[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f72iKpUjIpOzv_IfWircKt1IdtceBhiW8r70yWVlq00A":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":106,"crawl_stats":37,"alternatives":113,"analysis":221,"fingerprints":841},"shariff","Shariff Wrapper","4.6.15","3UU","https:\u002F\u002Fprofiles.wordpress.org\u002F3uu\u002F","\u003Cp>The “original” share buttons automatically transmit data of your visitors to the social network sites as soon as they visit your website. They do not need to click on a share button for this and therefore have no choice, if they want their data to be send. The German computer magazine c’t has developed “Shariff” \u003Ccode>(ʃɛɹɪf)\u003C\u002Fcode> that follows the General Data Protection Regulation (GDPR – Regulation (EU) 2016\u002F679). This plugin adapts the Shariff concept and provides an easy to use solution for WordPress. We currently support 29 services in 25 languages: Bitcoin, Buffer, Diaspora, Facebook, Flipboard, LinkedIn, mailto, Mastodon, MeWe, Odnoklassniki, Patreon, PayPal, PayPal.me, Pinterest, Pocket, Printer, Reddit, RSS, SMS, Stumbleupon, Telegram, Threema, Tumblr, Twitter, VK, Wallabag, Weibo, WhatsApp, Xing.\u003C\u002Fp>\n\u003Cp>For more information about the Shariff project check out the original \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fheiseonline\u002Fshariff\" rel=\"nofollow ugc\">GitHub project\u003C\u002Fa> and read about the project itself \u003Ca href=\"http:\u002F\u002Fct.de\u002Fshariff\" rel=\"nofollow ugc\">c’t information page\u003C\u002Fa> (in German).\u003C\u002Fp>\n\u003Cp>You can automatically add share buttons to posts, pages, the main blog page, product sites and many more as well as use it as a widget or add the shortcode \u003Ccode>[shariff]\u003C\u002Fcode> manually to your pages or themes.\u003C\u002Fp>\n","Shariff provides share buttons that respect the privacy of your visitors and follow the General Data Protection Regulation (GDPR).",40000,1092159,98,102,"2025-01-07T18:03:00.000Z","6.7.5","4.9","7.4",[20,21,22,4,23],"dsgvo","gdpr","share-buttons","sharing","https:\u002F\u002Fwordpress.org\u002Fplugins-wp\u002Fshariff\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fshariff.4.6.15.zip",86,6,0,"2024-06-19 00:00:00","2026-03-15T15:16:48.613Z",[32,48,62,74,85,94],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":39,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":29,"updated_date":44,"references":45,"days_to_patch":47},"CVE-2024-4098","shariff-wrapper-unauthenticated-local-file-inclusion","Shariff Wrapper \u003C= 4.6.13 - Unauthenticated Local File Inclusion","The Shariff Wrapper plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 4.6.13 via the shariff3uu_fetch_sharecounts function. This allows unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included.",null,"\u003C=4.6.13","4.6.14","critical",9.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')","2024-06-20 06:58:05",[46],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Ff49fba00-c576-4a1a-8b0b-9ebed3e3d090?source=api-prod",1,{"id":49,"url_slug":50,"title":51,"description":52,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":39,"severity":53,"cvss_score":54,"cvss_vector":55,"vuln_type":56,"published_date":57,"updated_date":58,"references":59,"days_to_patch":61},"CVE-2024-2695","shariff-wrapper-authenticated-contributor-stored-cross-site-scripting-via-shortcode","Shariff Wrapper \u003C= 4.6.13 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode","The Shariff Wrapper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'shariff' shortcode in all versions up to, and including, 4.6.13 due to insufficient input sanitization and output escaping on user supplied attributes such as 'borderradius', 'services' and 'timestamp'. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","medium",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-06-14 19:57:09","2024-06-17 14:39:43",[60],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F9baa8bbf-a318-4bc5-8bfd-2bd64536965e?source=api-prod",3,{"id":63,"url_slug":64,"title":65,"description":66,"plugin_slug":4,"theme_slug":37,"affected_versions":67,"patched_in_version":68,"severity":53,"cvss_score":54,"cvss_vector":55,"vuln_type":56,"published_date":69,"updated_date":70,"references":71,"days_to_patch":73},"CVE-2024-1450","shariff-wrapper-authenticated-contributor-stored-cross-site-scripting","Shariff Wrapper \u003C= 4.6.10 - Authenticated (Contributor+) Stored Cross-Site Scripting","The Shariff Wrapper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'shariff' shortcode in all versions up to, and including, 4.6.10 due to insufficient input sanitization and output escaping on user supplied attributes such as 'align'. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. CVE-2024-29109 appears to be a duplicate of this issue.","\u003C=4.6.10","4.6.11","2024-03-12 00:00:00","2024-03-20 20:43:19",[72],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F00a3d8e3-17b1-488b-9c42-2479932c9bf7?source=api-prod",9,{"id":75,"url_slug":76,"title":77,"description":78,"plugin_slug":4,"theme_slug":37,"affected_versions":79,"patched_in_version":80,"severity":53,"cvss_score":54,"cvss_vector":55,"vuln_type":56,"published_date":69,"updated_date":81,"references":82,"days_to_patch":84},"CVE-2024-0966","shariff-wrapper-authenticated-contributor-stored-cross-site-scripting-2","Shariff Wrapper \u003C= 4.6.9 - Authenticated (Contributor+) Stored Cross-Site Scripting","The Shariff Wrapper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'shariff' shortcode in all versions up to, and including, 4.6.9 due to insufficient input sanitization and output escaping on user supplied attributes like 'info_text'. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page and clicks the information icon.","\u003C=4.6.9","4.6.10","2024-05-31 15:30:44",[83],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F8588f9e8-441c-4b9e-bd78-8526d8c28fa3?source=api-prod",81,{"id":86,"url_slug":87,"title":88,"description":89,"plugin_slug":4,"theme_slug":37,"affected_versions":79,"patched_in_version":80,"severity":53,"cvss_score":54,"cvss_vector":55,"vuln_type":56,"published_date":69,"updated_date":90,"references":91,"days_to_patch":93},"CVE-2023-6500","shariff-wrapper-authenticatedcontributor-stored-cross-site-scripting-via-shortcode","Shariff Wrapper \u003C= 4.6.9 - Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode","The Shariff Wrapper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'shariff' shortcode in all versions up to, and including, 4.6.9 due to insufficient input sanitization and output escaping on user supplied attributes such as 'secondarycolor' and 'maincolor'. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","2024-07-29 21:37:26",[92],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fcac2a45e-f09e-4639-9a45-68d528a5094e?source=api-prod",140,{"id":95,"url_slug":96,"title":97,"description":98,"plugin_slug":4,"theme_slug":37,"affected_versions":79,"patched_in_version":80,"severity":53,"cvss_score":99,"cvss_vector":100,"vuln_type":56,"published_date":101,"updated_date":102,"references":103,"days_to_patch":105},"CVE-2024-1106","shariff-wrapper-authenticated-admin-stored-cross-site-scripting","Shariff Wrapper \u003C= 4.6.9 - Authenticated (Admin+) Stored Cross-Site Scripting","The Shariff Wrapper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 4.6.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.",4.4,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","2024-02-05 00:00:00","2024-02-08 14:06:09",[104],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F5ab9c383-14da-479d-9709-1ae154dae398?source=api-prod",4,{"slug":107,"display_name":7,"profile_url":8,"plugin_count":108,"total_installs":109,"avg_security_score":26,"avg_patch_time_days":110,"trust_score":111,"computed_at":112},"3uu",2,40010,40,78,"2026-04-04T04:19:43.085Z",[114,138,160,182,203],{"slug":115,"name":116,"version":117,"author":118,"author_profile":119,"description":120,"short_description":121,"active_installs":122,"downloaded":123,"rating":124,"num_ratings":125,"last_updated":126,"tested_up_to":127,"requires_at_least":128,"requires_php":129,"tags":130,"homepage":134,"download_link":135,"security_score":136,"vuln_count":73,"unpatched_count":28,"last_vuln_date":137,"fetched_at":30},"gdpr-cookie-compliance","GDPR Cookie Compliance – Cookie Banner, Cookie Consent, Cookie Notice for CCPA, EU Cookie Law","5.0.11","Moove Agency","https:\u002F\u002Fprofiles.wordpress.org\u002Fmooveagency\u002F","\u003Cp>\u003Cstrong>Prepare your website for cookie consent requirements related to GDPR, CCPA, DSGVO, EU cookie law and notice requirements with this incredibly powerful, easy-to-use, well supported and 100% free WordPress plugin.