[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fIAfYQREI4yvjbFviJ7tTv-yuKJOsBt7LCcs2LEEKFzQ":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":37,"analysis":129,"fingerprints":210},"multi-twitter-widget","Multi Twitter Stream","1.5.0","Clay McIlrath","https:\u002F\u002Fprofiles.wordpress.org\u002Fclaymcilrath\u002F","\u003Cp>Have a team or group of tweeters that you’d like to show on a site?\u003Cbr \u002F>\nThe problem with most WordPress Twitter Plugins is that the few that support multiple twitter accounts\u003Cbr \u002F>\nusually show the tweets of the users in chronological order. This means if USER_A tweets more than USER_B\u003Cbr \u002F>\nyour whole feed might be all about USER_A. I found in many cases that I’d rather pull in the most recent tweet\u003Cbr \u002F>\nfrom each user. So that’s what this plugin does. It will also pull in search results and hashtags\u003C\u002Fp>\n\u003Cp>Another fork exists here: https:\u002F\u002Fgithub.com\u002Fmsenateatplos\u002Fmulti-twitter-widget\u002Fblob\u002Fmaster\u002Fwidget.php\u003C\u002Fp>\n","A simple widget that displays only the most recent tweet from multiple accounts.",30,9536,60,2,"2013-04-12T01:56:00.000Z","3.5.2","2.8","",[20,21,22,23,24],"multi-twitter","multiple-twitter","twitter","twitter-account","widgets","http:\u002F\u002Fthinkclay.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmulti-twitter-widget.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":14,"total_installs":34,"avg_security_score":27,"avg_patch_time_days":11,"trust_score":35,"computed_at":36},"claymcilrath",130,84,"2026-04-05T04:41:21.847Z",[38,58,77,96,112],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":14,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":18,"tags":52,"homepage":56,"download_link":57,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"teg-twitter-api","Twitter API Master – Twitter Widgets For WordPress","1.2.5","Theme Egg","https:\u002F\u002Fprofiles.wordpress.org\u002Fthemeegg\u002F","\u003Cp>This plugin help you to show twitter tweets, trends, post to twitter feature.\u003C\u002Fp>\n\u003Cp>Some demo shortcode of this plugin\u003C\u002Fp>\n\u003Cp>For Tweet shortcode please type [twitter_feeds count=”5″]\u003Cbr \u002F>\nFor Trends shortcode please type [twitter_trends count=”3″]\u003C\u002Fp>\n\u003Cul>\n\u003Cli>[twitter_feeds count=”5″]\u003C\u002Fli>\n\u003Cli>[twitter_trends count=”3″ ]\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can dragged and dropped teg feed and trends widget from widget panel also.\u003C\u002Fp>\n\u003Cp>You can change shortcode attribute as per requirement, please visit our official page \u003Ca href=\"http:\u002F\u002Fdocs.themeegg.com\u002Fdocs\u002Fteg-twitter-api\u002F\" rel=\"nofollow ugc\">http:\u002F\u002Fdocs.themeegg.com\u002Fdocs\u002Fteg-twitter-api\u002F\u003C\u002Fa> for more information.\u003C\u002Fp>\n\u003Cp>Get free support at https:\u002F\u002Fthemeegg.com\u002Fsupport-forum\u002F\u003C\u002Fp>\n\u003Ch4>Requirements\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WordPress 4.5 or later.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Contribute\u003C\u002Fh4>\n\u003Cp>You can contribute to the source code in our \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fthemeegg\u002Fteg-twitter-api\u002F\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa> page.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Twitter Tweets shortcode and widget\u003C\u002Fli>\n\u003Cli>Twitter Trends shortcode and widget\u003C\u002Fli>\n\u003Cli>Also tweet your wordpress post to twitter\u003C\u002Fli>\n\u003Cli>Official twitter timeline widgets and shortcode\u003C\u002Fli>\n\u003C\u002Fol>\n","Post to twitter, twitter feeds, twitter trends shortcode and widget wordpres