[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$faMqON9kcnpxyxR3TJ8ViHI1amYX9ndYWywspxwlIA6U":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":37,"analysis":127,"fingerprints":213},"simple-open-graph","Simple Open Graph","2.4","PcFrk256","https:\u002F\u002Fprofiles.wordpress.org\u002Fpcfrk256\u002F","\u003Cp>Simple Open Graph adds Open Graph meta data to the header. It’s simple. Activate it and forget about it.\u003C\u002Fp>\n","Simple Open Graph adds Open Graph meta data to the header",10,6494,100,1,"2015-03-06T19:45:00.000Z","4.1.42","3.0","",[20,21,22,23,24],"facebook","metadata","ogp","open-graph","opengraph","http:\u002F\u002Fispeakl33t.com\u002Fopengraph","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-open-graph.2.4.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":14,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"pcfrk256",30,84,"2026-04-04T06:04:04.033Z",[38,58,78,94,110],{"slug":24,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":18,"tags":52,"homepage":54,"download_link":55,"security_score":56,"vuln_count":14,"unpatched_count":28,"last_vuln_date":57,"fetched_at":30},"Open Graph","2.0.2","Will Norris","https:\u002F\u002Fprofiles.wordpress.org\u002Fwillnorris\u002F","\u003Cp>The \u003Ca href=\"https:\u002F\u002Fogp.me\u002F\" rel=\"nofollow ugc\">Open Graph protocol\u003C\u002Fa> enables any web page to become a rich object in a social graph.  Most notably, this allows for these pages to be used with Facebook’s \u003Ca href=\"https:\u002F\u002Fdevelopers.facebook.com\u002Fdocs\u002Freference\u002Fplugins\u002Flike\" rel=\"nofollow ugc\">Like Button\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fdevelopers.facebook.com\u002Fdocs\u002Freference\u002Fapi\u002F\" rel=\"nofollow ugc\">Graph API\u003C\u002Fa> as well as within Twitter posts.\u003C\u002Fp>\n\u003Cp>The Open Graph plugin inserts the Open Graph metadata into WordPress posts and pages, and provides a simple extension mechanism for other plugins and themes to override this data, or to provide additional Open Graph data.\u003C\u002Fp>\n\u003Cp>This plugin does not directly add social plugins like the Facebook Like Button to your pages (though they’re pretty simple to add).  It will however make your pages look great when shared using those kinds of tools.\u003C\u002Fp>\n","Adds Open Graph metadata to your posts and pages so that they look great when shared on sites like Facebook and Twitter.",10000,218990,86,13,"2025-12-07T17:38:00.000Z","6.9.4","2.3",[20,22,24,53],"social","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fopengraph","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fopengraph.2.0.2.zip",99,"2024-06-04 00:00:00",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":66,"downloaded":67,"rating":47,"num_ratings":68,"last_updated":69,"tested_up_to":50,"requires_at_least":70,"requires_php":71,"tags":72,"homepage":76,"download_link":77,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"open-graph-protocol-framework","Open Graph Protocol Framework","2.1.0","itthinx","https:\u002F\u002Fprofiles.wordpress.org\u002Fitthinx\u002F","\u003Cp>The \u003Ca href=\"https:\u002F\u002Fogp.me\u002F\" rel=\"nofollow ugc\">Open Graph protocol\u003C\u002Fa> enables any web page to become a rich object in a social graph. For instance, this is used on Facebook to allow any web page to have the same functionality as any other object on Facebook.\u003C\u002Fp>\n\u003Cp>This WordPress plugin is aimed at automating the process of adding basic and optional metadata to a site’s pages. It is also designed to act as a framework for other plugins or themes and allows to modify and adapt the information provided as needed.\u003C\u002Fp>\n\u003Cp>If you find this plugin useful and would like to support our work, you can do so by purchasing in our \u003Ca href=\"https:\u002F\u002Fwww.itthinx.com\u002Fshop\u002F\" rel=\"nofollow ugc\">Shop\u003C\u002Fa>, thank you!\u003C\u002Fp>\n\u003Cp>Supports \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwoocommerce\u002F\" rel=\"ugc\">WooCommerce\u003C\u002Fa> to include essential product metadata on product pages.