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Local Data Storage\u003C\u002Fstrong> – all user data is stored locally on your website only – we do not collect or store any of your user data on our servers\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Simple\u003C\u002Fstrong> to use — install & setup in seconds\u003C\u002Fli>\n\u003Cli>Give your users \u003Cstrong>full control\u003C\u002Fstrong> over cookies stored on their computer, including the ability for users to \u003Cstrong>revoke their consent\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>Direct integration of \u003Cstrong>GTM, Google Analytics, Meta Pixel, GTM4WP\u003C\u002Fstrong> and more\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Google Consent Mode v2\u003C\u002Fstrong> fully supported\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Fully customisable\u003C\u002Fstrong> – upload your own logo, colours, fonts\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Fully editable\u003C\u002Fstrong> – change all text\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Flexible\u003C\u002Fstrong> – decide which scripts will be loaded by default or only when the user gives consent\u003C\u002Fli>\n\u003Cli>\u003Cstrong>‘Accept’\u003C\u002Fstrong>, \u003Cstrong>‘Reject’\u003C\u002Fstrong>, ‘Close’ and ‘Settings’ buttons & you can also change their order\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Consent expiration\u003C\u002Fstrong> settings\u003C\u002Fli>\n\u003Cli>Link to \u003Cstrong>Privacy Policy\u003C\u002Fstrong> page\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Mobile responsive\u003C\u002Fstrong> design\u003C\u002Fli>\n\u003Cli>\u003Cstrong>SEO friendly\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Optimized for \u003Cstrong>WCAG & ADA\u003C\u002Fstrong> accessibility guidelines\u003C\u002Fli>\n\u003Cli>WPML, QTranslate, WP Multilang, TranslatePress and Polylang compatible, .pot file for translations included\u003C\u002Fli>\n\u003Cli>Supports all major \u003Cstrong>caching\u003C\u002Fstrong> servers and plugins\u003C\u002Fli>\n\u003Cli>Available in \u003Cstrong>22 languages\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Optimised for PHP 7 and PHP 8\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Premium Features Available\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Consent Log\u003C\u002Fstrong> – stores user consent information to prove that consent was given\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Geo-location\u003C\u002Fstrong> – the Cookie Consent Banner can be shown to visitors from the European Union or selected countries only (ie. Canada, California etc.)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Google Site Kit integration\u003C\u002Fstrong> – our plugin supports the Google Site Kit natively\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Cookie wall \u002F Full-screen layout\u003C\u002Fstrong> – if enabled, the Cookie Consent Banner will be display in a full screen mode, and force users to either accept or reject cookies before they can see your content\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Export & import settings\u003C\u002Fstrong> – transfer your custom settings between sites with ease\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WordPress Multisite features\u003C\u002Fstrong> – you can manage the plugin settings globally, and clone them from one site to another within your multi-site setup. You can also sync users consent between individual subsites on your multisite network\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Accept on Scroll \u002F Hide timer\u003C\u002Fstrong> – allow users to accept cookies by scrolling down the page OR by setting a timer (ie. Hide banner after 5 seconds)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Renew Consent\u003C\u002Fstrong> – ask users to renew their consent if there is a change in privacy or cookie policy on your site\u003C\u002Fli>\n\u003Cli>\u003Cstrong>iFrame Blocker\u003C\u002Fstrong> – blocks users from viewing 3rd party resources (such as Youtube) until they accept cookies\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Language Specific Scripts\u003C\u002Fstrong> – insert different Tag Manager Scripts for different languages, supports WPML and other language plugins\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Premium Shortcodes\u003C\u002Fstrong> that can be added to your ‘Privacy & Cookie Policy’ and allow your users to manage their consent with ease.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Hide Cookie Banner\u003C\u002Fstrong> allows you to hide the Cookie Notice Banner on selected pages\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Cookie Declaration\u003C\u002Fstrong> allows you to declare the exact type of cookies that your site uses, including the cookie name, provider, purpose and expiration\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Analytics\u003C\u002Fstrong> – stats and charts showing you how many users accepted your cookies (all anonymous)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Fast Premium Support\u003C\u002Fstrong> from our friendly team\u003C\u002Fli>\n\u003Cli>\u003Cstrong>12 months\u003C\u002Fstrong> of premium updates included\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.mooveagency.com\u002Fwordpress-plugins\u002Fgdpr-cookie-compliance\u002F\" rel=\"nofollow ugc\">Download Premium Add-on here\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Demo Video\u003C\u002Fh3>\n\u003Cp>You can view a demo of the plugin here:\u003C\u002Fp>\n\u003Cdiv class=\"embed-vimeo\" style=\"text-align: center;\">\u003Ciframe loading=\"lazy\" src=\"https:\u002F\u002Fplayer.vimeo.com\u002Fvideo\u002F255655268\" width=\"750\" height=\"422\" frameborder=\"0\" webkitallowfullscreen mozallowfullscreen allowfullscreen>\u003C\u002Fiframe>\u003C\u002Fdiv>\n\u003Ch3>Testimonials\u003C\u002Fh3>\n\u003Cp>★★★★★\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>“The only free GDPR plugin that actually works.” – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fthe-only-free-gdpr-plugin-that-actually-works\u002F\" rel=\"ugc\">Jamie\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>★★★★★\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>“One of the best GDPR implementation for WordPress.” – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fone-of-the-best-gdpr-implementation-for-wordpress\u002F\" rel=\"ugc\">webinvaders\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>★★★★★\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>“The best free solution for GDPR.” – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fthe-best-free-solution-for-the-gdpr\u002F\" rel=\"ugc\">Distrix\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>★★★★★\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>“Great plugin, great support. I’ve tried many, this is probably the best for multisite installations.” – \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fgreat-plugin-great-support-1157\u002F\" rel=\"ugc\">pattihis\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch3>Live Examples\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>You can choose to setup our cookie plugin in any way that you like. \u003C\u002Fli>\n\u003Cli>We have created the plugin with as much flexibility as possible as organisations interpret the Cookie Law and Cookie Consent Policy differently.