[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fjKudg8LHWE9zhvl4aHL6k9Jvv6PrqSlzQhKIzAU8LVQ":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":14,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":34,"analysis":124,"fingerprints":255},"populist","Populist","1.5.1","johnlawrence","https:\u002F\u002Fprofiles.wordpress.org\u002Fjohnlawrence\u002F","\u003Cp>PopuList allows you to track the popularity of your posts on social bookmarking sites reddit, stumbleupon, del.icio.us and digg. When PopuList is activated, a page is added to your dashboard giving the number of times a page has been saved or upvoted.\u003C\u002Fp>\n\u003Cp>New in version 1.5 PopuList now also lets you view backlinks as indexed by Google and Yahoo.\u003C\u002Fp>\n","Track the popularity of your posts on social bookmarking sites reddit, stumbleupon, del.icio.us and digg",10,2996,0,"","2.7","2.5",[18,19,20,21,22],"delicious","digg","reddit","stats","stumbleupon","http:\u002F\u002Fwww.johnlawrence.net\u002Fpopulist\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpopulist.1.5.1.zip",100,null,"2026-03-15T10:48:56.248Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},1,30,94,"2026-04-05T09:27:48.048Z",[35,55,74,91,108],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":13,"num_ratings":13,"last_updated":45,"tested_up_to":46,"requires_at_least":47,"requires_php":14,"tags":48,"homepage":51,"download_link":52,"security_score":53,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":54},"social-buttons","Social Buttons","1.0","alexpooley","https:\u002F\u002Fprofiles.wordpress.org\u002Falexpooley\u002F","\u003Cp>Selectively add social network buttons such as digg, sphinn, etc to your posts or theme design.\u003C\u002Fp>\n\u003Cp>I wrote this plugin because I wanted finer control over where and which buttons\u003Cbr \u002F>\nwere placed on my site and in my posts.\u003C\u002Fp>\n\u003Cp>Sometimes I have marketing posts so I want to link to Sphinn, but sometimes I have\u003Cbr \u002F>\ntechnical posts so Reddit would be a better choice. This plugin is flexible enough that\u003Cbr \u002F>\nif you want the same button in every post, then you can still modify your theme very easily\u003Cbr \u002F>\nto accomplish this.\u003C\u002Fp>\n\u003Cp>You may place as many buttons, in as many places in your posts as you like.\u003C\u002Fp>\n\u003Cp>This plugin handles:\u003Cbr \u002F>\n– Digg\u003Cbr \u002F>\n– Reddit (all button styles)\u003Cbr \u002F>\n– Delicious\u003Cbr \u002F>\n– Sphinn\u003Cbr \u002F>\n– Dzone (all button styles)\u003Cbr \u002F>\n– StumbleUpon\u003C\u002Fp>\n\u003Ch4>For Your Posts\u003C\u002Fh4>\n\u003Cp>Use the following in your posts: [SB button 1, …, button N]\u003C\u002Fp>\n\u003Cp>Here’s an example post…\u003C\u002Fp>\n\u003Cpre>\u003Ccode>Hey, check out my new buttons!\nHere they are: [SB digg, delicious, reddit]\nAnd look\nHere's some more:\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>    [SB reddit, sphinn]\u003C\u002Fp>\n\u003Cp>The different button types are:\u003Cbr \u002F>\n– digg\u003Cbr \u002F>\n– delicious\u003Cbr \u002F>\n– reddit\u003Cbr \u002F>\n– reddit1 (same as reddit)\u003Cbr \u002F>\n– reddit2\u003Cbr \u002F>\n– reddit3\u003Cbr \u002F>\n– sphinn\u003Cbr \u002F>\n– dzone\u003Cbr \u002F>\n– dzone1 (same as dzone)\u003Cbr \u002F>\n– dzone2\u003Cbr \u002F>\n– stumbleupon\u003Cbr \u002F>\n– stumble (same as stumbleupon)\u003C\u002Fp>\n\u003Ch4>For Your Themes\u003C\u002Fh4>\n\u003Cpre>\u003Ccode>\u003C?php echo sb_make_button('digg', 'http:\u002F\u002Fwww.alexpooley.com') ?