepage":47,"download_link":48,"security_score":49,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":50},"sharekoube","Sharekoube","0.8","\u003Cp>Add to Sharedaddy support service.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Fabout\u002Fresources\u002Ftweetbutton\" rel=\"nofollow ugc\">Twitter\u003C\u002Fa>（日本語化）\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwww.google.com\u002Fintl\u002Fja\u002Fwebmasters\u002F+1\u002Fbutton\u002F\" rel=\"nofollow ugc\">Google +1\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwww.google.com\u002Fbuzz\u002Fapi\u002Fadmin\u002FconfigPostWidget\" rel=\"nofollow ugc\">Google Buzz\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fb.hatena.ne.jp\u002Fguide\u002Fbbutton\" rel=\"nofollow ugc\">はてなブックマーク\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fdeveloper.mixi.co.jp\u002Fconnect\u002Fmixi_plugin\u002Fmixi_check\u002F\" rel=\"nofollow ugc\">mixiチェック\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwww.evernote.com\u002Fabout\u002Fintl\u002Fjp\u002Fdeveloper\u002Fsitememory\u002F\" rel=\"nofollow ugc\">Evernote\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>PHP5 REQUIRE\u003C\u002Fstrong>\u003C\u002Fp>\n",2462,"2011-07-07T06:30:00.000Z","3.0",[44,45,4,19,46],"google-1","hatena-bookmark","twitter","http:\u002F\u002Fnemooon.jp\u002Fplugins\u002Fsharekoube\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsharekoube.zip",85,"2026-03-15T15:16:48.613Z",{"slug":52,"name":53,"version":54,"author":55,"author_profile":56,"description":57,"short_description":58,"active_installs":59,"downloaded":60,"rating":61,"num_ratings":62,"last_updated":63,"tested_up_to":64,"requires_at_least":65,"requires_php":14,"tags":66,"homepage":71,"download_link":72,"security_score":73,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":50},"jetpack-sharing-butttons-shortcode","Sharing buttons shortcode for Jetpack","1.2.2","Jeremy Herve","https:\u002F\u002Fprofiles.wordpress.org\u002Fjeherve\u002F","\u003Cp>Extends the Jetpack plugin and allows you to add sharing buttons anywhere inside your posts thanks to the [jpshare] shortcode\u003C\u002Fp>\n\u003Cp>Important: for this plugin to work, you must activate \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fjetpack\u002F\" rel=\"ugc\">Jetpack\u003C\u002Fa> first, and activate the sharing module.\u003C\u002Fp>\n\u003Cp>This plugin is a work in progress. You can report issues \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fjetpack-sharing-butttons-shortcode\" rel=\"ugc\">here\u003C\u002Fa>, or submit a pull request \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fjeherve\u002Fjp-sd-shortcode\" rel=\"nofollow ugc\">on GitHub\u003C\u002Fa>.\u003C\u002Fp>\n","Extends the Jetpack plugin and allows you to add sharing buttons anywhere inside your posts thanks to the [jpshare] shortcode",800,28037,76,15,"2024-11-12T07:11:00.000Z","6.7.5","3.9",[67,68,19,69,70],"jetpack","share","shortcode","wordpress-com","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fjetpack-sharing-butttons-shortcode\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjetpack-sharing-butttons-shortcode.1.2.2.zip",92,{"slug":75,"name":76,"version":77,"author":78,"author_profile":79,"description":80,"short_description":81,"active_installs":82,"downloaded":83,"rating":22,"num_ratings":84,"last_updated":85,"tested_up_to":86,"requires_at_least":87,"requires_php":14,"tags":88,"homepage":14,"download_link":93,"security_score":49,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":50},"awesome-wp-mixitup-portfolio","Awesome Wp Mixitup Portfolio","1.0","nayon46","https:\u002F\u002Fprofiles.wordpress.org\u002Fnayon46\u002F","\u003Cp>Awesome Mixitup Portfolio allows designers, artists, photographers to create, manage and publish a very modern and outstanding Mixitup portfolio that can be filtered using smooth animations and cool image hover effects. Select from a huge set of effects and animation presets to customize the look of your portfolio. Set up, customize and publish your portfolio within just a few minutes.\u003C\u002Fp>\n\u003Cp>add shortcode in your page   [advanced-portfolio]\u003C\u002Fp>\n\u003Ch3>Arbitrary section\u003C\u002Fh3>\n\u003Cp>You may provide arbitrary sections, in the same format as the ones above.  This may be of use for extremely complicated\u003Cbr \u002F>\nplugins where more information needs to be conveyed that doesn’t fit into the categories of “description” or\u003Cbr \u002F>\n“installation.”  Arbitrary sections will be shown below the built-in sections outlined above.