\u003C\u002Fli>\n\u003Cli>A few examples of how you can setup our plugin in various ways are below:\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>OPTION A\u003C\u002Fstrong>\u003Cbr \u002F>\nNo cookies are stored on users’ computers until the user accepts cookies.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.mooveagency.com\u002Fwordpress-plugins\u002Fgdpr-cookie-compliance\u002F\" rel=\"nofollow ugc\">Example 1\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>OPTION B\u003C\u002Fstrong>\u003Cbr \u002F>\nThe ‘Full-Screen \u002F Cookie Wall’ option is used (a premium feature).\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.teneo.net\u002F\" rel=\"nofollow ugc\">Example 2\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>OTHER OPTIONS\u003C\u002Fstrong>\u003Cbr \u002F>\nThere are many other settings available that you can use to create your own unique Cookie Consent Banner and satisfy the Cookie Compliance Law – our plugin is very flexible.\u003C\u002Fp>\n\u003Ch3>Custom Layout\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>You can also create your own custom front-end layout.\u003C\u002Fli>\n\u003Cli>Simply copy the “gdpr-modules” folder from the plugin directory to your theme directory. \u003C\u002Fli>\n\u003Cli>If you do this, your changes will be retained even if you update the plugin in future. \u003C\u002Fli>\n\u003Cli>Any customisation should be implemented by experienced developers only.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Flexible\u003C\u002Fh3>\n\u003Cp>Our cookie plugin is very flexible and especially useful in preparing your site for the following cookie law, data protection and privacy regulations:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>GDPR\u003C\u002Fstrong>: The General Data Protection Regulation, ePrivacy Directive, ePrivacy Regulation (European Union)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>CCPA\u003C\u002Fstrong>: The California Consumer Privacy Act (California, United States)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>PECR\u003C\u002Fstrong>: The Privacy and Electronic Communications Regulations (UK)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>AAP\u003C\u002Fstrong>: Australia’s Privacy Principles (Australia)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>PIPEDA\u003C\u002Fstrong>: The Personal Information Protection and Electronic Documents Act (Canada) \u003C\u002Fli>\n\u003Cli>\u003Cstrong>LGPD\u003C\u002Fstrong>: The Brazilian General Data Protection Law (Brazil)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>VCDPA, CPRA, ICO, GPDP, DSGVO, BfDl, CNIL, AEPD, PDPB, DPA, PDPA, DPA, PDPA, TTDSG, POPIA , APA, ePrivacy, COPPA, CASL, Australian Privacy Principles, The Marco Civil Privacy Act 1988\u003C\u002Fstrong> and other cookie law, data protection and privacy regulations\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>About us\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.mooveagency.com\u002F\" rel=\"nofollow ugc\">Moove Agency\u003C\u002Fa> is a premium supplier of quality WordPress plugins, services and support. \u003Ca href=\"https:\u002F\u002Fwww.mooveagency.com\u002Fwordpress-plugins\u002F\" rel=\"nofollow ugc\">Visit our WordPress site\u003C\u002Fa> to learn more.\u003C\u002Fp>\n\u003Ch3>Disclaimer\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>THIS PLUGIN DOES NOT MAKE YOUR WEBSITE COMPLIANT. YOU ARE RESPONSIBLE FOR ENSURING THAT ALL COOKIE LAW REQUIREMENTS ARE MET ON YOUR WEBSITE.\u003C\u002Fli>\n\u003C\u002Ful>\n","Cookie notice banner for GDPR, CCPA, EU cookie law, data protection and privacy regulations and other cookie law and consent notice requirements on yo …",300000,12221542,92,204,"2026-02-02T13:03:00.000Z","6.9.4","4.5","6.4",[131,132,133,20,21],"ccpa","cookie-banner","cookie-consent","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgdpr-cookie-compliance\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgdpr-cookie-compliance.5.0.11.zip",97,"2025-02-23 00:00:00",{"slug":139,"name":140,"version":141,"author":142,"author_profile":143,"description":144,"short_description":145,"active_installs":122,"downloaded":146,"rating":147,"num_ratings":148,"last_updated":149,"tested_up_to":127,"requires_at_least":150,"requires_php":151,"tags":152,"homepage":156,"download_link":157,"security_score":158,"vuln_count":105,"unpatched_count":28,"last_vuln_date":159,"fetched_at":30},"host-webfonts-local","OMGF | GDPR\u002FDSGVO Compliant, Faster Google Fonts. Easy.","6.1.4","Daan van den Bergh","https:\u002F\u002Fprofiles.wordpress.org\u002Fdaanvandenbergh\u002F","\u003Cp>\u003Cstrong>OMGF can be downloaded for free without any paid subscription from \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fhost-webfonts-local\u002F\" rel=\"ugc\">the official WordPress repository\u003C\u002Fa>.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>How could using fonts via Google’s service possibly run afoul of GDPR? The fact of the matter is that, when a font is requested by the user’s browser, their IP is logged by Google and used for analytics.\u003Cbr \u002F>\n  — Lifehacker\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Cstrong>Leverage Browser Cache\u003C\u002Fstrong>, \u003Cstrong>reduce DNS lookups\u002Frequests\u003C\u002Fstrong>, \u003Cstrong>reduce Cumulative Layout Shift\u003C\u002Fstrong> and make your Google Fonts \u003Cstrong>100% GDPR compliant\u003C\u002Fstrong> with OMGF!\u003C\u002Fp>\n\u003Cp>OMGF is written with performance and user-friendliness in mind. It uses the Google Fonts API to automatically cache the fonts your theme and plugins use to \u003Cstrong>minimize DNS requests\u003C\u002Fstrong> and speed up your WordPress website.\u003C\u002Fp>\n\u003Ch4>How Does It Work?\u003C\u002Fh4>\n\u003Cp>After installing and configuring the plugin, OMGF will automatically start looking for Google Fonts whenever a page is requested on your website.\u003C\u002Fp>\n\u003Cp>All Google Fonts are listed in the \u003Cstrong>Optimize Local Fonts\u003C\u002Fstrong> section of OMGF’s settings screen. There, you can choose to:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cem>Preload\u003C\u002Fem> fonts to \u003Cstrong>reduce Cumulative Layout Shift\u003C\u002Fstrong> above the fold,\u003C\u002Fli>\n\u003Cli>\u003Cem>Unload\u003C\u002Fem> fonts that’re not used by you, your theme and\u002For plugins,\u003C\u002Fli>\n\u003Cli>Set a \u003Cem>Fallback Font Stack\u003C\u002Fem> (OMGF Pro required), to further \u003Cstrong>reduce Cumulative Layout Shift\u003C\u002Fstrong>, or\u003C\u002Fli>\n\u003Cli>\u003Cem>Replace\u003C\u002Fem> (OMGF Pro required) font-families with system fonts to \u003Cstrong>speed up loading times\u003C\u002Fstrong>!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Other Features include\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>The \u003Cstrong>integrated Google Fonts checker\u003C\u002Fstrong> notifies you if a plugin or your theme has added Google Fonts (e.g. after an update) it can’t process.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Variable Fonts\u003C\u002Fstrong> support,\u003C\u002Fli>\n\u003Cli>Automatically \u003Cstrong>Remove unused subsets\u003C\u002Fstrong> to reduce the size of the CSS stylesheet up to 90%!