[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f3kMLHkixp3hHjCauJ_twWgq9cRnlnU9PMMOYxmUHvJE":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":49,"crawl_stats":38,"alternatives":53,"analysis":161,"fingerprints":297},"shariff-sharing","Shariff for WordPress","1.0.11","yanniks","https:\u002F\u002Fprofiles.wordpress.org\u002Fyanniksde\u002F","\u003Cp>This is the Shariff for WordPress plugin based on c’t Shariff.\u003C\u002Fp>\n\u003Cp>For more information, check out the original \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fheiseonline\u002Fshariff\" rel=\"nofollow ugc\">GitHub project\u003C\u002Fa> and the \u003Ca href=\"http:\u002F\u002Fct.de\u002Fshariff\" rel=\"nofollow ugc\">c’t information page\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>Shariff enables website users to share their favorite content without compromising their privacy.\u003C\u002Fp>\n\u003Cp>Facebook, Google+ and Twitter supply official sharing code snippets which quietly siphon personal data from all page visitors. Shariff enables visitors to see how popular your page is on Facebook and share your content with others without needless data leaks.\u003C\u002Fp>\n\u003Cp>Shariff \u003Ccode>(\u002Fˈʃɛɹɪf\u002F)\u003C\u002Fcode> is an open-source, low-maintenance, high-privacy solution maintained by German computer magazine c’t and heise online.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>Shariff supports sharing buttons for Facebook, Twitter, Google+, LinkedIn, Pinterest, Reddit, StumbleUpon, XING, WhatsApp and mail.\u003Cbr \u002F>\nSelect which color you want, set the button location, select the orientation fitting most to your website and set the TTL just as you want.\u003C\u002Fp>\n","Shariff enables website users to share their favorite content without compromising their privacy.",1000,31269,82,18,"2017-11-28T15:00:00.000Z","4.2.39","3.0","",[20,21,22,23,24],"network","networks","privacy","sharing","social","http:\u002F\u002Fwww.heise.de\u002Fnewsticker\u002Fmeldung\u002Fc-t-entwickelt-datenschutzfreundliche-Social-Media-Buttons-weiter-2466687.html","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fshariff-sharing.zip",84,1,0,"2014-12-05 00:00:00","2026-03-15T15:16:48.613Z",[33],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"WF-11f883d2-c183-4cc9-a330-6c50610a5c39-shariff-sharing","shariff-sharing-stored-cross-site-scripting","Shariff Sharing \u003C 1.0.8 - Stored Cross-Site Scripting","The Shariff Sharing plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘shariff_image' parameter in versions before 1.0.8 due to insufficient input sanitization and output escaping. This makes it possible for attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",null,"\u003C1.0.8","1.0.8","high",7.2,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-01-22 19:56:02",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F11f883d2-c183-4cc9-a330-6c50610a5c39?source=api-prod",3336,{"slug":50,"display_name":7,"profile_url":8,"plugin_count":28,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":48,"trust_score":51,"computed_at":52},"yanniksde",68,"2026-04-04T14:14:01.963Z",[54,80,102,125,146],{"slug":55,"name":56,"version":57,"author":58,"author_profile":59,"description":60,"short_description":61,"active_installs":62,"downloaded":63,"rating":64,"num_ratings":65,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":18,"tags":69,"homepage":74,"download_link":75,"security_score":76,"vuln_count":77,"unpatched_count":78,"last_vuln_date":79,"fetched_at":31},"social-networks-auto-poster-facebook-twitter-g","NextScripts: Social Networks Auto-Poster","4.4.7","NextScripts","https:\u002F\u002Fprofiles.wordpress.org\u002Fnextscripts\u002F","\u003Cp>\u003Cstrong>This plugin automatically publishes posts from your blog to your Social Media accounts\u003C\u002Fstrong> such as Twitter, Blogger, Telegram, Tumblr, Flickr, LinkedIn, ok.ru, LiveJournal, DreamWidth, Flipboard, Google My Business, Line, Diigo, Instapaper, Pinterest, Plurk, VK.com (VKontakte), YouTube, Scoop.It, WordPress, XING etc. The whole process is completely automated. Just write a new post and either entire post or it’s nicely formatted announcement with backlink will be published to all your configured social networks. You can reach the most audience and tell all your friends, readers and followers about your new post. Plugin works with profiles, business pages, community pages, groups, etc. Messages are 100% customizable and adopted for each network requirements.