\u003C\u002Fp>\n\u003Ch3>A brief Markdown Example\u003C\u002Fh3>\n\u003Cp>Ordered list:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Some feature\u003C\u002Fli>\n\u003Cli>Another feature\u003C\u002Fli>\n\u003Cli>Something else about the plugin\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Unordered list:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>something\u003C\u002Fli>\n\u003Cli>something else\u003C\u002Fli>\n\u003Cli>third thing\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Here’s a link to \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002F\" title=\"Your favorite software\" rel=\"ugc\">WordPress\u003C\u002Fa> and one to \u003Ca href=\"http:\u002F\u002Fdaringfireball.net\u002Fprojects\u002Fmarkdown\u002Fsyntax\" title=\"Markdown is what the parser uses to process much of the readme file\" rel=\"nofollow ugc\">Markdown’s Syntax Documentation\u003C\u002Fa>.\u003Cbr \u002F>\nTitles are optional, naturally.\u003C\u002Fp>\n\u003Cp>Markdown uses email style notation for blockquotes and I’ve been told:\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>Asterisks for \u003Cem>emphasis\u003C\u002Fem>. Double it up  for \u003Cstrong>strong\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cpre>\u003Ccode>\u003C?php code(); \u002F\u002F goes in backticks ?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Awesome Mixitup Portfolio allows you to create a very modern and outstanding portfolio which filters instantly using jQuery animations.",200,7210,2,"2024-01-07T03:03:00.000Z","6.4.8","5.0.1",[89,75,90,91,92],"awesome-photo-galley","image-gallery","photo","widget-photo-gallery","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fawesome-wp-mixitup-portfolio.zip",{"slug":95,"name":96,"version":77,"author":55,"author_profile":56,"description":97,"short_description":98,"active_installs":82,"downloaded":99,"rating":22,"num_ratings":100,"last_updated":101,"tested_up_to":102,"requires_at_least":65,"requires_php":14,"tags":103,"homepage":106,"download_link":107,"security_score":49,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":50},"jetpack-shortlinks-for-sharing-buttons","Shortlinks for Jetpack sharing buttons","\u003Cp>Use shortlinks instead of permalinks in Jetpack sharing buttons\u003C\u002Fp>\n\u003Cul>\n\u003Cli>If you haven’t set up any shortlink plugin on your site, the sharing buttons will use the default numerical permalinks\u003C\u002Fli>\n\u003Cli>If you have enabled WP.me Shortlinks in Jetpack, the sharing buttons will use them\u003C\u002Fli>\n\u003Cli>If you’ve installed another plugin to create custom shortlinks, the sharing buttons will use them\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Important: for this plugin to work, you must activate \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fjetpack\u002F\" rel=\"ugc\">Jetpack\u003C\u002Fa> first, and activate the Sharing module.\u003C\u002Fp>\n\u003Cp>This plugin is a work in progress. You can report issues \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fjetpack-shortlinks-for-sharing-buttons\u002F\" rel=\"ugc\">here\u003C\u002Fa>, or submit a pull request \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fjeherve\u002Fjp-sd-custshortlink\" rel=\"nofollow ugc\">on GitHub\u003C\u002Fa>.\u003C\u002Fp>\n","Use shortlinks instead of permalinks in Jetpack sharing buttons",8640,5,"2020-08-04T16:35:00.000Z","5.5.18",[67,19,104,105,70],"sharing","shortlinks","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fjetpack-shortlinks-for-sharing-buttons\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjetpack-shortlinks-for-sharing-buttons.1.0.zip",{"slug":109,"name":110,"version":111,"author":112,"author_profile":113,"description":114,"short_description":115,"active_installs":116,"downloaded":117,"rating":13,"num_ratings":13,"last_updated":118,"tested_up_to":119,"requires_at_least":120,"requires_php":14,"tags":121,"homepage":123,"download_link":124,"security_score":49,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":50},"publishtomixi","publishToMixi","3.0.2.1","kei51","https:\u002F\u002Fprofiles.wordpress.org\u002Fkei51\u002F","\u003Cp>This plugin allows you to crosspost your entries to both your wordpress and mixi at the same time. Mixi is one of the most popular SNS sites in Japan.\u003C\u002Fp>\n\u003Cp>Once you install this plugin, you will see the option in the edit screen. If you want to publish your post to mixi, you can simply check the option and publish.\u003C\u002Fp>\n\u003Cp>You can find the Japanese description at \u003Ca href=\"http:\u002F\u002Fksnn.com\u002Fdiary\u002F?page_id=2437\" rel=\"nofollow ugc\">here\u003C\u002Fa>.