plugin.",50,4561,100,"2018-01-26T08:12:00.000Z","4.9.29","4.5",[53,54,55,22,24],"api","settings","shortcode","https:\u002F\u002Fthemeegg.com\u002Fplugins\u002Fteg-twitter-api","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fteg-twitter-api.1.2.5.zip",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":46,"downloaded":66,"rating":28,"num_ratings":28,"last_updated":67,"tested_up_to":68,"requires_at_least":18,"requires_php":69,"tags":70,"homepage":75,"download_link":76,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"theme-powerkit","Theme Powerkit","1.0.3","themeinwp","https:\u002F\u002Fprofiles.wordpress.org\u002Fthemeinwp\u002F","\u003Cp>Theme Powerkit is WordPress free plugin with multiple feature. Plugin have 5 useful widget like Author, Category, Recent Posts, Social Icon and Tab Posts Widgets and also, this plugin have webmaster verification meta field, Open Graph, Twitter Summery Card and you can add script before header and after footer as well.\u003C\u002Fp>\n\u003Ch3>Plugin Features:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Author, Category,Recent Posts, Social Icon and Tab Posts Widget\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Webmasters Verification meta\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Open Graph\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Twitter Summary Card\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Header and Footer Script Area\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>License: GPLv2\nLicense URI: http:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Theme Powerkit is WordPress free plugin with multiple feature. Plugin have 5 useful widget like Author, Category, Recent Posts, Social Icon and Tab Po &hellip;",1979,"2020-09-08T15:10:00.000Z","5.5.18","5.5",[71,72,73,74,24],"header-script","open-graph","twitter-summary-card","webmasters-verification-meta","https:\u002F\u002Fwww.themeinwp.com\u002Ftheme-powerkit\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftheme-powerkit.1.0.3.zip",{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":85,"downloaded":86,"rating":48,"num_ratings":87,"last_updated":18,"tested_up_to":88,"requires_at_least":89,"requires_php":18,"tags":90,"homepage":93,"download_link":94,"security_score":48,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":95},"full-twitter-integration","Full Twitter Integration","1.0.0","agrimbautomas","https:\u002F\u002Fprofiles.wordpress.org\u002Fagrimbautomas\u002F","\u003Ch4>Getting Started\u003C\u002Fh4>\n\u003Cp>With this plugin you will be able to display tweets all around your site with just a few simple steps. You don’t need any programming or technical skills for this.\u003Cbr \u002F>\nTrust me, it’s really simple 😉\u003C\u002Fp>\n\u003Cp>Just choose where do you want to display the tweets.\u003C\u002Fp>\n\u003Cp>Will they be in a Widget? In a post content? Or in your code?\u003C\u002Fp>\n\u003Ch4>Display tweets in a widget, couldn’t be easier\u003C\u002Fh4>\n\u003Cp>Simple as any other \u003Ca href=\"\u002F\u002Fcodex.wordpress.org\u002FWordPress_Widgets\"\" rel=\"nofollow ugc\">WordPress Widget\u003C\u002Fa>, just go Appearance>Widgets and choose the most suitable FTI Widget for you, or choose them all!\u003C\u002Fp>\n\u003Cp>You will be able to set the \u003Cstrong>Number of tweets to display\u003C\u002Fstrong>, and the option to hide\u002Fshow the \u003Cstrong>User profile image\u003C\u002Fstrong> and the \u003Cstrong>Tweets images\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Ch4>Tweets in your content, just add a shorcode\u003C\u002Fh4>\n\u003Cp>Use the \u003Ca href=\"\u002F\u002Fen.support.wordpress.com\u002Fdisplay-posts-shortcode\u002F\"\" rel=\"nofollow ugc\">WordPress Shortcodes\u003C\u002Fa> to display the tweets on your Posts\u002FPages and filter them as you wish. Set a \u003Cstrong>Hashtag\u003C\u002Fstrong> or a \u003Cstrong>Username\u003C\u002Fstrong> and set the values (optional) to customize the Tweets. Just add the Shortcode to your post\u002Fpage content and that’s all!\u003C\u002Fp>\n\u003Cp>This shortcode sample will display PearlJam’s Tweets with their profile images and limit them to 5.\u003Cbr \u002F>\n     [fti-list username=”PearlJam” limit=”5″ profile_image=”true”]\u003C\u002Fp>\n\u003Cp>And here it’s getting Tweets with the hashtag “#Wordpress” including the images content of each and with a medium size.