\u003C\u002Fp>\n\u003Cp>[Great News – July 2022] After almost 2 years break, plugin is back to active development and support. Versions 4.5 and 5.0 are coming soon…\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Version 4.4\u003C\u002Fstrong> – fully compatible with WordPress 6 and Guttenberg Blocks.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Supported Networks\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Blogger\u002FBlogspot\u003C\u002Fstrong> – Autopost to your blog. HTML is supported.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Deviantart.com\u003C\u002Fstrong> – Autopost to your blog. HTML is supported.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Diigo\u003C\u002Fstrong> – Auto-submit bookmark to your account. \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Flickr\u003C\u002Fstrong> – Autopost images to your photostream and\u002For sets. Tags are supported. \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Flipboard\u003C\u002Fstrong> (\u003Cem>with third party API library\u003C\u002Fem>) – post to your magazines.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Instapaper\u003C\u002Fstrong> – Auto-submit bookmark to your account. \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Google My Business\u003C\u002Fstrong> (\u003Cem>with third party API library\u003C\u002Fem>) – Autopost to your Google My Business listings.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Line\u003C\u002Fstrong> – Autopost to your channel, group or room.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>LinkedIn\u003C\u002Fstrong> – Autopost to your account. Ability to attach your blogpost to LinkedIn post. Autopost to LinkedIn Company pages and\u002For Groups (\u003Cem>with third party API library\u003C\u002Fem>)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>LiveJournal\u003C\u002Fstrong> – Auto-submit your blogpost to LiveJournal blog or community. “LiveJournal Engine” based website DreamWidth.org is also supported. \u003C\u002Fli>\n\u003Cli>\u003Cstrong>MailChimp\u003C\u002Fstrong> –  One of the most popular email marketing tools. You can send your blogs as email campaigns to specific subscribers.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Medium\u003C\u002Fstrong> – Autopost to your profile or publications.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>ok.ru (Odnoklassniki)\u003C\u002Fstrong> Autopost to your group\u002Fpage. Ability to make text posts, image posts, share links.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Pinterest\u003C\u002Fstrong> (\u003Cem>with third party API library\u003C\u002Fem>) – Pin your blogpost’s featured image to your Pinterest board.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Reddit\u003C\u002Fstrong> (\u003Cem>with third party API library\u003C\u002Fem>) – post to your subreddits.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Scoop.It\u003C\u002Fstrong> (\u003Cem>with third party API library\u003C\u002Fem>) – Autopost to your “Topics”. Ability to attach your blogpost to scoop. Ability to make “Image” posts.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>SETT\u003C\u002Fstrong> – Auto-post to your Sett.com blog.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Telegram\u003C\u002Fstrong> – Autopost to your channel, group or chat.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Tumblr\u003C\u002Fstrong> – Autopost to your account. Ability to attach your blogpost to Tumblr post. HTML is supported.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Twitter\u003C\u002Fstrong> – Autopost to your account. Ability to attach Image to tweets.