>\n\u003C?php echo 'I'm in a post now:'.sb_make_button('reddit', get_permalink()) ?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Selectively add social network buttons to your posts, or theme design.",70,9810,"2008-05-18T10:33:00.000Z","2.2.5","2.0.2",[18,19,20,49,50],"social-networks","sphinn","http:\u002F\u002Fwww.alexpooley.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsocial-buttons.1.1.zip",85,"2026-03-15T15:16:48.613Z",{"slug":56,"name":57,"version":58,"author":59,"author_profile":60,"description":61,"short_description":62,"active_installs":63,"downloaded":64,"rating":13,"num_ratings":13,"last_updated":65,"tested_up_to":66,"requires_at_least":67,"requires_php":14,"tags":68,"homepage":72,"download_link":73,"security_score":53,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":54},"tilt-social-share-widget","Tilt Social Share Widget","0.97","Xonox","https:\u002F\u002Fprofiles.wordpress.org\u002Fxonox\u002F","\u003Cp>Tilt Social Share Widget is a simple widget that allows you to enable sharing of your posts and\u002For pages.\u003C\u002Fp>\n\u003Ch4>Available Services\u003C\u002Fh4>\n\u003Cp>With Tilt Social Share Widget you can activate the following sharing services:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Del.icio.us\u003C\u002Fli>\n\u003Cli>Designbump\u003C\u002Fli>\n\u003Cli>Digg\u003C\u002Fli>\n\u003Cli>Diigo\u003C\u002Fli>\n\u003Cli>Evernote\u003C\u002Fli>\n\u003Cli>Facebook\u003C\u002Fli>\n\u003Cli>Friendfeed\u003C\u002Fli>\n\u003Cli>Google+\u003C\u002Fli>\n\u003Cli>Google Bookmarks\u003C\u002Fli>\n\u003Cli>Google Buzz\u003C\u002Fli>\n\u003Cli>LinkedIn\u003C\u002Fli>\n\u003Cli>Newsvine\u003C\u002Fli>\n\u003Cli>Ping.fm\u003C\u002Fli>\n\u003Cli>Pinterest\u003C\u002Fli>\n\u003Cli>Posterous\u003C\u002Fli>\n\u003Cli>Reddit\u003C\u002Fli>\n\u003Cli>Slashdot\u003C\u002Fli>\n\u003Cli>StumbleUpon\u003C\u002Fli>\n\u003Cli>Technorati\u003C\u002Fli>\n\u003Cli>Tumblr\u003C\u002Fli>\n\u003Cli>Twitter\u003C\u002Fli>\n\u003Cli>Yahoo Bookmarks\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>More Information\u003C\u002Fh4>\n\u003Cp>To know more about Tilt Social Share Widget go to \u003Ca href=\"http:\u002F\u002Fxonoxlabs.com\u002F94\u002Ftilt-social-share-widget\" rel=\"nofollow ugc\">xonoxlabs.com\u003C\u002Fa>\u003C\u002Fp>\n","Tilt Social Share Widget allows your users to quickly share your content on social sites. View \"Description\" tab for available services.",300,33236,"2012-06-28T22:06:00.000Z","3.3.2","3.3",[18,19,69,70,71],"share","sharing","social","http:\u002F\u002Fxonoxlabs.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftilt-social-share-widget.0.97.zip",{"slug":75,"name":76,"version":77,"author":78,"author_profile":79,"description":80,"short_description":81,"active_installs":11,"downloaded":82,"rating":13,"num_ratings":13,"last_updated":83,"tested_up_to":84,"requires_at_least":15,"requires_php":14,"tags":85,"homepage":89,"download_link":90,"security_score":53,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":54},"cms-vote-up-social-cms-news-button","CMS Vote Up Social CMS News","1.1","cmsvoteup","https:\u002F\u002Fprofiles.wordpress.org\u002Fcmsvoteup\u002F","\u003Cp>A must have social CMS website news button for WordPress user (blogger). This button will enable your visitor to vote for your website’s article post up on CMSVoteUp community, which is made for online community & people to discover and share content from anywhere on the Internet, by submitting links and stories, and voting up and commenting on submitted links and stories. A great way to increase online popularity for your website and blog.