[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fCNXu7u1awANpHl1KtC70Jj4xcGhLDW9ufZk0rXZLHx8":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":21,"download_link":22,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25,"vulnerabilities":26,"developer":27,"crawl_stats":24,"alternatives":32,"analysis":126,"fingerprints":216},"personal-tweet-me","Personal Tweet Me Button","1.3","svrooij_nl","https:\u002F\u002Fprofiles.wordpress.org\u002Fsvrooij_nl\u002F","\u003Cp>Adds the official tweet button, to your site as a sidebar widget. You can use a twitter account for the entire site, or use personal accounts per author.\u003C\u002Fp>\n","Adds the official tweet button, to your site as a sidebar widget. You can use a twitter account for the entire site, or use personal accounts per auth &hellip;",10,3202,0,"2013-04-13T13:56:00.000Z","3.5.2","3.0","",[19,20],"tweet-button","twitter","http:\u002F\u002Fwww.smartersoft.nl\u002Fproducten\u002FtweetMe","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpersonal-tweet-me.1.3.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":28,"total_installs":11,"avg_security_score":23,"avg_patch_time_days":29,"trust_score":30,"computed_at":31},1,30,84,"2026-04-04T17:02:11.271Z",[33,51,68,86,101],{"slug":34,"name":35,"version":36,"author":37,"author_profile":38,"description":39,"short_description":40,"active_installs":11,"downloaded":41,"rating":13,"num_ratings":13,"last_updated":42,"tested_up_to":43,"requires_at_least":44,"requires_php":17,"tags":45,"homepage":49,"download_link":50,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25},"quotable-tweets","Quotable Tweets by DraftPress","1.1.7","DraftPress Team","https:\u002F\u002Fprofiles.wordpress.org\u002Fdraftpress\u002F","\u003Cp>The Quotable Tweets plugin by https:\u002F\u002Fdraftpress.com gives you an easy way to add a beautiful actionable tweet link to your sidebar.\u003C\u002Fp>\n\u003Cp>Please check out our other \u003Ca href=\"https:\u002F\u002Fdraftpress.com\u002Fproducts\u002F?utm_source=wprepo&utm_medium=quotable-tweets&utm_campaign=desc\" rel=\"nofollow ugc\">plugins\u003C\u002Fa> 🙂\u003C\u002Fp>\n\u003Cp>Contribute to the plugin and submit pull requests through the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwpsite\u002Fquotable-tweets\" rel=\"nofollow ugc\">Quotable Tweets plugin for WordPress GitHub repository\u003C\u002Fa>.\u003C\u002Fp>\n","The Quotable Tweets plugin gives you an easy way to add a beautiful actionable tweet link to your sidebar.",1845,"2021-09-15T21:15:00.000Z","5.8.13","4.9",[46,47,48,19,20],"quotable-tweet","tweet","tweet-ad","https:\u002F\u002Fdraftpress.com\u002Fproducts","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fquotable-tweets.1.1.7.zip",{"slug":52,"name":53,"version":54,"author":55,"author_profile":56,"description":57,"short_description":58,"active_installs":11,"downloaded":59,"rating":13,"num_ratings":13,"last_updated":60,"tested_up_to":61,"requires_at_least":62,"requires_php":17,"tags":63,"homepage":66,"download_link":67,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25},"rsh-tweet-button","rsh-Tweet","1.0","brehash","https:\u002F\u002Fprofiles.wordpress.org\u002Fbrehash\u002F","\u003Cp>This plugin adds the official \u003Ca href=\"http:\u002F\u002Fblog.twitter.com\u002F2010\u002F08\u002Fpushing-our-tweet-button.html\" rel=\"nofollow ugc\">Tweet Button\u003C\u002Fa> from Twitter to your Pages, Posts or Home Page. It lets your users share links directly from the page they’re on. When they click on the Tweet Button, a Tweet box will appear pre-populated with a shortened link that points to the item that they’re sharing.\u003C\u002Fp>\n\u003Cp>This plugin is very customizable via ‘rsh-Tweet Button’ under the ‘Settings’ menu in WordPress Admin. Change the look and feel, pozition and where to seen of the button.\u003C\u002Fp>\n","Adds the official Tweet Button from Twitter.com.",2207,"2010-08-21T07:38:00.000Z","3.0.5","2.0.2",[64,19,20,65],"automated","twitter-button","http:\u002F\u002Fwww.zoonte.