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Plurk\u003C\u002Fstrong>  – Autopost to your account. Ability to attach Image to messages.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>vBulletin\u003C\u002Fstrong> – Auto-submit your blogpost to vBulletin forums. Could create new threads or new posts.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>vk.com (vKontakte)\u003C\u002Fstrong> – Autopost to your profile or group page. Ability to attach your blogpost to vk.com post. Ability to make “Image” posts.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Weibo\u003C\u002Fstrong> –  Biggest Chinese Microblogging Service. You can post your messages and images.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WordPress\u003C\u002Fstrong> – Auto-submit your blogpost to another blog based on WordPress. This options includes WordPress.com, Blog.com, etc..\u003C\u002Fli>\n\u003Cli>\u003Cstrong>XING\u003C\u002Fstrong> – Post text messages or share links.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>YouTube\u003C\u002Fstrong> (\u003Cem>with third party API library\u003C\u002Fem>) – Post messages to your YouTube channel feed. If blogpost has youtube reference it will be attached.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Yo\u003C\u002Fstrong> – Send notifications to your subscribers.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>500px\u003C\u002Fstrong> – Autopost images to your account.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>… more networks are coming soon …\u003C\u002Fp>\n\u003Cul>\n\u003Cli>(\u003Cem>with third party API library\u003C\u002Fem>) means that you need to eitgher provide your own API or have a \u003Ca href=\"https:\u002F\u002Fwww.nextscripts.com\u002Fsnap-api-premium-for-wordpress\u002F\" rel=\"nofollow ugc\">SNAP Premium API Library Addon for WordPress\u003C\u002Fa>. \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Plugin makes 100% White Labeled Posts\u003C\u002Fstrong> The main idea behind the plugin is to give you the ability to promote only yourself. Plugin uses your own apps and all posts to all networks come only from you. No “Shared via NextScripts.com” or “Posted by SNAP for WordPress” messages.\u003C\u002Fp>\n\u003Cp>Please see \u003Ca href=\"https:\u002F\u002Fwww.nextscripts.com\u002Finstallation-of-social-networks-auto-poster-for-wordpress\u002F\" rel=\"nofollow ugc\">complete installation instructions with video and screenshots\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Free and Pro Plugin Features\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fwww.nextscripts.com\u002Fsnap-features\u002F\" rel=\"nofollow ugc\">Please see more detailed features list\u003C\u002Fa>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.nextscripts.com\u002Fsnap-features\u002Fmessage-formatting-tags\u002F\" rel=\"nofollow ugc\">Message Formatting Tags\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.nextscripts.com\u002Fsnap-features\u002Ffilters\u002F\" rel=\"nofollow ugc\">Filters\u003C\u002Fa>. Filters allow you to post only specified categories, tags, post types, etc… to each Social Network account.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.nextscripts.com\u002Fsnap-features\u002Freposter\u002F\" rel=\"nofollow ugc\">Re-Poster\u003C\u002Fa>. Automatically post your already existing posts to your social media accounts.\u003C\u002Fli>\n\u003Cli>Tags\u002FCategories could be posted as Hashtags\u003C\u002Fli>\n\u003Cli>Auto-import replies and mentions from and Twitter as WordPress Comments\u003C\u002Fli>\n\u003Cli>URL Shorteners: bit.ly, goo.gl, YOURLS and built in WordPress URL Shortener\u003C\u002Fli>\n\u003Cli>Additional URL Parameters \u003C\u002Fli>\n\u003Cli>Custom URLs for AutoPosts \u003C\u002Fli>\n\u003Cli>Export\u002FImport Plugin settings\u003C\u002Fli>\n\u003Cli>See direct links to the published posts from the “Edit” page\u003C\u002Fli>\n\u003Cli>“Image” posts for VK and Twitter\u003C\u002Fli>\n\u003Cli>Ability to “Spin” message post templates\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.nextscripts.com\u002Ftutorials\u002Fhow-to-post-woocommerce-products\u002F\" rel=\"nofollow ugc\">Full compatibility with WooCommerce\u003C\u002Fa>. SNAP can autopost new or auto-repost existing products to all your social media accounts.