\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Remove Resource Hints\u003C\u002Fstrong> (preload, preconnect, dns-prefetch) pointing to \u003Ccode>fonts.googleapis.com\u003C\u002Fcode> or\u003Cbr \u002F>\n  fonts.gstatic.com,\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Ensure text remains visible during webfont load\u003C\u002Fstrong> by forcing the \u003Cem>font-display\u003C\u002Fem> attribute to your Google Fonts,\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Ensure text remains visible during webfont load\u003C\u002Fstrong> by forcing the \u003Cem>font-display\u003C\u002Fem> attribute to all your other fonts! (\u003Cbr \u002F>\nOMGF Pro required),\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Additional Features in OMGF Pro\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Run the \u003Cstrong>Google Fonts checker\u003C\u002Fstrong> in the frontend (for all users) to \u003Cstrong>organically check for present external Google Fonts\u003C\u002Fstrong> throughout your site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Smart Preload\u003C\u002Fstrong> automatically configures which fonts should be preloaded i.e., loaded early to reduce Cumulative Layout Shift, Largest Contentful Paint and \u003Ca href=\"https:\u002F\u002Fdaan.dev\u002Fblog\u002Fhow-to\u002Fensure-text-remains-visible-during-webfont-load\u002F\" rel=\"nofollow ugc\">Ensure Text Remains Visible During Webfont Load\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Automatically configures itself to make sure all externally hosted Google Fonts on your site are hosted locally. OMGF Pro supports:\n\u003Cul>\n\u003Cli>\u003Ccode>@font-face\u003C\u002Fcode> and \u003Ccode>@import\u003C\u002Fcode> statements inside \u003Cstrong>inline \u003Ccode>\u003Cstyle>\u003C\u002Fcode> blocks\u003C\u002Fstrong>,\u003C\u002Fli>\n\u003Cli>\u003Ccode>@font-face\u003C\u002Fcode> and \u003Ccode>@import\u003C\u002Fcode> statements inside \u003Cstrong>local stylesheets\u003C\u002Fstrong> loaded by e.g. your theme and\u002For plugins,\u003C\u002Fli>\n\u003Cli>\u003Ccode>@font-face\u003C\u002Fcode> and \u003Ccode>@import\u003C\u002Fcode> statements inside \u003Cstrong>externally hosted stylesheets\u003C\u002Fstrong> loaded by your theme and\u002For\u003Cbr \u002F>\nplugins,\u003C\u002Fli>\n\u003Cli>Web Font Loader (\u003Ccode>webfont.js\u003C\u002Fcode>),\u003C\u002Fli>\n\u003Cli>Async Google Fonts (loaded using JS)\u003C\u002Fli>\n\u003Cli>Material Icons.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multisite\u003C\u002Fstrong> and \u003Cstrong>WPML\u003C\u002Fstrong> support.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Whitelabel stylesheets\u003C\u002Fstrong>, which removes branding and comments from the stylesheets to further reduce the size.\u003C\u002Fli>\n\u003Cli>Modify your fonts’ \u003Ccode>src: url()\u003C\u002Fcode> attribute to fully integrate with your configuration,\n\u003Cul>\n\u003Cli>Use this to serve fonts and the stylesheets from your CDN, or\u003C\u002Fli>\n\u003Cli>To serve fonts from an alternative path (e.g. when you’re using Security through Obscurity plugins like WP Hide,\u003Cbr \u002F>\netc.), or\u003C\u002Fli>\n\u003Cli>Anything you like!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Developer Mode\u003C\u002Fstrong>, which allows you to easily migrate between Development, Staging\u002FTesting, Acceptance and Production\u003Cbr \u002F>\nenvironments.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cem>\u003Ca href=\"https:\u002F\u002Fdaan.dev\u002Fwordpress\u002Fomgf-pro\u002F\" rel=\"nofollow ugc\">Purchase OMGF Pro\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fdaan.dev\u002Fdocs\u002Fomgf-pro\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fdaan.dev\u002Fdocs\u002Fomgf-pro\u002Ftested-themes-plugins\u002F\" rel=\"nofollow ugc\">Tested Plugins & Themes\u003C\u002Fa>\u003C\u002Fem>\u003C\u002Fp>\n","OMGF automagically caches the Google Fonts used by your theme\u002Fplugins locally. No configuration (or brains) required!",9201522,94,211,"2026-02-23T18:53:00.000Z","5.9","7.3",[153,20,154,21,155],"cache","fonts","google","https:\u002F\u002Fdaan.dev\u002Fwordpress\u002Fomgf\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhost-webfonts-local.6.1.4.zip",96,"2024-01-02 00:00:00",{"slug":161,"name":162,"version":163,"author":164,"author_profile":165,"description":166,"short_description":167,"active_installs":168,"downloaded":169,"rating":170,"num_ratings":171,"last_updated":172,"tested_up_to":127,"requires_at_least":173,"requires_php":174,"tags":175,"homepage":179,"download_link":180,"security_score":181,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"disable-remove-google-fonts","Disable and Remove Google Fonts | GDPR & DSGVO friendly","1.8.2","fontsplugin","https:\u002F\u002Fprofiles.wordpress.org\u002Ffontsplugin\u002F","\u003Cp>Improve frontend performance by disabling \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Folympus-google-fonts\u002F\" rel=\"ugc\">Google Fonts\u003C\u002Fa> loaded by themes and plugins.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Looking to Host Google Fonts locally? Check out \u003Ca href=\"https:\u002F\u002Ffontsplugin.com\u002Fdrgf-upgrade\u002F\" rel=\"nofollow ugc\">Fonts Plugin Pro\u003C\u002Fa>.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>While this plugin removes Google Fonts from as many themes and plugins as possible, some require additional steps, we have detailed those here: \u003Ca href=\"https:\u002F\u002Ffontsplugin.com\u002Fremove-disable-google-fonts\u002F\" rel=\"nofollow ugc\">Remove Google Fonts from WordPress\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>After installing this plugin, clear your website cache and test your site using the free \u003Ca href=\"https:\u002F\u002Ffontsplugin.com\u002Fgoogle-fonts-checker\" rel=\"nofollow ugc\">Google Fonts Checker\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>New “Check Google Fonts” Feature\u003C\u002Fh4>\n\u003Cp>This plugin now includes a new “Check Google Fonts” feature. This feature allows you to check if Google Fonts are being loaded on your website. It does this by capturing the full HTML of the current page and checking for Google Fonts references.\u003C\u002Fp>\n\u003Cp>To use this feature, simply click the “Check Google Fonts” button in the admin bar. This will open a new window\u002Ftab with the results.\u003C\u002Fp>\n\u003Cp>The results will show you:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The number of Google Fonts that are being loaded\u003C\u002Fli>\n\u003Cli>The URLs of the Google Fonts that are being loaded\u003C\u002Fli>\n\u003Cli>The source of the Google Fonts that are being loaded\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Plugin Compatibility\u003C\u002Fh4>\n\u003Cp>This plugin will work with all WordPress themes and has been specifically tested with the following:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Twenty Twelve\u003C\u002Fli>\n\u003Cli>Twenty Thirteen\u003C\u002Fli>\n\u003Cli>Twenty Fourteen\u003C\u002Fli>\n\u003Cli>Twenty Fifteen\u003C\u002Fli>\n\u003Cli>Twenty Sixteen\u003C\u002Fli>\n\u003Cli>Twenty Seventeen\u003C\u002Fli>\n\u003Cli>Twenty Nineteen\u003C\u002Fli>\n\u003Cli>Twenty Twenty\u003C\u002Fli>\n\u003Cli>Twenty Twenty-One\u003C\u002Fli>\n\u003Cli>Twenty Twenty-Two\u003C\u002Fli>\n\u003Cli>Twenty Twenty-Three\u003C\u002Fli>\n\u003Cli>Twenty Twenty-Four\u003C\u002Fli>\n\u003Cli>Twenty Twenty-Five\u003C\u002Fli>\n\u003Cli>Acabado\u003C\u002Fli>\n\u003Cli>Avada\u003C\u002Fli>\n\u003Cli>Blocksy\u003C\u002Fli>\n\u003Cli>ColorMag\u003C\u002Fli>\n\u003Cli>Divi Extra\u003C\u002Fli>\n\u003Cli>Enfold\u003C\u002Fli>\n\u003Cli>GeneratePress\u003C\u002Fli>\n\u003Cli>Hestia\u003C\u002Fli>\n\u003Cli>Hueman\u003C\u002Fli>\n\u003Cli>JupiterX\u003C\u002Fli>\n\u003Cli>Kadence\u003C\u002Fli>\n\u003Cli>Neve\u003C\u002Fli>\n\u003Cli>OnePress\u003C\u002Fli>\n\u003Cli>Shapely\u003C\u002Fli>\n\u003Cli>Stackable\u003C\u002Fli>\n\u003Cli>Storefront\u003C\u002Fli>\n\u003Cli>Sydney\u003C\u002Fli>\n\u003Cli>Vantage\u003C\u002Fli>\n\u003Cli>Zerif Lite\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>It will also remove Google Fonts loaded by the following plugins:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Divi\u003C\u002Fli>\n\u003Cli>Redux\u003C\u002Fli>\n\u003Cli>MailPoet\u003C\u002Fli>\n\u003Cli>Elementor\u003C\u002Fli>\n\u003Cli>GroovyMenu\u003C\u002Fli>\n\u003Cli>Kadence Blocks\u003C\u002Fli>\n\u003Cli>Beaver Builder\u003C\u002Fli>\n\u003Cli>Revolution Slider\u003C\u002Fli>\n\u003Cli>Ajax Search Lite & Pro\u003C\u002Fli>\n\u003Cli>WPBakery (Visual Composer)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>As well as improving page load speed, removing Google Font references can also aid with GDPR and DSGVO compliance.