\u003C\u002Fp>\n\u003Ch3>Frequntly Asked Qustions\u003C\u002Fh3>\n\u003Cp>If you have questions, please send to support[at]cmsvoteup[dot]com\u003C\u002Fp>\n","A must have social CMS website news button for Wordpress user (blogger). This button will enable your visitor to vote for your website's article  &hellip;",6088,"2011-05-11T09:56:00.000Z","3.1.4",[19,86,87,22,88],"facebook","google-buzz","twitter","http:\u002F\u002Fwww.cmsvoteup.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcms-vote-up-social-cms-news-button.zip",{"slug":92,"name":93,"version":94,"author":95,"author_profile":96,"description":97,"short_description":98,"active_installs":11,"downloaded":99,"rating":13,"num_ratings":13,"last_updated":100,"tested_up_to":101,"requires_at_least":15,"requires_php":14,"tags":102,"homepage":106,"download_link":107,"security_score":53,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":54},"damnsexybookmarks","DamnSexyBookmarks","1.0.1","normanyung","https:\u002F\u002Fprofiles.wordpress.org\u002Fnormanyung\u002F","\u003Cp>= UPDATE v.1.0.2=\u003Cbr \u002F>\nAll additions made in DamnSexyBookmarks have been merged into to \u003Ca href=\"http:\u002F\u002Feight7teen.com\u002Fsexy-bookmarks\" rel=\"nofollow ugc\">SexyBookmarks\u003C\u002Fa>. I’ll continue working on changes there.\u003C\u002Fp>\n\u003Ch4>1.0 First Release\u003C\u002Fh4>\n\u003Cp>Based on \u003Ca href=\"http:\u002F\u002Feight7teen.com\u002Fsexy-bookmarks\" rel=\"nofollow ugc\">Josh Jones’ SexyBookmarks v.2.1.2 plugin\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>It includes all the features of SexyBookmarks v.2.1.2 with the following changes\u002Fadditions:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Customizable display order of bookmarks.\u003C\u002Fli>\n\u003Cli>Uses WP Custom Fields to store the short URL for each post\u002Fpage.\u003Cbr \u002F>\nThis minimizes the need to make a remote request for a short URL each time the post or page is processed.\u003C\u002Fli>\n\u003Cli>Fix to remove inline CSS when DamnSexyBookmarks is displayed in the feed.\u003C\u002Fli>\n\u003Cli>Added an option to hide or display DamnSexyBookmarks in feeds.\u003C\u002Fli>\n\u003Cli>Added an option to hide “Sharing is Caring” or “Sharing is Sexy”.\u003C\u002Fli>\n\u003Cli>Streamlined code for easier maintenance.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Credit goes to \u003Ca href=\"http:\u002F\u002Feight7teen.com\u002Fsexy-bookmarks\" rel=\"nofollow ugc\">Josh Jones’ SexyBookmarks plugin\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n","Adds a social bookmarking menu to your posts\u002Fpages\u002Findex. Based on Josh Jones' SexyBookmarks plugin: http:\u002F\u002Feight7teen.com\u002Fsexy-bookmarks",12509,"2009-04-24T16:25:00.000Z","2.7.1",[103,18,19,104,105],"bookmarks-menu","furl","social-bookmarking","http:\u002F\u002Fwww.robotwithaheart.com\u002Fwordpress-work\u002Fdamnsexybookmarks","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdamnsexybookmarks.1.0.2.zip",{"slug":109,"name":109,"version":110,"author":111,"author_profile":112,"description":113,"short_description":114,"active_installs":11,"downloaded":115,"rating":116,"num_ratings":30,"last_updated":117,"tested_up_to":118,"requires_at_least":119,"requires_php":14,"tags":120,"homepage":122,"download_link":123,"security_score":53,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":54},"notable","2.3","Scott Grayban","https:\u002F\u002Fprofiles.wordpress.org\u002Fsgrayban\u002F","\u003Cp>It puts a bar of icons at the bottom of each post allowing your readers to submit your posts to several different\u003Cbr \u002F>\nsocial networking and bookmarking sites. (del.icio.us, digg, fark, etc.)