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Some additional features could be added via addons \u003Ca href=\"https:\u002F\u002Fwww.nextscripts.net\" rel=\"nofollow ugc\">addons\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Unlimited accounts. Add\u002Fconfigure unlimited number of accounts for each social network.\u003C\u002Fli>\n\u003Cli>Ability to make Scheduled and Delayed posts\u003C\u002Fli>\n\u003Cli>Advanced Filters. Filter by Custom Fields, Custom Taxonomies, and Searches\u003C\u002Fli>\n\u003Cli>Auto-repost existing posts randomly\u003C\u002Fli>\n\u003Cli>Limit auto-reposting to specific days and times.\u003C\u002Fli>\n\u003Cli>Import comments.\u003C\u002Fli>\n\u003Cli>Use Proxies.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Requirements\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>WordPress 6.0+ (6.9+ is preferred)\u003Cbr \u002F>\nPHP 7.4+ (8.2+ is preferred)\u003Cbr \u002F>\ncURL\u003Cbr \u002F>\nCorrectly working WP cron is required for some functionality (Scheduled posts, Auto reposter, Comments Import, etc…)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Get Support\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.nextscripts.com\u002Fsupport\u002F\" rel=\"nofollow ugc\">Contact support\u002FOpen Support Ticket\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Other\u002FCopyrights\u003C\u002Fh3>\n\u003Cp>Plugin Name: Next Scripts Social Networks Auto-Poster\u003C\u002Fp>\n\u003Cp>Plugin URI: https:\u002F\u002Fwww.nextscripts.com\u002Fsocial-networks-auto-poster-for-wordpress\u003C\u002Fp>\n\u003Cp>Description: This plugin automatically publishes posts from your blog to your Twitter, and Google+ profiles and\u002For pages.\u003C\u002Fp>\n\u003Cp>Author: NextScripts\u003C\u002Fp>\n\u003Cp>Author URL: https:\u002F\u002Fwww.nextscripts.com\u003C\u002Fp>\n\u003Cp>Copyright 2012-2026  NextScripts Corp\u003C\u002Fp>\n\u003Cp>PHP Twitter API: Copyright 2012 –  themattharris – tmhOAuth\u003C\u002Fp>\n\u003Cp>NextScripts Corp\u003C\u002Fp>\n","Automatically publishes blogposts to profiles\u002Fpages\u002Fgroups on Twitter, Google+, Pinterest, LinkedIn, Blogger, Tumblr ... 22 more",30000,7429773,66,617,"2026-02-26T22:48:00.000Z","6.9.4","6.0",[70,71,23,72,73],"autopost","repost","social-media","social-networks","https:\u002F\u002Fwww.nextscripts.com\u002Fsocial-networks-auto-poster-for-wordpress","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsocial-networks-auto-poster-facebook-twitter-g.zip",40,14,2,"2026-03-09 21:33:10",{"slug":81,"name":82,"version":83,"author":84,"author_profile":85,"description":86,"short_description":87,"active_installs":88,"downloaded":89,"rating":90,"num_ratings":51,"last_updated":91,"tested_up_to":92,"requires_at_least":93,"requires_php":94,"tags":95,"homepage":98,"download_link":99,"security_score":100,"vuln_count":78,"unpatched_count":29,"last_vuln_date":101,"fetched_at":31},"scriptless-social-sharing","Scriptless Social Sharing","3.3.1","Robin Cornett","https:\u002F\u002Fprofiles.wordpress.org\u002Flittlerchicken\u002F","\u003Cp>\u003Cem>Scriptless Social Sharing\u003C\u002Fem> is a wee plugin to add buttons to your posts\u002Fpages, to make it easier for your readers to share your content on social networks.\u003C\u002Fp>\n\u003Cp>The sharing links use the most basic methods provided by each network. There is no JavaScript, nothing fancy included in this plugin, so if you want fancy, this is not the plugin you’re looking for. It just builds a set of links.\u003C\u002Fp>\n\u003Cp>The sharing buttons are accessible–even if you choose the “Icons Only” button styles, the network names are still part of the buttons, just hidden in an accessible-ready manner.