\u003C\u002Fp>\n\u003Ch4>Bugs\u003C\u002Fh4>\n\u003Cp>If you find an issue with this plugin, please let us know \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fdisable-remove-google-fonts#new-post\" rel=\"ugc\">here\u003C\u002Fa>!\u003C\u002Fp>\n\u003Ch4>Contributions\u003C\u002Fh4>\n\u003Cp>Anyone is welcome to contribute to this plugin.\u003C\u002Fp>\n\u003Cp>There are various ways you can contribute:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Raise an \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fdisable-remove-google-fonts#new-post\" rel=\"ugc\">Issue\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Translate the Disable and Remove Google Fonts plugin into \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fdisable-remove-google-fonts\u002F\" rel=\"nofollow ugc\">different languages\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Provide feedback and suggestions on \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fdisable-remove-google-fonts#new-post\" rel=\"ugc\">enhancements\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Fol>\n","Improve frontend performance by disabling Google Fonts. GDPR and DSGVO friendly.",100000,2840912,90,46,"2026-01-19T16:05:00.000Z","4.8","",[176,20,21,177,178],"disable-google-fonts","google-fonts","optimize","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdisable-remove-google-fonts\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-remove-google-fonts.1.8.2.zip",100,{"slug":183,"name":184,"version":185,"author":186,"author_profile":187,"description":188,"short_description":189,"active_installs":168,"downloaded":190,"rating":13,"num_ratings":191,"last_updated":192,"tested_up_to":193,"requires_at_least":194,"requires_php":18,"tags":195,"homepage":200,"download_link":201,"security_score":158,"vuln_count":61,"unpatched_count":28,"last_vuln_date":202,"fetched_at":30},"social-icons-widget-by-wpzoom","Social Icons Widget & Block – Social Media Icons & Share Buttons","4.5.9","WPZOOM","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpzoom\u002F","\u003Ch4>Social Media Icons & Share Buttons for WordPress\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>The best social icons plugin for WordPress.\u003C\u002Fstrong> Add beautiful social media icons and share buttons anywhere on your site. 400+ icons, Gutenberg block, widget, Elementor support – all in one plugin.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>Did you find this plugin helpful? Please consider \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fview\u002Fplugin-reviews\u002Fsocial-icons-widget-by-wpzoom\" rel=\"ugc\">leaving a 5-star review\u003C\u002Fa>.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fdemo.wpzoom.com\u002Fsocial-icons\u002F\" rel=\"nofollow ugc\">Social Icons Block Demo\u003C\u002Fa>\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fdemo.wpzoom.com\u002Fsocial-icons\u002F2016\u002F04\u002F21\u002Fsharing-buttons\u002F\" rel=\"nofollow ugc\">Sharing Buttons Demo\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Social Icons & Sharing Buttons\u003C\u002Fstrong> helps you to add social media icons and sharing buttons to your website. The plugin includes several icon sets, which gives you the possibility to use the widget for more than just linking to your social media profiles. You can use generic icons to add links to anything you want, and enable sharing buttons to let visitors share your content across social networks.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>With the help of WPZOOM’s excellent Social Icons Widget plugin, you can link to all your social network profiles and add sharing buttons in no time, letting your visitors easily get in touch with you on all social media channels and share your content.\u003Cbr \u002F>\n  ⭐️⭐️⭐️⭐️⭐️\u003Cbr \u002F>\n  WPKlik\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>What’s new in 4.5.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>NEW: Social Sharing Buttons Block\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>NEW: Add Social Sharing Buttons in posts and pages\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>What’s new in 4.4.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>NEW: Add SVG Icons in the Social Icons Block\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>What’s new in 4.0.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>NEW: Gutenberg Block\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>New icon styles in the new Social Icons Block\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Where I can view a Demo?\u003C\u002Fh4>\n\u003Cp>You can view the plugin live in all our themes at \u003Ca href=\"https:\u002F\u002Fwww.wpzoom.com\u002Fthemes\u002F\" rel=\"nofollow ugc\">WPZOOM\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>View Demo & Examples\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdemo.wpzoom.com\u002F?theme=foodica\" rel=\"nofollow ugc\">Foodica Theme\u003C\u002Fa> – header bar and sidebar\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdemo.wpzoom.com\u002Finspiro\" rel=\"nofollow ugc\">Inspiro Theme\u003C\u002Fa> – sidebar panel and footer\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Features:\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Social Icons Block:\u003C\u002Fstrong>\u003Cbr \u002F>\n* SVG Icons Support – Upload custom SVG icons\u003Cbr \u002F>\n* 400+ Custom Icons from 5 Icon Sets\u003Cbr \u002F>\n* Gutenberg Block with Live Preview\u003Cbr \u002F>\n* Drag & Drop Icons with Sortable Arrows\u003Cbr \u002F>\n* Color Picker for Each Icon\u003Cbr \u002F>\n* Search by Keywords\u003Cbr \u002F>\n* Adjust Icon Size & Padding\u003Cbr \u002F>\n* Multiple Styles: Icon Shape and Icon with Background\u003Cbr \u002F>\n* 3 Background Styles: Rounded Corners, Round, Square\u003Cbr \u002F>\n* Icon Sets + Shortcodes\u003Cbr \u002F>\n* Elementor Widget Integration\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Social Sharing Buttons Block:\u003C\u002Fstrong>\u003Cbr \u002F>\n* 12+ Sharing Platforms: Facebook, X, Threads, LinkedIn, Pinterest, Reddit, Telegram, WhatsApp, Bluesky, Email, Copy Link, and Print\u003Cbr \u002F>\n* Multiple Button Styles: Circle, Square, Rounded, Outlined, Minimal, One-tone\u003Cbr \u002F>\n* Customizable Colors, Sizes, Padding & Margins\u003Cbr \u002F>\n* Show\u002FHide Labels\u003Cbr \u002F>\n* Print Button to Trigger Browser Print Dialog\u003Cbr \u002F>\n* Copy Link Button with Visual Feedback\u003Cbr \u002F>\n* X\u002FTwitter Username Integration (via parameter)\u003C\u002Fp>\n\u003Ch4>PRO Features\u003C\u002Fh4>\n\u003Cp>Upgrade to \u003Ca href=\"https:\u002F\u002Fwww.wpzoom.com\u002Fplugins\u002Fsocial-share\u002F\" rel=\"nofollow ugc\">Social Icons Widget PRO\u003C\u002Fa> to unlock powerful features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Floating Buttons\u003C\u002Fstrong> – Display social sharing icons as a fixed floating bar on the side of your website (NEW!)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Share Analytics Dashboard\u003C\u002Fstrong> – Track how visitors share your content with detailed analytics\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Like Button\u003C\u002Fstrong> – Add a like button to let visitors engage with your posts\u003C\u002Fli>\n\u003Cli>\u003Cstrong>AI Share Buttons\u003C\u002Fstrong> – Share to ChatGPT, Claude, and Perplexity AI platforms\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Share Counts\u003C\u002Fstrong> – Display total and individual share counts on buttons\u003C\u002Fli>\n\u003Cli>\u003Cstrong>External Share Counts\u003C\u002Fstrong> – Fetch real share counts from Facebook, Pinterest via SharedCount API\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom SVG Icon Uploads\u003C\u002Fstrong> – Upload your own custom SVG icons\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Nav Menu Integration\u003C\u002Fstrong> – Add social icons directly to WordPress navigation menus\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Dashboard Widget\u003C\u002Fstrong> – Quick stats overview right on your WordPress dashboard\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Priority