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frsh-tweet-button.zip",{"slug":69,"name":70,"version":71,"author":72,"author_profile":73,"description":74,"short_description":75,"active_installs":11,"downloaded":76,"rating":13,"num_ratings":13,"last_updated":17,"tested_up_to":77,"requires_at_least":78,"requires_php":17,"tags":79,"homepage":82,"download_link":83,"security_score":84,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":85},"skysa-tweet-app","Skysa Tweet App","1.4","Skysa","https:\u002F\u002Fprofiles.wordpress.org\u002Fdavidskysa\u002F","\u003Cp>Promote your Twitter account at the same time while driving traffic to your website. Customize the default Tweet, set what URL to share in the tweet and set the option to show or hide the tweet count next to the tweet button. By allowing your site visitors to tweet about your site on their twitter accounts, it will help get the word out about your site and drive targeted traffic from twitter users who see the tweets directly to your site.\u003C\u002Fp>\n\u003Cp>http:\u002F\u002Fwww.youtube.com\u002Fwatch?v=Zj1uGXX2xrk&hd=1\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Ftags\u002Fskysa-apps\" rel=\"ugc\">More Skysa App plugins\u003C\u002Fa> -|||- \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fskysa-official\u002F\" rel=\"ugc\">Skysa App Bar Integration plugin\u003C\u002Fa>\u003C\u002Fp>\n","Let people share content on Twitter (a Tweet) without having to leave your web page. This app displays a Tweet button at the bottom of your site.",2564,"4.0.38","2.7",[80,81,47,19,20],"skysa","skysa-apps","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fskysa-tweet-app","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fskysa-tweet-app.zip",100,"2026-03-15T10:48:56.248Z",{"slug":87,"name":88,"version":89,"author":90,"author_profile":91,"description":92,"short_description":93,"active_installs":11,"downloaded":94,"rating":13,"num_ratings":13,"last_updated":17,"tested_up_to":95,"requires_at_least":16,"requires_php":17,"tags":96,"homepage":99,"download_link":100,"security_score":84,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":85},"wp-tweet","WP Tweet","0.1-RC1","Pete Mall","https:\u002F\u002Fprofiles.wordpress.org\u002Fpetemall\u002F","\u003Cp>This plugins enables you to add the official \u003Ca href=\"http:\u002F\u002Fblog.twitter.com\u002F2010\u002F08\u002Fpushing-our-tweet-button.html\" rel=\"nofollow ugc\">Tweet Button\u003C\u002Fa> from Twitter. It lets your users share links directly from the page they’re on. When they click on the Tweet Button, a Tweet box will appear — pre-populated with a shortened link that points to the item that they’re sharing.\u003C\u002Fp>\n","Adds the official Tweet Button from Twitter.",5444,"3.1.4",[97,98,47,19,20],"button","retweet","http:\u002F\u002Fdevelopersmind.com\u002Fwordpress-plugins\u002Fwp-tweet\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-tweet.zip",{"slug":102,"name":103,"version":104,"author":105,"author_profile":106,"description":107,"short_description":108,"active_installs":109,"downloaded":110,"rating":111,"num_ratings":112,"last_updated":113,"tested_up_to":114,"requires_at_least":44,"requires_php":115,"tags":116,"homepage":121,"download_link":122,"security_score":123,"vuln_count":124,"unpatched_count":13,"last_vuln_date":125,"fetched_at":25},"nextend-facebook-connect","Nextend Social Login and Register","3.1.23","Nextendweb","https:\u002F\u002Fprofiles.wordpress.org\u002Fnextendweb\u002F","\u003Cp>Nextend Social Login is a professional, easy to use and free WordPress plugin. It lets your visitors  register and login to your site using their social profiles (Facebook, Google, X (formerly Twitter), etc.) instead of forcing them to spend valuable time to fill out the default registration form. Besides that, they don’t need to wait for validation emails or keep track of their username and password anymore.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Ftry-nextend-social-login.nextendweb.com\u002Fwp-login.php\" rel=\"nofollow ugc\">Demo\u003C\u002Fa>  |  \u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=buPTza2-6xc&list=PLSawiBnEUNftt3EDqnP2jIXeh6q0pZ5D8&index=1\" rel=\"nofollow ugc\">Tutorial videos\u003C\u002Fa>  |  \u003Ca href=\"https:\u002F\u002Fsocial-login.nextendweb.com\u002Fdocumentation\u002F\" rel=\"nofollow ugc\">Docs\u003C\u002Fa>  |  \u003Ca href=\"https:\u002F\u002Fsocial-login.nextendweb.com\u002Fsupport\u002F\" rel=\"nofollow ugc\">Support\u003C\u002Fa>  |  \u003Ca href=\"https:\u002F\u002Fsocial-login.nextendweb.com\u002Fpricing\u002F\" rel=\"nofollow ugc\">Pro Addon\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FbuPTza2-6xc?