\u003C\u002Fp>\n\u003Cp>There is a small settings page, so you can make decisions about which content types should have sharing buttons and where, what buttons should be added, and whether or not to use the plugin’s styles. Beyond that, developers may like to make use of filters throughout the plugin.\u003C\u002Fp>\n\u003Cp>Banner\u002Ficon image credit: \u003Ca href=\"https:\u002F\u002Fgratisography.com\u002F\" rel=\"nofollow ugc\">Ryan McGuire on Gratisography\u003C\u002Fa>.\u003C\u002Fp>\n","This plugin adds super simple social sharing buttons to your content.",10000,196363,100,"2025-07-19T17:35:00.000Z","6.8.5","6.2","7.4",[96,73,97],"sharing-buttons","social-sharing","https:\u002F\u002Fgithub.com\u002Frobincornett\u002Fscriptless-social-sharing","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fscriptless-social-sharing.3.3.1.zip",98,"2025-04-16 00:00:00",{"slug":103,"name":104,"version":105,"author":106,"author_profile":107,"description":108,"short_description":109,"active_installs":110,"downloaded":111,"rating":112,"num_ratings":113,"last_updated":114,"tested_up_to":115,"requires_at_least":17,"requires_php":18,"tags":116,"homepage":122,"download_link":123,"security_score":124,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"wp-social-share","WP Social Share","1.1","Anas Mir","https:\u002F\u002Fprofiles.wordpress.org\u002Fsharpcoders\u002F","\u003Cp>Social Networks are very popular now a days and great source to get readers for your blog.\u003Cbr \u002F>\nWP Social Share Plugin Helps you and your users to share blog posts directly from your blog to social network sites\u003Cbr \u002F>\nlike facebook, twitter, linkedin etc.\u003Cbr \u002F>\nThis version of WP Social Share plugin supports following social networks\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Twitter   \u003C\u002Fli>\n\u003Cli>Facebook  \u003C\u002Fli>\n\u003Cli>Google Plus   \u003C\u002Fli>\n\u003Cli>Linkedin  \u003C\u002Fli>\n\u003Cli>Stumbleupon   \u003C\u002Fli>\n\u003Cli>Digg  \u003C\u002Fli>\n\u003Cli>reddit    \u003C\u002Fli>\n\u003Cli>Evernote\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can\u003Cbr \u002F>\n1. Enable\u002Fdisable any of the above social share buttons from admin panel\u003Cbr \u002F>\n2. Enable\u002Fdisable social share buttons for Category\u002FHome and Post pages\u003Cbr \u002F>\n3. Enable\u002Fdisable any social network button for Category\u002FHome and Post Pages.\u003C\u002Fp>\n","Add Social Networks Share Button at Home, Category and Single Posts Pages.",60,27837,74,3,"2012-12-14T12:07:00.000Z","3.4.2",[117,118,119,120,121],"social-networks-sharing","social-share","social-share-buttons","social-share-buttons-on-posts","social-share-on-posts","http:\u002F\u002Fsharp-coders.com\u002Fplugins\u002Fwp-plugins\u002Fwp-social-share","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-social-share.zip",85,{"slug":126,"name":127,"version":128,"author":129,"author_profile":130,"description":131,"short_description":132,"active_installs":133,"downloaded":134,"rating":29,"num_ratings":29,"last_updated":135,"tested_up_to":136,"requires_at_least":137,"requires_php":18,"tags":138,"homepage":144,"download_link":145,"security_score":124,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"jumbo-share","Jumbo Share","1.0.0","WPManiax","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpmaniax\u002F","\u003Cp>This social share bar mimics mashable.com social share bar. It’s collapsible and contains big Ajax powered counter that counts overall shares for your posts\u002Fpages.\u003C\u002Fp>\n\u003Cp>Jumbo Share is super easy to install and configure.\u003C\u002Fp>\n\u003Cp>It supports most popular social networks and is fully responsive.\u003C\u002Fp>\n\u003Cp>More \u003Ca href=\"http:\u002F\u002Fwww.wpmaniax.com\u002Fjumbo-share\u002F\" rel=\"nofollow ugc\">Screenshots and Live Sample\u003C\u002Fa> you can see on plugins’ home page.\u003C\u002Fp>\n\u003Cp>Main Features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Easy to install and configure\u003C\u002Fli>\n\u003Cli>Most popular social networks supported (Facebook, Twitter, Google Plus, LinkedIn, Reddit )\u003C\u002Fli>\n\u003Cli>Fully responsive\u003C\u002Fli>\n\u003Cli>Show before\u002Fafter content or both\u003C\u002Fli>\n\u003Cli>Shortcode available to place the jumbo share bar inside your posts\u002Fpages\u003C\u002Fli>\n\u003Cli>Configure where to show (posts, pages, home, archives)\u003C\u002Fli>\n\u003Cli>Ajax powered counter means your site won’t slow down.\u003C\u002Fli>\n\u003Cli>Ability to completely disable counter\u003C\u002Fli>\n\u003Cli>Configure counter color\u003C\u002Fli>\n\u003Cli>Cache results to speed up the counter (5 minutes – 24 hours)\u003C\u002Fli>\n\u003Cli>Ability to purge cache manually\u003C\u002Fli>\n\u003Cli>Nice and elegant design\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Feedback\u003C\u002Fh3>\n\u003Cp>http:\u002F\u002Fwww.wpmaniax.com\u002Fjumbo-share\u002F\u003C\u002Fp>\n","Add Mashable.com like social share bar to your web site.",10,2461,"2015-12-06T23:05:00.000Z","4.3.34","3.6",[139,140,141,142,143],"mashable","social-media-networks","social-media-pop-up","social-media-sharing","social-media-widget","http:\u002F\u002Fwww.wpmaniax.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjumbo-share.1.0.0.zip",{"slug":147,"name":148,"version":149,"author":150,"author_profile":151,"description":152,"short_description":153,"active_installs":133,"downloaded":154,"rating":90,"num_ratings":113,"last_updated":18,"tested_up_to":155,"requires_at_least":156,"requires_php":18,"tags":157,"homepage":158,"download_link":159,"security_score":90,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":160},"kento-social-share","Social Share","1.0.2","PluginsPoint","https:\u002F\u002Fprofiles.wordpress.org\u002Fkentothemes\u002F","\u003Cp>allow your visitors share your webpage using fancy social sharing tools.\u003C\u002Fp>\n\u003Cp>Live demo: https:\u002F\u002Fpluginspoint.com\u003C\u002Fp>\n\u003Cp>Plugin Features\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Top 11 social sharing site.\u003C\u002Fli>\n\u003Cli>Mouse leave effect.\u003C\u002Fli>\n\u003Cli>Mouse hover social icons.\u003C\u002Fli>\n\u003Cli>Install and go.\u003C\u002Fli>\n\u003C\u002Ful>\n","Fancy Social share tool by https:\u002F\u002Fpluginspoint.com",4971,"6.7.5","4.0",[117,118,119,120,121],"https:\u002F\u002Fpluginspoint.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkento-social-share.zip","2026-03-15T10:48:56.248Z",{"attackSurface":162,"codeSignals":202,"taintFlows":258,"riskAssessment":285,"analyzedAt":296},{"hooks":163,"ajaxHandlers":198,"restRoutes":199,"shortcodes":200,"cronEvents":201,"entryPointCount":29,"unprotectedCount":29},[164,170,174,178,181,185,189,193],{"type":165,"name":166,"callback":167,"file":168,"line":169},"action","save_post","save_details","shariff-wp.php",313,{"type":165,"name":171,"callback":172,"file":168,"line":173},"admin_init","select_init",331,{"type":165,"name":175,"callback":176,"file":168,"line":177},"admin_menu","shariffconfigmenu",332,{"type":165,"name":171,"callback":179,"file":168,"line":180},"init_settings",333,{"type":165,"name":182,"callback":183,"file":168,"line":184},"init","init_locale",334,{"type":165,"name":186,"callback":187,"file":168,"line":188},"wp_enqueue_scripts","loadshariff",335,{"type":165,"name":190,"callback":191,"file":168,"line":192},"wp_footer","loadjs",336,{"type":194,"name":195,"callback":196,"file":168,"line":197},"filter","the_content","shariffsharing",337,[],[],[],[],{"dangerousFunctions":203,"sqlUsage":204,"outputEscaping":206,"fileOperations":29,"externalRequests":29,"nonceChecks":29,"capabilityChecks":78,"bundledLibraries":254},[],{"prepared":29,"raw":29,"locations":205},[],{"escaped":28,"rawEcho":207,"locations":208},22,[209,213,214,216,218,220,222,224,226,228,230,232,234,236,238,240,242,244,246,248,250,252],{"file":210,"line":211,"context":212},"backend\\index.php",42,"raw