\u003Cbr \u002F>\n    [fti-list hashtag=”Wordpress” images=”true” images_size=”medium”]\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Shortcode parameters\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>hashtag (Required) – [yourHashtag] Default: none. \u003C\u002Fli>\n\u003Cli>username (Required) – [aTwitterUserName] Default: none. \u003C\u002Fli>\n\u003Cli>images (Optional) – [true\u002Ffalse] Default: false. \u003C\u002Fli>\n\u003Cli>images_size (Optional) – [thumb\u002Fsmall\u002Fmedium\u002Flarge] Default: thumb. \u003C\u002Fli>\n\u003Cli>profile_image (Optional) – [true\u002Ffalse] Default: false.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Display Tweets in your code\u003C\u002Fh4>\n\u003Cp>We have a really simple API to get the tweets you want in your code. Customize the parameters and get an Array with the Tweets (objects).\u003C\u002Fp>\n\u003Cp>\u003Cstrong>These are our functions:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>get_tweets_by_hashtag($hashtag, $limit) \u003C\u002Fli>\n\u003Cli>get_tweets_by_user($user_name, $limit) \u003C\u002Fli>\n\u003Cli>get_user_tweets($user_name, $limit) \u003C\u002Fli>\n\u003Cli>get_timeline_tweets($user_name) \u003C\u002Fli>\n\u003Cli>get_user_data($user_name) \u003C\u002Fli>\n\u003Cli>get_my_data() \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The \u003Cstrong>$user_name\u003C\u002Fstrong> should be the Twitter screen name, the one with @. Eg: PaulMcCartney\u003C\u002Fp>\n","Display any kind of tweet with just a few simple steps and no programming skills",10,1566,1,"4.7.32","3.0.1",[53,91,92,22,24],"integration","social","http:\u002F\u002Ffull-twitter-integration.atomas.com.ar","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffull-twitter-integration.zip","2026-03-15T10:48:56.248Z",{"slug":97,"name":98,"version":99,"author":100,"author_profile":101,"description":102,"short_description":103,"active_installs":85,"downloaded":104,"rating":28,"num_ratings":28,"last_updated":105,"tested_up_to":17,"requires_at_least":106,"requires_php":18,"tags":107,"homepage":110,"download_link":111,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"multiple-twitter-widgets","Multiple Twitter Widgets","1.0","Patrick Chia","https:\u002F\u002Fprofiles.wordpress.org\u002Fmypatricks\u002F","\u003Cp>Allows for multiple twitter widgets to be displayed.\u003C\u002Fp>\n","Allows for multiple twitter widgets to be displayed.",4396,"2009-07-04T17:36:00.000Z","2.7",[22,24,108,109],"wordpressmu","wpmu","http:\u002F\u002Fpatrick.bloggles.info\u002Fplugins\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmultiple-twitter-widgets.zip",{"slug":113,"name":114,"version":99,"author":115,"author_profile":116,"description":117,"short_description":118,"active_installs":85,"downloaded":119,"rating":48,"num_ratings":87,"last_updated":120,"tested_up_to":121,"requires_at_least":122,"requires_php":18,"tags":123,"homepage":127,"download_link":128,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"twitter-home-time-line","Twitter Home Time line","bhuwan81","https:\u002F\u002Fprofiles.wordpress.org\u002Fbhuwan81\u002F","\u003Cp>Twitter Home Time line, Displays latest tweets just like the home page after you login to twitter using twitteroauth\u003C\u002Fp>\n","Twitter Home Time line, Displays latest tweets just like the home page after you login to twitter using twitteroauth",2317,"2012-12-03T10:37:00.000Z","3.4.2","3.3",[124,125,22,126,24],"home-time-line","sidebar","widget","http:\u002F\u002Fwww.phpquestionsandanswers.com\u002Fuseful-links\u002Fwordpress","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftwitter-home-time-line.zip",{"attackSurface":130,"codeSignals":142,"taintFlows":194,"riskAssessment":195,"analyzedAt":209},{"hooks":131,"ajaxHandlers":138,"restRoutes":139,"shortcodes":140,"cronEvents":141,"entryPointCount":28,"unprotectedCount":28},[132],{"type":133,"name":134,"callback":135,"file":136,"line":137},"action","plugins_loaded","multi_twitter_init","widget.php",640,[],[],[],[],{"dangerousFunctions":143,"sqlUsage":150,"outputEscaping":152,"fileOperations":192,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":193},[144,148],{"fn":145,"file":136,"line":146,"context":147},"unserialize",271,"$content = unserialize($str);",{"fn":145,"file":136,"line":149,"context":147},352,{"prepared":28,"raw":28,"locations":151},[],{"escaped":28,"rawEcho":153,"locations":154},18,[155,158,160,162,164,166,168,170,172,174,176,178,180,182,184,186,188,190],{"file":136,"line":156,"context":157},273,"raw output",{"file":136,"line":159,"context":157},392,{"file":136,"line":161,"context":157},420,{"file":136,"line":163,"context":157},421,{"file":136,"line":165,"context":157},422,{"file":136,"line":167,"context":157},423,{"file":136,"line":169,"context":157},427,{"file":136,"line":171,"context":157},484,{"file":136,"line":173,"context":157},489,{"file":136,"line":175,"context":157},494,{"file":136,"line":177,"context":157},499,{"file":136,"line":179,"context":157},505,{"file":136,"line":181,"context":157},511,{"file":136,"line":183,"context":157},518,{"file":136,"line":185,"context":157},526,{"file":136,"line":187,"context":157},528,{"file":136,"line":189,"context":157},546,{"file":136,"line":191,"context":157},548,7,[],[],{"summary":196,"deductions":197},"The multi-twitter-widget plugin, version 1.5.0, presents a mixed security profile. On the positive side, the plugin demonstrates good practices by having zero recorded CVEs, no unpatched vulnerabilities, and utilizing prepared statements for all SQL queries, indicating a lack of direct SQL injection risks. The absence of external HTTP requests, shortcodes, cron events, and a seemingly small attack surface with no direct entry points without authentication are also strengths. However, the static analysis reveals significant concerns. The presence of two instances of the `unserialize` function is a critical red flag, as unserialization of untrusted data can lead to remote code execution vulnerabilities. Furthermore, a complete lack of output escaping (0% properly escaped) is a major security weakness, opening the door to cross-site scripting (XSS) attacks across all 18 identified output points. The complete absence of nonce checks and capability checks, combined with no AJAX handlers or REST API routes that require authentication, means any potential vulnerabilities stemming from `unserialize` or unescaped output could be exploited without any authorization measures in place. The lack of taint analysis flows analyzed also means that potential data flow issues might have been missed. In conclusion, while the plugin avoids common web vulnerabilities like SQL injection and has a clean vulnerability history, the presence of `unserialize` and pervasive unescaped output, coupled with a lack of authorization checks on its functional points, makes it highly susceptible to critical security flaws, particularly XSS and potential RCE.",[198,201,204,207],{"reason":199,"points":200},"Dangerous function unserialize found",15,{"reason":202,"points":203},"Output escaping is not properly implemented",8,{"reason":205,"points":206},"No nonce checks detected",5,{"reason":208,"points":206},"No capability checks detected","2026-03-16T22:28:48.353Z",{"wat":211,"direct":220},{"assetPaths":212,"generatorPatterns":215,"scriptPaths":216,"versionParams":217},[213,214],"\u002Fwp-content\u002Fplugins\u002Fmulti-twitter-widget\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fmulti-twitter-widget\u002Fjs\u002Fjquery.tweet.js",[],[214],[218,219],"multi-twitter-widget\u002Fcss\u002Fstyle.css?ver=","multi-twitter-widget\u002Fjs\u002Fjquery.tweet.js?ver=",{"cssClasses":221,"htmlComments":230,"htmlAttributes":231,"restEndpoints":233,"jsGlobals":234,"shortcodeOutput":236},[222,223,224,225,226,227,228,229],"tweet_list","tweet_avatar","tweet_text","tweet_time","tweet_actions","tweet_reply","tweet_retweet","tweet_favorite",[],[232],"data-twitter-widget",[],[235],"jQuery.fn.tweet",[]]