Support\u003C\u002Fstrong> – Get help faster with priority email support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.wpzoom.com\u002Fplugins\u002Fsocial-share\u002F\" rel=\"nofollow ugc\">Learn more about PRO \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan>\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>General Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n* 100+ Sites\u002FSocial Networks Supported\u003Cbr \u002F>\n* FontAwesome Integration\u003Cbr \u002F>\n* Academicons Integration: 38 Academia Icons for Academics\u003Cbr \u002F>\n* Supports Email Addresses (mailto:email@example.com)\u003Cbr \u002F>\n* Supports Telephone Numbers (tel:12345)\u003Cbr \u002F>\n* Supports Viber (viber:\u002F\u002Fadd?number=123456)\u003Cbr \u002F>\n* Supports WhatsApp (https:\u002F\u002Fapi.whatsapp.com\u002Fsend?phone=15551234567)\u003C\u002Fp>\n\u003Ch4>Icons\u003C\u002Fh4>\n\u003Cp>Twitter, X, Facebook, Instagram, Pinterest, Snapchat, Threads, Yelp, LinkedIn, Bloglovin’, Lookbook, Feedly, Periscope, SoundCloud, Spotify, Last.fm, YouTube, Vimeo, Flickr, 500px, Tumblr, Blogger, Reddit, Dribbble, Envato, Behance, DeviantArt, GitHub, RSS, Disqus, Stackoverflow, Komoot, Tiktok, Mailchimp, Podcasts, Telegram, TripAdvisor, AirBnb, Baidu, ebay, Medium, Periscope, Snapchat, Bandcamp, Eyem, Viber, Quora, Etsy, Meetup, Linode, IMDB, Overwatch, Strava, Tidal, Deezer, Unsplash, Codered, Udemy, CrunchBase, Angie’s List, App Store, Nextdoor, WhatsApp, ResearchGate, Slack, Songkick, ReverbNation, Bluesky\u003C\u002Fp>\n\u003Ch4>Credits\u003C\u002Fh4>\n\u003Cp>Some Social Icons are provided by the Socicon icon font.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fjpswalsh.github.io\u002Facademicons\u002F\" rel=\"nofollow ugc\">Academicons\u003C\u002Fa> are provided by James Walsh.\u003C\u002Fp>\n\u003Ch4>GDPR COMPLIANCE\u003C\u002Fh4>\n\u003Cp>Social Icons & Sharing Buttons does not collect any information from your visitors, therefore it’s \u003Cstrong>100% GDPR compliant\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Ch4>Get Involved\u003C\u002Fh4>\n\u003Cp>Looking to contribute code to this plugin? Go ahead and \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwpzoom\u002Fsocial-icons-widget\u002F\" rel=\"nofollow ugc\">fork the repository over at GitHub\u003C\u002Fa>.\u003C\u002Fp>\n","Social media icons plugin for WordPress - Add 400+ social icons and share buttons. Gutenberg block, widget & Elementor support. GDPR compliant.",3727901,143,"2026-03-12T19:31:00.000Z","7.0","6.5",[22,196,197,198,199],"social-icons","social-media-icons","social-media-widget","social-sharing","https:\u002F\u002Fwww.wpzoom.com\u002Fplugins\u002Fsocial-share\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsocial-icons-widget-by-wpzoom.4.5.9.zip","2026-03-12 20:38:20",{"slug":204,"name":205,"version":206,"author":207,"author_profile":208,"description":209,"short_description":210,"active_installs":211,"downloaded":212,"rating":158,"num_ratings":110,"last_updated":213,"tested_up_to":214,"requires_at_least":215,"requires_php":216,"tags":217,"homepage":174,"download_link":219,"security_score":220,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"selfhost-google-fonts","Self-Hosted Google Fonts","1.0.1","asadkn","https:\u002F\u002Fprofiles.wordpress.org\u002Fasadkn\u002F","\u003Cp>An easy way to self-host all your Google Fonts for increased Privacy or to meet a law requirement.\u003Cbr \u002F>\nTheme and plugin authors are often unwilling to offer a self-hosted method and it’s quite laborious to download and upload each of the required font.\u003C\u002Fp>\n\u003Cp>This plugin makes it all easy. It will scan all CSS on your site and automagically download and host on your server the necessary Google Web Fonts.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>How it works:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Converts all Google Font enqueues to locally hosted CSS files.\u003C\u002Fli>\n\u003Cli>Scans and converts any inline style tags using @imports for fonts.\u003C\u002Fli>\n\u003Cli>Processes all the local CSS files that weren’t properly enqueued (bad authors?).\u003C\u002Fli>\n\u003Cli>While doing so, downloads all the required Google Fonts to your server.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Automatic self-hosted fonts with no effort.\u003C\u002Fli>\n\u003Cli>Compatible with all themes and plugins.\u003C\u002Fli>\n\u003Cli>Supports IE9+ and all modern browsers.\u003C\u002Fli>\n\u003Cli>Optimized code benchmarked for performance.\u003C\u002Fli>\n\u003Cli>Built-in cache for processing.\u003C\u002Fli>\n\u003Cli>Compatible with cache plugins and Autoptimize.\u003C\u002Fli>\n\u003Cli>API and hooks for theme & plugin authors.\u003C\u002Fli>\n\u003Cli>Uses unicode-range for optimized fonts when using multiple subsets. Google officially does this too, but other solutions for downloading fonts don’t support this.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Dev Notes\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cem>Cache\u003C\u002Fem>: The most common reason for a failure. If you have a cache plugin, clear the caches.\u003C\u002Fp>\n\u003Cp>It will not work with JS solutions like WebFont Loader. If you’re a developer, you can still use this plugin’s API to get the needed CSS and files to convert your WebFont Loader. I will post instructions on support forums if there’s interest.\u003C\u002Fp>\n","Automatically self-host all the Google Fonts on your site. Plug and play.",30000,152694,"2018-06-15T05:34:00.000Z","4.9.29","4.0","5.4",[20,21,177,218],"typography","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fselfhost-google-fonts.zip",85,{"attackSurface":222,"codeSignals":366,"taintFlows":796,"riskAssessment":825,"analyzedAt":840},{"hooks":223,"ajaxHandlers":345,"restRoutes":346,"shortcodes":355,"cronEvents":363,"entryPointCount":61,"unprotectedCount":47},[224,230,234,238,242,247,250,254,259,264,269,273,276,279,282,286,290,293,297,301,305,309,313,317,321,325,329,333,337,341],{"type":225,"name":226,"callback":227,"file":228,"line":229},"action","admin_menu","shariff3uu_add_admin_menu","admin\\admin-menu.php",19,{"type":225,"name":231,"callback":232,"file":228,"line":233},"admin_init","shariff3uu_options_init",20,{"type":225,"name":235,"callback":236,"file":228,"line":237},"init","shariff_init_locale",21,{"type":225,"name":239,"callback":240,"file":228,"line":241},"admin_enqueue_scripts","shariff3uu_admin_style",42,{"type":225,"name":243,"callback":244,"file":245,"line":246},"load-post.php","shariff3uu_metabox_setup","admin\\admin-metabox.php",15,{"type":225,"name":248,"callback":244,"file":245,"line":249},"load-post-new.php",16,{"type":225,"name":251,"callback":252,"file":245,"line":253},"add_meta_boxes","shariff3uu_add_metabox",22,{"type":225,"name":255,"callback":256,"priority":257,"file":245,"line":258},"save_post","shariff3uu_save_metabox_data",10,162,{"type":225,"name":260,"callback":261,"file":262,"line":263},"admin_notices","shariff3uu_service_notice","admin\\admin-notices.php",51,{"type":225,"name":265,"callback":266,"file":267,"line":268},"widgets_init","register","includes\\class-shariff-widget.php",179,{"type":225,"name":231,"callback":270,"file":271,"line":272},"shariff3uu_update","shariff.php",53,{"type":225,"name":274,"callback":270,"file":271,"line":275},"cli_init",55,{"type":225,"name":231,"callback":277,"file":271,"line":278},"shariff3uu_privacy",73,{"type":225,"name":235,"callback":280,"file":271,"line":281},"shariff3uu_include_metabox",157,{"type":283,"name":284,"callback":285,"priority":257,"file":271,"line":268},"filter","plugin_row_meta","shariff3uu_meta_links",{"type":225,"name":287,"callback":288,"file":271,"line":289},"rest_api_init","shariff3uu_sanitize_api",217,{"type":225,"name":291,"callback":291,"file":271,"line":292},"shariff3uu_fill_cache",513,{"type":225,"name":294,"callback":295,"file":271,"line":296},"shariff3uu_save_statistic_options","shariff3uu_fill_cache_schedule",536,{"type":283,"name":298,"callback":299,"file":271,"line":300},"cron_schedules","shariff3uu_fill_cache_schedule_custom_recurrence",555,{"type":283,"name":302,"callback":303,"file":271,"line":304},"the_content","shariff3uu_posts",654,{"type":283,"name":306,"callback":307,"file":271,"line":308},"the_excerpt","shariff3uu_excerpt",680,{"type":283,"name":302,"callback":310,"priority":311,"file":271,"line":312},"shariff3uu_hideshariff",999,695,{"type":283,"name":314,"callback":315,"priority":311,"file":271,"line":316},"the_content_feed","shariff3uu_remove_from_rss",709,{"type":225,"name":318,"callback":319,"file":271,"line":320},"bbp_template_after_forums_loop","shariff3uu_bbp_add_shariff_after_forum",722,{"type":225,"name":322,"callback":323,"file":271,"line":324},"bbp_template_after_topics_loop","shariff3uu_bbp_add_shariff_after_topic",735,{"type":225,"name":326,"callback":327,"file":271,"line":328},"bbp_theme_after_reply_content","shariff3uu_bbp_add_shariff_after_reply",748,{"type":225,"name":330,"callback":331,"file":271,"line":332},"bbp_template_before_forums_loop","shariff3uu_bbp_add_shariff_before_forum",761,{"type":225,"name":334,"callback":335,"file":271,"line":336},"bbp_template_before_topics_loop","shariff3uu_bbp_add_shariff_before_topic",774,{"type":225,"name":338,"callback":339,"file":271,"line":340},"bbp_theme_before_reply_content","shariff3uu_bbp_add_shariff_before_reply",787,{"type":225,"name":342,"callback":343,"file":271,"line":344},"amp_post_template_css","shariff3uu_amp_css",856,[],[347],{"namespace":348,"route":349,"methods":350,"callback":352,"permissionCallback":353,"file":271,"line":354},"shariff\u002Fv1","\u002Fshare_counts",[351],"GET","shariff3uu_share_counts","__return_true",190,[356,359],{"tag":4,"callback":357,"file":271,"line":358},"shariff3uu_render",859,{"tag":360,"callback":361,"file":271,"line":362},"shariffmeta","shariff3uu_meta",1557,[364],{"hook":291,"callback":291,"file":271,"line":365},526,{"dangerousFunctions":367,"sqlUsage":368,"outputEscaping":394,"fileOperations":792,"externalRequests":793,"nonceChecks":47,"capabilityChecks":794,"bundledLibraries":795},[],{"prepared":28,"raw":257,"locations":369},[370,373,375,379,381,383,386,388,390,392],{"file":271,"line":371,"context":372},1607,"$wpdb->query() with variable interpolation",{"file":271,"line":374,"context":372},1608,{"file":376,"line":377,"context":378},"uninstall.php",17,"$wpdb->get_results() with variable interpolation",{"file":376,"line":380,"context":372},75,{"file":376,"line":382,"context":372},76,{"file":384,"line":385,"context":378},"updates.php",142,{"file":384,"line":387,"context":378},232,{"file":384,"line":389,"context":378},317,{"file":384,"line":391,"context":372},343,{"file":384,"line":393,"context":372},344,{"escaped":395,"rawEcho":396,"locations":397},257,198,[398,401,403,405,407,409,411,413,415,417,419,421,423,425,427,429,431,433,435,437,439,441,443,445,447,449,451,453,455,457,459,461,463,465,467,469,471,473,475,477,479,481,483,485,487,489,491,493,495,497,499,501,503,505,507,509,511,513,515,517,519,521,523,525,527,529,531,533,535,537,539,541,543,545,547,549,551,553,555,557,559,561,563,565,567,569,571,573,575,577,579,581,583,585,587,589,591,593,595,597,599,601,603,605,607,609,611,613,615,617,619,621,623,625,627,629,631,633,635,637,639,641,643,645,647,649,651,653,655,657,659,661,663,665,667,669,671,673,675,677,679,681,683,685,687,689,691,693,695,697,699,701,703,705,707,709,711,713,715,717,719,721,722,724,726,728,730,732,734,736,738,740,742,744,745,747,749,750,751,753,755,758,760,762,764,766,768,770,772,774,776,778,780,782,784,786,788,790],{"file":228,"line":399,"context":400},858,"raw output",{"file":228,"line":402,"context":400},868,{"file":228,"line":404,"context":400},870,{"file":228,"line":406,"context":400},875,{"file":228,"line":408,"context":400},877,{"file":228,"line":410,"context":400},882,{"file":228,"line":412,"context":400},884,{"file":228,"line":414,"context":400},889,{"file":228,"line":416,"context":400},891,{"file":228,"line":418,"context":400},918,{"file":228,"line":420,"context":400},920,{"file":228,"line":422,"context":400},925,{"file":228,"line":424,"context":400},927,{"file":228,"line":426,"context":400},932,{"file":228,"line":428,"context":400},934,{"file":228,"line":430,"context":400},939,{"file":228,"line":432,"context":400},941,{"file":228,"line":434,"context":400},967,{"file":228,"line":436,"context":400},978,{"file":228,"line":438,"context":400},992,{"file":228,"line":440,"context":400},993,{"file":228,"line":442,"context":400},1041,{"file":228,"line":444,"context":400},1076,{"file":228,"line":446,"context":400},1090,{"file":228,"line":448,"context":400},1109,{"file":228,"line":450,"context":400},1110,{"file":228,"line":452,"context":400},1111,{"file":228,"line":454,"context":400},1120,{"file":228,"line":456,"context":400},1135,{"file":228,"line":458,"context":400},1169,{"file":228,"line":460,"context":400},1182,{"file":228,"line":462,"context":400},1183,{"file":228,"line":464,"context":400},1184,{"file":228,"line":466,"context":400},1195,{"file":228,"line":468,"context":400},1196,{"file":228,"line":470,"context":400},1197,{"file":228,"line":472,"context":400},1209,{"file":228,"line":474,"context":400},1211,{"file":228,"line":476,"context":400},1213,{"file":228,"line":478,"context":400},1215,{"file":228,"line":480,"context":400},1228,{"file":228,"line":482,"context":400},1230,{"file":228,"line":484,"context":400},1243,{"file":228,"line":486,"context":400},1255,{"file":228,"line":488,"context":400},1264,{"file":228,"line":490,"context":400},1275,{"file":228,"line":492,"context":400},1326,{"file":228,"line":494,"context":400},1338,{"file":228,"line":496,"context":400},1350,{"file":228,"line":498,"context":400},1362,{"file":228,"line":500,"context":400},1374,{"file":228,"line":502,"context":400},1398,{"file":228,"line":504,"context":400},1434,{"file":228,"line":506,"context":400},1443,{"file":228,"line":508,"context":400},1458,{"file":228,"line":510,"context":400},1467,{"file":228,"line":512,"context":400},1478,{"file":228,"line":514,"context":400},1482,{"file":228,"line":516,"context":400},1484,{"file":228,"line":518,"context":400},1496,{"file":228,"line":520,"context":400},1500,{"file":228,"line":522,"context":400},1512,{"file":228,"line":524,"context":400},1517,{"file":228,"line":526,"context":400},1527,{"file":228,"line":528,"context":400},1550,{"file":228,"line":530,"context":400},1597,{"file":228,"line":532,"context":400},1613,{"file":228,"line":534,"context":400},1638,{"file":228,"line":536,"context":400},1647,{"file":228,"line":538,"context":400},1650,{"file":228,"line":540,"context":400},1659,{"file":228,"line":542,"context":400},1735,{"file":228,"line":544,"context":400},1736,{"file":228,"line":546,"context":400},1737,{"file":228,"line":548,"context":400},1738,{"file":228,"line":550,"context":400},1739,{"file":228,"line":552,"context":400},1747,{"file":228,"line":554,"context":400},1755,{"file":228,"line":556,"context":400},1763,{"file":228,"line":558,"context":400},1771,{"file":228,"line":560,"context":400},1779,{"file":228,"line":562,"context":400},1787,{"file":228,"line":564,"context":400},1795,{"file":228,"line":566,"context":400},1803,{"file":228,"line":568,"context":400},1811,{"file":228,"line":570,"context":400},1819,{"file":228,"line":572,"context":400},1825,{"file":228,"line":574,"context":400},1827,{"file":228,"line":576,"context":400},1834,{"file":228,"line":578,"context":400},1835,{"file":228,"line":580,"context":400},1843,{"file":228,"line":582,"context":400},1851,{"file":228,"line":584,"context":400},1859,{"file":228,"line":586,"context":400},1866,{"file":228,"line":588,"context":400},1874,{"file":228,"line":590,"context":400},1882,{"file":228,"line":592,"context":400},1890,{"file":228,"line":594,"context":400},1898,{"file":228,"line":596,"context":400},1906,{"file":228,"line":598,"context":400},1912,{"file":228,"line":600,"context":400},1914,{"file":228,"line":602,"context":400},1922,{"file":228,"line":604,"context":400},1928,{"file":228,"line":606,"context":400},1929,{"file":228,"line":608,"context":400},1930,{"file":228,"line":610,"context":400},1936,{"file":228,"line":612,"context":400},1938,{"file":228