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>Nextend Social Login seamlessly integrates with your existing WordPress login and registration form. Existing users can add or remove their social accounts at their WordPress profile page. A single user can attach as many social account as they want allowing them to log in with Facebook, Google or X (formerly Twitter).\u003C\u002Fp>\n\u003Ch4>Three popular providers: Facebook, Google and X (formerly Twitter)\u003C\u002Fh4>\n\u003Cp>Providers are the services which the visitors can use to register and log in to your site. Nextend Social Login allows your visitors to log in with their account from the most popular social networks: Facebook, Google and X (formerly Twitter).\u003C\u002Fp>\n\u003Ch4>Free version features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>One click registration and login via Facebook, Google and X (formerly Twitter)\u003C\u002Fli>\n\u003Cli>Your current users can easily connect their Facebook, Google or X (formerly Twitter) profiles with their account\u003C\u002Fli>\n\u003Cli>Social accounts are tied to a WordPress user account so every account can be accessed with and without social account\u003C\u002Fli>\n\u003Cli>You can define custom redirect URL after the registration (upon first login) using any of the social accounts.\u003C\u002Fli>\n\u003Cli>You can define custom redirect URL after each login with any of the enabled social accounts.\u003C\u002Fli>\n\u003Cli>Display Facebook, Google, X (formerly Twitter) profile picture as avatar\u003C\u002Fli>\n\u003Cli>Login widget and shortcodes\u003C\u002Fli>\n\u003Cli>Customizable designs to match your site\u003C\u002Fli>\n\u003Cli>Editable and translatable texts on the login buttons\u003C\u002Fli>\n\u003Cli>Very simple to setup and use\u003C\u002Fli>\n\u003Cli>Clean, user friendly UI\u003C\u002Fli>\n\u003Cli>Fast and helpful support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Additional features in the \u003Ca href=\"https:\u002F\u002Fsocial-login.nextendweb.com\u002F\" rel=\"nofollow ugc\">Pro addon\u003C\u002Fa>\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WooCommerce compatibility\u003C\u002Fli>\n\u003Cli>BuddyPress compatibility\u003C\u002Fli>\n\u003Cli>UserPro compatibility\u003C\u002Fli>\n\u003Cli>Ultimate Member compatibility\u003C\u002Fli>\n\u003Cli>Easy Digital Downloads compatibility\u003C\u002Fli>\n\u003Cli>Pro providers: LinkedIn, Amazon, VKontakte, WordPress.com, Yahoo, PayPal, Disqus, Apple, GitHub, Microsoft, Line, Discord, Slack, TikTok, Steam, Twitch, Kakao, Reddit, Spotify and more coming soon\u003C\u002Fli>\n\u003Cli>Configure whether email address should be asked on registration at each provider\u003C\u002Fli>\n\u003Cli>Configure whether username should be asked on registration at each provider\u003C\u002Fli>\n\u003Cli>Choose from icons or wide buttons\u003C\u002Fli>\n\u003Cli>Several login layouts\u003C\u002Fli>\n\u003Cli>Restrict specific user roles from using the social logins. (You can restrict different roles for each provider.)\u003C\u002Fli>\n\u003Cli>Assign specific user roles to the newly registered users who use any social login provider. (You can set different roles for each provider.)\u003C\u002Fli>\n\u003Cli>Show the name of the linked providers in the Users table\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Usage\u003C\u002Fh4>\n\u003Cp>After you activated the plugin configure and enable the provider you want to use, then the plugin will automatically\u003C\u002Fp>\n\u003Cul>\n\u003Cli>add the login buttons to the WordPress login page. See screenshot #1\u003C\u002Fli>\n\u003Cli>add the account linking buttons to the WordPress profile page. See screenshot #2\u003C\u002Fli>\n\u003C\u002Ful>\n","One click registration & login plugin for Facebook, Google, X (formerly Twitter) and more. Quick setup and easy configuration.",200000,7588989,98,441,"2026-02-23T09:51:00.000Z","6.9.4","7.4",[117,118,119,20,120],"facebook","google","social-login","x","https:\u002F\u002Fsocial-login.nextendweb.