\u003C\u002Fp>\n","This plugin allows you to crosspost your entries to mixi.",40,4755,"2010-10-27T03:29:00.000Z","2.8.1","2.5",[122,18],"crosspost","http:\u002F\u002Fksnn.com\u002Fdiary\u002F?page_id=2437","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpublishtomixi.3.0.2.1.zip",{"attackSurface":126,"codeSignals":154,"taintFlows":191,"riskAssessment":219,"analyzedAt":233},{"hooks":127,"ajaxHandlers":150,"restRoutes":151,"shortcodes":152,"cronEvents":153,"entryPointCount":13,"unprotectedCount":13},[128,134,138,143,146],{"type":129,"name":130,"callback":131,"file":132,"line":133},"action","wp_head","add_style","mixi-check.php",34,{"type":129,"name":135,"callback":136,"file":132,"line":137},"load-settings_page_sharing","add_admin_style",38,{"type":139,"name":140,"callback":141,"file":132,"line":142},"filter","sharing_services","add_sharing_service",39,{"type":139,"name":144,"callback":145,"file":132,"line":116},"language_attributes","ogp_namespace",{"type":139,"name":147,"callback":148,"priority":11,"file":132,"line":149},"plugin_row_meta","add_plugin_meta",44,[],[],[],[],{"dangerousFunctions":155,"sqlUsage":156,"outputEscaping":158,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":190},[],{"prepared":13,"raw":13,"locations":157},[],{"escaped":84,"rawEcho":159,"locations":160},14,[161,164,167,169,171,173,175,177,179,181,182,184,186,188],{"file":162,"line":100,"context":163},"mixi-check.class.php","raw output",{"file":165,"line":166,"context":163},"sharing-sources.php",54,{"file":165,"line":168,"context":163},55,{"file":165,"line":170,"context":163},56,{"file":165,"line":172,"context":163},57,{"file":165,"line":174,"context":163},68,{"file":165,"line":176,"context":163},69,{"file":165,"line":178,"context":163},70,{"file":165,"line":180,"context":163},71,{"file":165,"line":49,"context":163},{"file":165,"line":183,"context":163},101,{"file":165,"line":185,"context":163},102,{"file":165,"line":187,"context":163},103,{"file":165,"line":189,"context":163},228,[],[192,210],{"entryPoint":193,"graph":194,"unsanitizedCount":208,"severity":209},"display_header (sharing-sources.php:50)",{"nodes":195,"edges":205},[196,200],{"id":197,"type":198,"label":199,"file":165,"line":22},"n0","source","$_SERVER",{"id":201,"type":202,"label":203,"file":165,"line":187,"wp_function":204},"n1","sink","echo() [XSS]","echo",[206],{"from":197,"to":201,"sanitized":207},false,1,"medium",{"entryPoint":211,"graph":212,"unsanitizedCount":208,"severity":218},"\u003Csharing-sources> (sharing-sources.php:0)",{"nodes":213,"edges":216},[214,215],{"id":197,"type":198,"label":199,"file":165,"line":22},{"id":201,"type":202,"label":203,"file":165,"line":187,"wp_function":204},[217],{"from":197,"to":201,"sanitized":207},"low",{"summary":220,"deductions":221},"The plugin 'mixi-check' v1.1 exhibits a strong initial security posture, with no identified CVEs in its history and a complete absence of dangerous functions or direct SQL queries. The attack surface appears to be minimal to non-existent, with no AJAX handlers, REST API routes, shortcodes, or cron events exposed. This suggests a potentially secure plugin in terms of external interaction points.\n\nHowever, the static analysis reveals significant concerns regarding output sanitization. A low percentage of properly escaped outputs (13%) is a major red flag, indicating a high likelihood of cross-site scripting (XSS) vulnerabilities. While the taint analysis found no critical or high severity flows, the presence of 'flows with unsanitized paths' twice, even if not flagged as critical, is concerning. Coupled with the lack of nonce checks and capability checks, this combination creates a potential pathway for attackers to inject malicious scripts or exploit user actions.\n\nGiven the clean vulnerability history, it's possible these weaknesses have not yet been exploited, or perhaps the plugin's limited functionality and attack surface have inadvertently provided some protection. Nevertheless, the high rate of unescaped output is a critical design flaw that needs immediate attention. The plugin's strengths lie in its minimal attack surface and safe SQL handling, but its weaknesses in output sanitization and lack of protective checks pose a tangible risk.",[222,225,228,231],{"reason":223,"points":224},"Low percentage of properly escaped output",12,{"reason":226,"points":227},"Taint analysis found unsanitized paths",8,{"reason":229,"points":230},"Missing nonce checks",7,{"reason":232,"points":230},"Missing capability checks","2026-03-16T23:30:29.360Z",{"wat":235,"direct":244},{"assetPaths":236,"generatorPatterns":239,"scriptPaths":240,"versionParams":242},[237,238],"\u002Fwp-content\u002Fplugins\u002Fmixi-check\u002Fmixi-check.css","\u002Fwp-content\u002Fplugins\u002Fmixi-check\u002Fadmin.css",[],[241],"http:\u002F\u002Fstatic.mixi.jp\u002Fjs\u002Fshare.js",[243],"mixi-check.css?v=",{"cssClasses":245,"htmlComments":248,"htmlAttributes":253,"restEndpoints":257,"jsGlobals":258,"shortcodeOutput":259},[246,247],"mixi-check-button","share-mixi-check",[249,250,251,252],"成年コンテンツ","サムネイル画像","自動取得の制御","デバイス別URLの指定 linkでもmetaでも",[254,255,256],"data-key","data-url","data-button",[],[18],[]]