,"line":614,"context":400},1944,{"file":228,"line":616,"context":400},1945,{"file":228,"line":618,"context":400},1946,{"file":228,"line":620,"context":400},1952,{"file":228,"line":622,"context":400},1954,{"file":228,"line":624,"context":400},1962,{"file":228,"line":626,"context":400},1980,{"file":228,"line":628,"context":400},1986,{"file":228,"line":630,"context":400},2016,{"file":228,"line":632,"context":400},2017,{"file":228,"line":634,"context":400},2019,{"file":228,"line":636,"context":400},2020,{"file":228,"line":638,"context":400},2022,{"file":228,"line":640,"context":400},2023,{"file":228,"line":642,"context":400},2040,{"file":228,"line":644,"context":400},2042,{"file":228,"line":646,"context":400},2044,{"file":228,"line":648,"context":400},2045,{"file":228,"line":650,"context":400},2047,{"file":228,"line":652,"context":400},2049,{"file":228,"line":654,"context":400},2052,{"file":228,"line":656,"context":400},2066,{"file":228,"line":658,"context":400},2072,{"file":228,"line":660,"context":400},2079,{"file":228,"line":662,"context":400},2080,{"file":228,"line":664,"context":400},2165,{"file":228,"line":666,"context":400},2172,{"file":228,"line":668,"context":400},2174,{"file":228,"line":670,"context":400},2182,{"file":228,"line":672,"context":400},2183,{"file":228,"line":674,"context":400},2184,{"file":228,"line":676,"context":400},2185,{"file":228,"line":678,"context":400},2189,{"file":228,"line":680,"context":400},2286,{"file":228,"line":682,"context":400},2288,{"file":228,"line":684,"context":400},2296,{"file":228,"line":686,"context":400},2297,{"file":228,"line":688,"context":400},2298,{"file":228,"line":690,"context":400},2299,{"file":228,"line":692,"context":400},2303,{"file":228,"line":694,"context":400},2400,{"file":228,"line":696,"context":400},2402,{"file":228,"line":698,"context":400},2411,{"file":228,"line":700,"context":400},2412,{"file":228,"line":702,"context":400},2413,{"file":228,"line":704,"context":400},2414,{"file":228,"line":706,"context":400},2418,{"file":228,"line":708,"context":400},2480,{"file":228,"line":710,"context":400},2486,{"file":228,"line":712,"context":400},2492,{"file":228,"line":714,"context":400},2498,{"file":228,"line":716,"context":400},2504,{"file":228,"line":718,"context":400},2510,{"file":228,"line":720,"context":400},2516,{"file":245,"line":263,"context":400},{"file":245,"line":723,"context":400},54,{"file":245,"line":725,"context":400},57,{"file":245,"line":727,"context":400},63,{"file":245,"line":729,"context":400},67,{"file":245,"line":731,"context":400},70,{"file":245,"line":733,"context":400},74,{"file":245,"line":735,"context":400},77,{"file":245,"line":737,"context":400},83,{"file":245,"line":739,"context":400},84,{"file":245,"line":741,"context":400},89,{"file":245,"line":743,"context":400},95,{"file":245,"line":13,"context":400},{"file":245,"line":746,"context":400},101,{"file":748,"line":377,"context":400},"bitcoin.php",{"file":267,"line":275,"context":400},{"file":267,"line":725,"context":400},{"file":267,"line":752,"context":400},61,{"file":267,"line":754,"context":400},172,{"file":756,"line":757,"context":400},"includes\\phpqrcode.php",254,{"file":756,"line":759,"context":400},286,{"file":756,"line":761,"context":400},295,{"file":756,"line":763,"context":400},309,{"file":756,"line":765,"context":400},829,{"file":756,"line":767,"context":400},861,{"file":756,"line":769,"context":400},3448,{"file":756,"line":771,"context":400},3454,{"file":756,"line":773,"context":400},3558,{"file":756,"line":775,"context":400},3564,{"file":271,"line":777,"context":400},719,{"file":271,"line":779,"context":400},732,{"file":271,"line":781,"context":400},745,{"file":271,"line":783,"context":400},758,{"file":271,"line":785,"context":400},771,{"file":271,"line":787,"context":400},784,{"file":271,"line":789,"context":400},815,{"file":271,"line":791,"context":400},818,14,8,7,[],[797,815],{"entryPoint":798,"graph":799,"unsanitizedCount":47,"severity":814},"\u003Cbitcoin> (bitcoin.php:0)",{"nodes":800,"edges":811},[801,806],{"id":802,"type":803,"label":804,"file":748,"line":805},"n0","source","$_GET",12,{"id":807,"type":808,"label":809,"file":748,"line":377,"wp_function":810},"n1","sink","echo() [XSS]","echo",[812],{"from":802,"to":807,"sanitized":813},false,"low",{"entryPoint":816,"graph":817,"unsanitizedCount":47,"severity":814},"\u003Cclass-shariff-widget> (includes\\class-shariff-widget.php:0)",{"nodes":818,"edges":823},[819,822],{"id":802,"type":803,"label":820,"file":267,"line":821},"$_SERVER",135,{"id":807,"type":808,"label":809,"file":267,"line":754,"wp_function":810},[824],{"from":802,"to":807,"sanitized":813},{"summary":826,"deductions":827},"The Shariff plugin v4.6.15 presents a mixed security posture. While it demonstrates some good practices like a reasonable number of capability checks and a lack of dangerous functions, several concerning areas warrant attention. The static analysis reveals a significant portion of SQL queries are not using prepared statements, which is a common vector for SQL injection vulnerabilities. Furthermore, the presence of unsanitized paths in taint analysis, even if not reaching critical severity, suggests a potential for path traversal issues.  The plugin's history of six known CVEs, including one critical and five medium, is a significant red flag. The common vulnerability types highlight a recurring pattern of weaknesses in input sanitization and path handling, indicating a need for more robust security measures in these areas. The most recent vulnerability being in 2024 suggests that these issues are actively being discovered and exploited, and while currently unpatched CVEs are zero, the historical trend is worrying.\n\nDespite the positive aspects, the historical vulnerability data and specific code signals like the lack of prepared statements for SQL queries are the most critical indicators of risk. The attack surface is relatively small, with only one unprotected entry point (a REST API route without permission callbacks), which is a good sign, but the historical trend of vulnerabilities, particularly those related to path traversal and XSS, demands a cautious approach. The plugin's strengths lie in its relatively limited attack surface and absence of inherently dangerous functions, but these are overshadowed by past security failures and ongoing coding concerns.",[828,830,832,834,836,838],{"reason":829,"points":257},"SQL queries not using prepared statements",{"reason":831,"points":257},"Unsanitized paths in taint flows",{"reason":833,"points":793},"REST API route without permission callback",{"reason":835,"points":246},"Historical critical CVE",{"reason":837,"points":257},"Historical medium CVEs (5)",{"reason":839,"points":27},"Output escaping at 56%","2026-03-16T17:21:46.933Z",{"wat":842,"direct":855},{"assetPaths":843,"generatorPatterns":848,"scriptPaths":849,"versionParams":850},[844,845,846,847],"\u002Fwp-content\u002Fplugins\u002Fshariff\u002Fassets\u002Fcss\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Fshariff\u002Fassets\u002Fcss\u002Ffrontend.css","\u002Fwp-content\u002Fplugins\u002Fshariff\u002Fassets\u002Fjs\u002Ffrontend.js","\u002Fwp-content\u002Fplugins\u002Fshariff\u002Fassets\u002Fjs\u002Fservice.js",[],[846,847],[851,852,853,854],"shariff\u002Fassets\u002Fcss\u002Fadmin.css?ver=","shariff\u002Fassets\u002Fcss\u002Ffrontend.css?ver=","shariff\u002Fassets\u002Fjs\u002Ffrontend.js?ver=","shariff\u002Fassets\u002Fjs\u002Fservice.js?ver=",{"cssClasses":856,"htmlComments":861,"htmlAttributes":866,"restEndpoints":872,"jsGlobals":874,"shortcodeOutput":877},[857,858,859,860],"shariff-wrapper","shariff-buttons","shariff-count","shariff-social-button",[862,863,864,865],"\u003C!-- Begin Mailchimp Signup Form -->","\u003C!-- End Mailchimp Signup Form -->","\u003C!-- BEGIN: shariff-wrapper -->","\u003C!-- END: shariff-wrapper -->",[867,868,869,870,871],"data-url","data-services","data-theme","data-orientation","data-backend-url",[873],"\u002Fwp-json\u002Fshariff\u002Fv1\u002Fshare_counts",[875,876],"shariff_options","shariff_services",[878],"[shariff]"]