output",{"file":168,"line":14,"context":212},{"file":168,"line":215,"context":212},187,{"file":168,"line":217,"context":212},190,{"file":168,"line":219,"context":212},194,{"file":168,"line":221,"context":212},224,{"file":168,"line":223,"context":212},239,{"file":168,"line":225,"context":212},242,{"file":168,"line":227,"context":212},246,{"file":168,"line":229,"context":212},249,{"file":168,"line":231,"context":212},252,{"file":168,"line":233,"context":212},255,{"file":168,"line":235,"context":212},261,{"file":168,"line":237,"context":212},264,{"file":168,"line":239,"context":212},267,{"file":168,"line":241,"context":212},270,{"file":168,"line":243,"context":212},274,{"file":168,"line":245,"context":212},279,{"file":168,"line":247,"context":212},282,{"file":168,"line":249,"context":212},284,{"file":168,"line":251,"context":212},308,{"file":168,"line":253,"context":212},311,[255],{"name":256,"version":38,"knownCves":257},"Guzzle",[],[259,276],{"entryPoint":260,"graph":261,"unsanitizedCount":28,"severity":275},"run (backend\\index.php:8)",{"nodes":262,"edges":272},[263,267],{"id":264,"type":265,"label":266,"file":210,"line":211},"n0","source","$_GET['url']",{"id":268,"type":269,"label":270,"file":210,"line":211,"wp_function":271},"n1","sink","echo() [XSS]","echo",[273],{"from":264,"to":268,"sanitized":274},false,"medium",{"entryPoint":277,"graph":278,"unsanitizedCount":28,"severity":284},"\u003Cindex> (backend\\index.php:0)",{"nodes":279,"edges":282},[280,281],{"id":264,"type":265,"label":266,"file":210,"line":211},{"id":268,"type":269,"label":270,"file":210,"line":211,"wp_function":271},[283],{"from":264,"to":268,"sanitized":274},"low",{"summary":286,"deductions":287},"The \"shariff-sharing\" v1.0.11 plugin presents a mixed security posture.  On the positive side, the plugin demonstrates good practices by utilizing prepared statements for all SQL queries and has no known currently unpatched vulnerabilities.  Its attack surface, as measured by AJAX handlers, REST API routes, shortcodes, and cron events, is commendably zero, indicating a reduced potential for direct exploitation. However, significant concerns arise from the static analysis. The low percentage of properly escaped output (4%) suggests a high risk of Cross-Site Scripting (XSS) vulnerabilities, where user-supplied data might be rendered directly into the web page without sufficient sanitization.  The taint analysis also identified two flows with unsanitized paths, which, while not rated critical or high in this specific analysis, point to potential areas where malicious input could lead to unintended consequences, such as directory traversal or file manipulation if not handled with extreme care.  The plugin's historical vulnerability data shows one past CVE, specifically an XSS vulnerability, reinforcing the concern about output escaping. While this past vulnerability is patched, the recurrence of XSS as a common type is a red flag. The bundling of Guzzle, a library, without version information, also carries a slight risk if it's an outdated or vulnerable version, though this is not explicitly detailed in the provided data.",[288,291,294],{"reason":289,"points":290},"Low percentage of properly escaped output",15,{"reason":292,"points":293},"Taint analysis shows unsanitized paths",8,{"reason":295,"points":113},"Bundled libraries (Guzzle) - potential outdated version","2026-03-16T18:57:43.864Z",{"wat":298,"direct":304},{"assetPaths":299,"generatorPatterns":301,"scriptPaths":302,"versionParams":303},[300],"\u002Fwp-content\u002Fplugins\u002Fshariff-sharing\u002Fdep\u002Fshariff.complete.css",[],[],[],{"cssClasses":305,"htmlComments":307,"htmlAttributes":308,"restEndpoints":322,"jsGlobals":324,"shortcodeOutput":325},[306],"shariff",[],[309,310,311,312,313,314,315,316,317,318,319,320,321],"data-twitter-via","data-title","data-info-url","data-backend-url","data-temp","data-ttl","data-service","data-services","data-image","data-url","data-lang","data-theme","data-orientation",[323],"\u002Fwp-content\u002Fplugins\u002Fshariff-sharing\u002Fbackend\u002Findex.php",[],[326],"\u003Cdiv class=\"shariff\""]