\u003C\u002Fp>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cp>Install and activate the plugin. It will automatically render the following metadata for posts, pages, etc. :\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>og:title\u003C\u002Fcode> : The page’s title is used, this provides the title for posts, pages, archives etc.\u003C\u002Fli>\n\u003Cli>\u003Ccode>og:type\u003C\u002Fcode> : The type will be \u003Ccode>article\u003C\u002Fcode> in general, \u003Ccode>website\u003C\u002Fcode> for the front page and \u003Ccode>blog\u003C\u002Fcode> for the blog homepage.\u003C\u002Fli>\n\u003Cli>\u003Ccode>og:image\u003C\u002Fcode> : For post types that support featured images, the URL of the featured image is used. Additional metadata \u003Ccode>og:image:width\u003C\u002Fcode>, \u003Ccode>og:image:height\u003C\u002Fcode>, \u003Ccode>og:image:url\u003C\u002Fcode>, \u003Ccode>og:image:secure_url\u003C\u002Fcode> and \u003Ccode>og:image:alt\u003C\u002Fcode> are added.\u003C\u002Fli>\n\u003Cli>\u003Ccode>og:url\u003C\u002Fcode> : The URL of the current page.\u003C\u002Fli>\n\u003Cli>\u003Ccode>og:site_name\u003C\u002Fcode> : The name of the site.\u003C\u002Fli>\n\u003Cli>\u003Ccode>og:description\u003C\u002Fcode> : Uses the full excerpt if available, otherwise derives it from the content. For author and archive pages, the type of page and title is used.\u003C\u002Fli>\n\u003Cli>\u003Ccode>og:locale\u003C\u002Fcode> : The current locale.\u003C\u002Fli>\n\u003Cli>\u003Ccode>og:locale:alternate\u003C\u002Fcode> : Indicates additional locales available with \u003Ca href=\"https:\u002F\u002Fwpml.org\u002F\" rel=\"nofollow ugc\">WPML\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpolylang\u002F\" rel=\"ugc\">Polylang\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The content of the \u003Ccode>og:image:alt\u003C\u002Fcode> property is based on the Alt Text of the featured image, the image’s Caption in lack thereof, or ultimately the image’s Description in lack of the latter. If any of those are empty, the property is not rendered.\u003C\u002Fp>\n\u003Ch3>Filters\u003C\u002Fh3>\n\u003Cp>This section is for developers. If you’re not a developer, you can safely skip it.\u003C\u002Fp>\n\u003Cp>The plugin provides the following filters:\u003C\u002Fp>\n\u003Ch4>\u003Ccode>open_graph_protocol_meta\u003C\u002Fcode>\u003C\u002Fh4>\n\u003Cp>This filter allows to modify the value of the \u003Ccode>content\u003C\u002Fcode> attribute for a given meta tag.\u003Cbr \u002F>\nIt is invoked for every supported type of metadata.\u003C\u002Fp>\n\u003Cp>Parameters:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>string\u003C\u002Fcode> \u003Ccode>content\u003C\u002Fcode> – the current value of the \u003Ccode>content\u003C\u002Fcode> attribute\u003C\u002Fli>\n\u003Cli>\u003Ccode>string\u003C\u002Fcode> \u003Ccode>property\u003C\u002Fcode> – the metadata name, for example \u003Ccode>og:title\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Filters must return:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>string\u003C\u002Fcode> the desired value of the \u003Ccode>content\u003C\u002Fcode> attribute\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>\u003Ccode>open_graph_protocol_meta_tag\u003C\u002Fcode>\u003C\u002Fh4>\n\u003Cp>This filter allows to modify the actual HTML \u003Ccode>\u003Cmeta>\u003C\u002Fcode> tag that is rendered in the \u003Ccode>\u003Chead>\u003C\u002Fcode> section of pages.\u003C\u002Fp>\n\u003Cp>Parameters:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>string\u003C\u002Fcode> HTML \u003Ccode>\u003Cmeta>\u003C\u002Fcode> tag\u003C\u002Fli>\n\u003Cli>\u003Ccode>string\u003C\u002Fcode> \u003Ccode>property\u003C\u002Fcode> – the metadata name, for example \u003Ccode>og:title\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>string\u003C\u002Fcode> \u003Ccode>content\u003C\u002Fcode> – the value of the \u003Ccode>content\u003C\u002Fcode> attribute\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Filters must return:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>string\u003C\u002Fcode> the desired output for the HTML \u003Ccode>\u003Cmeta>\u003C\u002Fcode> tag\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>\u003Ccode>open_graph_protocol_metas\u003C\u002Fcode>\u003C\u002Fh4>\n\u003Cp>This filter allows to add or remove metadata before it is rendered.