\u003C\u002Fp>\n\u003Cp>The original plugin was called \u003Ca href=\"http:\u002F\u002Fblog.calevans.com\u002F2006\u002F02\u002F08\u002Fnotable-another-wordpress-plugin\u002F\" rel=\"nofollow ugc\">wp-notable\u003C\u002Fa>\u003Cbr \u002F>\nbut no longer worked or was supported. The author was Cal Evans.\u003C\u002Fp>\n","Adds social bookmark links to each blog entry.",3266,20,"2015-11-25T11:49:00.000Z","4.4.34","3.0",[121,19,109,20,49],"del-icio-us","http:\u002F\u002Fblog.borgnet.us\u002Flinks\u002Fwp-notable\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnotable.2.3.zip",{"attackSurface":125,"codeSignals":137,"taintFlows":183,"riskAssessment":239,"analyzedAt":254},{"hooks":126,"ajaxHandlers":133,"restRoutes":134,"shortcodes":135,"cronEvents":136,"entryPointCount":13,"unprotectedCount":13},[127],{"type":128,"name":129,"callback":130,"file":131,"line":132},"action","admin_menu","mt_add_pages","PopuList.php",125,[],[],[],[],{"dangerousFunctions":138,"sqlUsage":147,"outputEscaping":152,"fileOperations":181,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":182},[139,144],{"fn":140,"file":141,"line":142,"context":143},"preg_replace(\u002Fe)","functions.php",50,"preg_replace(\"\u002F\\{WHITESPACE-([0-9]+)\\}\u002Fe\"",{"fn":140,"file":141,"line":145,"context":146},58,"preg_replace(\"\u002F(\\s)\u002Fe\"",{"prepared":30,"raw":30,"locations":148},[149],{"file":141,"line":150,"context":151},8,"$wpdb->get_results() with variable interpolation",{"escaped":13,"rawEcho":153,"locations":154},12,[155,158,161,163,165,167,169,171,173,176,178,180],{"file":156,"line":116,"context":157},"delicious.php","raw output",{"file":159,"line":160,"context":157},"digg.php",19,{"file":162,"line":116,"context":157},"goobl.php",{"file":162,"line":164,"context":157},21,{"file":131,"line":166,"context":157},27,{"file":131,"line":168,"context":157},31,{"file":131,"line":170,"context":157},39,{"file":172,"line":116,"context":157},"reddit.php",{"file":174,"line":175,"context":157},"stumble.php",44,{"file":174,"line":177,"context":157},46,{"file":179,"line":116,"context":157},"yahoobl.php",{"file":179,"line":164,"context":157},5,[],[184,223],{"entryPoint":185,"graph":186,"unsanitizedCount":221,"severity":222},"popu_list (PopuList.php:19)",{"nodes":187,"edges":215},[188,193,198,201,203,206,210],{"id":189,"type":190,"label":191,"file":131,"line":192},"n0","source","$_SERVER",26,{"id":194,"type":195,"label":196,"file":131,"line":166,"wp_function":197},"n1","sink","echo() [XSS]","echo",{"id":199,"type":190,"label":200,"file":131,"line":116},"n2","$_POST",{"id":202,"type":195,"label":196,"file":131,"line":168,"wp_function":197},"n3",{"id":204,"type":190,"label":200,"file":131,"line":205},"n4",45,{"id":207,"type":208,"label":209,"file":131,"line":205},"n5","transform","→ spagefind()",{"id":211,"type":195,"label":212,"file":141,"line":213,"wp_function":214},"n6","get_results() [SQLi]",29,"get_results",[216,218,219,220],{"from":189,"to":194,"sanitized":217},false,{"from":199,"to":202,"sanitized":217},{"from":204,"to":207,"sanitized":217},{"from":207,"to":211,"sanitized":217},3,"high",{"entryPoint":224,"graph":225,"unsanitizedCount":221,"severity":222},"\u003CPopuList> (PopuList.php:0)",{"nodes":226,"edges":234},[227,228,229,230,231,232,233],{"id":189,"type":190,"label":191,"file":131,"line":192},{"id":194,"type":195,"label":196,"file":131,"line":166,"wp_function":197},{"id":199,"type":190,"label":200,"file":131,"line":116},{"id":202,"type":195,"label":196,"file":131,"line":168,"wp_function":197},{"id":204,"type":190,"label":200,"file":131,"line":205},{"id":207,"type":208,"label":209,"file":131,"line":205},{"id":211,"type":195,"label":212,"file":141,"line":213,"wp_function":214},[235,236,237,238],{"from":189,"to":194,"sanitized":217},{"from":199,"to":202,"sanitized":217},{"from":204,"to":207,"sanitized":217},{"from":207,"to":211,"sanitized":217},{"summary":240,"deductions":241},"The populist plugin v1.5.1 presents a mixed security posture. While the static analysis shows a remarkably small attack surface with no apparent direct entry points like AJAX handlers, REST API routes, or shortcodes that are exposed without authentication, there are significant concerns within the code itself. The presence of two 'dangerous functions' (preg_replace with the \u002Fe modifier) and a complete lack of output escaping are particularly worrying. Taint analysis reveals two flows with unsanitized paths, indicating potential for command injection or other code execution vulnerabilities if these paths are reachable.  The plugin's vulnerability history is clean, with no recorded CVEs. This could indicate good development practices or simply a lack of past scrutiny. However, the internal code signals, especially the lack of output escaping and the identified unsanitized flows, suggest that the plugin may have undiscovered vulnerabilities that could be exploited. Therefore, despite the absence of a known exploitable history, the internal code quality raises significant red flags.",[242,245,247,248,250,252],{"reason":243,"points":244},"Dangerous function: preg_replace(\u002Fe)",15,{"reason":246,"points":153},"Taint flow with unsanitized paths (High severity)",{"reason":246,"points":153},{"reason":249,"points":150},"0% of output properly escaped",{"reason":251,"points":181},"0 Nonce checks",{"reason":253,"points":181},"0 Capability checks","2026-03-16T23:29:50.527Z",{"wat":256,"direct":269},{"assetPaths":257,"generatorPatterns":266,"scriptPaths":267,"versionParams":268},[258,259,260,261,262,263,264,265],"\u002Fwp-content\u002Fplugins\u002Fpopulist\u002Fdigg.php","\u002Fwp-content\u002Fplugins\u002Fpopulist\u002Fdelicious.php","\u002Fwp-content\u002Fplugins\u002Fpopulist\u002Freddit.php","\u002Fwp-content\u002Fplugins\u002Fpopulist\u002Fstumble.php","\u002Fwp-content\u002Fplugins\u002Fpopulist\u002Fgoobl.php","\u002Fwp-content\u002Fplugins\u002Fpopulist\u002Fyahoobl.php","\u002Fwp-content\u002Fplugins\u002Fpopulist\u002Ffunctions.php","\u002Fwp-content\u002Fplugins\u002Fpopulist\u002Fstyle.php",[],[],[],{"cssClasses":270,"htmlComments":277,"htmlAttributes":278,"restEndpoints":286,"jsGlobals":287,"shortcodeOutput":288},[271,272,273,274,275,276],"slmodule","hndle","inside","tabnav","tab1","tab2",[],[279,280,281,282,283,284,285],"id=\"tabnav\"","id=\"gooblbox\"","id=\"yahblbox\"","id=\"diggbox\"","id=\"delbox\"","id=\"redbox\"","id=\"stmbox\"",[],[],[]]