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnextend-facebook-connect.3.1.23.zip",89,6,"2025-11-27 14:54:41",{"attackSurface":127,"codeSignals":161,"taintFlows":203,"riskAssessment":204,"analyzedAt":215},{"hooks":128,"ajaxHandlers":157,"restRoutes":158,"shortcodes":159,"cronEvents":160,"entryPointCount":13,"unprotectedCount":13},[129,135,138,142,145,149,153],{"type":130,"name":131,"callback":132,"file":133,"line":134},"action","show_user_profile","s_tweetme_fields","functions.php",17,{"type":130,"name":136,"callback":132,"file":133,"line":137},"edit_user_profile",18,{"type":130,"name":139,"callback":140,"file":133,"line":141},"personal_options_update","s_tweetme_save_field",19,{"type":130,"name":143,"callback":140,"file":133,"line":144},"edit_user_profile_update",20,{"type":130,"name":146,"callback":147,"file":133,"line":148},"widgets_init","anonymous",21,{"type":130,"name":150,"callback":151,"file":133,"line":152},"init","s_tweetme_widget_loadscript",22,{"type":130,"name":154,"callback":155,"file":133,"line":156},"admin_print_scripts-post.php","s_tweetme_meta_add",119,[],[],[],[],{"dangerousFunctions":162,"sqlUsage":166,"outputEscaping":168,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":28,"bundledLibraries":202},[163],{"fn":164,"file":133,"line":148,"context":165},"create_function","add_action('widgets_init', create_function('', 'return register_widget(\"s_tweetme\");'));",{"prepared":13,"raw":13,"locations":167},[],{"escaped":169,"rawEcho":148,"locations":170},8,[171,174,176,178,180,182,183,184,185,187,188,189,190,192,193,195,196,197,198,200,201],{"file":133,"line":172,"context":173},64,"raw output",{"file":133,"line":175,"context":173},66,{"file":133,"line":177,"context":173},69,{"file":133,"line":179,"context":173},73,{"file":133,"line":181,"context":173},95,{"file":133,"line":181,"context":173},{"file":133,"line":181,"context":173},{"file":133,"line":181,"context":173},{"file":133,"line":186,"context":173},96,{"file":133,"line":186,"context":173},{"file":133,"line":186,"context":173},{"file":133,"line":186,"context":173},{"file":133,"line":191,"context":173},97,{"file":133,"line":111,"context":173},{"file":133,"line":194,"context":173},99,{"file":133,"line":84,"context":173},{"file":133,"line":84,"context":173},{"file":133,"line":84,"context":173},{"file":133,"line":199,"context":173},111,{"file":133,"line":199,"context":173},{"file":133,"line":199,"context":173},[],[],{"summary":205,"deductions":206},"The personal-tweet-me plugin v1.3 exhibits a generally good security posture, with no recorded vulnerabilities in its history and a clean taint analysis. The static analysis reveals a minimal attack surface, with no identified entry points such as AJAX handlers, REST API routes, shortcodes, or cron events that lack authentication checks or permission callbacks. Furthermore, all SQL queries are properly prepared, and there are no file operations or external HTTP requests, which are common vectors for vulnerabilities.\n\nHowever, there are a few concerning areas. The presence of the `create_function` dangerous function is a significant red flag, as it can be exploited for arbitrary code execution if user input is directly incorporated into its arguments. Additionally, only 28% of output is properly escaped, indicating a substantial risk of cross-site scripting (XSS) vulnerabilities, especially since there are no explicit nonce checks present. While the plugin has a clean vulnerability history, this can be attributed to its small attack surface and lack of direct user input handling in its entry points, rather than inherently robust security practices across all code signals.\n\nIn conclusion, while the plugin is not actively vulnerable based on historical data and taint analysis, the static code analysis highlights critical areas for improvement. The use of `create_function` and the low output escaping rate present significant theoretical risks that could be exploited if user-controlled data ever reaches these parts of the code. The absence of nonce checks further exacerbates the XSS risk. Addressing these specific code signals is crucial for improving the plugin's overall security.",[207,210,212],{"reason":208,"points":209},"Dangerous function create_function detected",15,{"reason":211,"points":169},"Low output escaping percentage",{"reason":213,"points":214},"No nonce checks detected",5,"2026-03-17T01:23:38.366Z",{"wat":217,"direct":224},{"assetPaths":218,"generatorPatterns":220,"scriptPaths":221,"versionParams":222},[219],"\u002Fwp-content\u002Fplugins\u002Fpersonal-tweet-me\u002Fstyle.css",[],[],[223],"\u002Fwp-content\u002Fplugins\u002Fpersonal-tweet-me\u002Fstyle.css?ver=",{"cssClasses":225,"htmlComments":227,"htmlAttributes":228,"restEndpoints":235,"jsGlobals":236,"shortcodeOutput":237},[226],"twitter-share-button",[],[229,230,231,232,233,234],"data-count","data-via","data-related","data-counturl","data-url","data-text",[],[],[]]