\u003C\u002Fp>\n\u003Cp>Parameters:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>array\u003C\u002Fcode> of metadata indexed by metadata name\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Filters must return:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>array\u003C\u002Fcode> of metadata indexed by metadata name\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>\u003Ccode>open_graph_protocol_echo_metas\u003C\u002Fcode>\u003C\u002Fh4>\n\u003Cp>This filter allows to modify the HTML that renders the plugin’s meta tags in the \u003Ccode>\u003Chead>\u003C\u002Fcode> section.\u003C\u002Fp>\n\u003Cp>Parameters:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>string\u003C\u002Fcode> HTML with \u003Ccode>\u003Cmeta>\u003C\u002Fcode> tags to be rendered\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Filters must return:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>string\u003C\u002Fcode> HTML with \u003Ccode>\u003Cmeta>\u003C\u002Fcode> tags to be rendered\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>\u003Ccode>open_graph_protocol_framework_ext\u003C\u002Fcode>\u003C\u002Fh4>\n\u003Cp>This filter allows to determine whether additional meta tags should be produced for supported integrations.\u003C\u002Fp>\n\u003Cp>Parameters:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>boolean\u003C\u002Fcode> whether to process the integration\u003C\u002Fli>\n\u003Cli>\u003Ccode>string\u003C\u002Fcode> the integration\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Filters must return:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>boolean\u003C\u002Fcode> whether to process additional meta tags for the integration\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Why this plugin?\u003C\u002Fh3>\n\u003Cp>This plugin was created because we needed an extendable way to render meta tags based on the Open Graph protocol, which would allow to modify the meta tag content rendered or add meta tags when appropriate based on external data.\u003C\u002Fp>\n\u003Cp>None of the existing plugins provided a sufficiently flexible way of doing that, among other reasons we needed a solution that would comply with all of these requirements and none of the existing solutions does:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>must be compatible with WordPress 3.5\u003C\u002Fli>\n\u003Cli>must automatically add meta tags for featured images\u003C\u002Fli>\n\u003Cli>must be automated and create sensible meta tag content for each page, we don’t want to manually indicate the tag content for every page\u003C\u002Fli>\n\u003Cli>must provide a framework for extension through hooks and filters on every tag, and provide a design that allows other plugins to modify the meta tags in flexible ways\u003C\u002Fli>\n\u003Cli>must not ask to provide your Facebook account details or application ID when there is no need for it\u003C\u002Fli>\n\u003Cli>must not be bloated with features you don’t want or need when you simply want Open Graph metatags to be rendered automatically for your pages\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Logo Attribution\u003C\u002Fh3>\n\u003Cp>The logo used for this plugin’s icon and banner is the \u003Ca href=\"https:\u002F\u002Fcommons.wikimedia.org\u002Fwiki\u002FFile:Open_Graph_protocol_logo.png#\u002Fmedia\u002FFile:Open_Graph_protocol_logo.png\" rel=\"nofollow ugc\">Open Graph protocol logo\u003C\u002Fa> by Facebook – \u003Ca href=\"https:\u002F\u002Fogp.me\" rel=\"nofollow ugc\">ogp.me\u003C\u002Fa>. Licensed under Public Domain via \u003Ca href=\"https:\u002F\u002Fcommons.wikimedia.org\u002Fwiki\u002F\" rel=\"nofollow ugc\">Wikimedia Commons\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Validators\u003C\u002Fh3>\n\u003Cp>To test the generated metadata you can use several tools, among those:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcards-dev.x.com\u002Fvalidator\" rel=\"nofollow ugc\">X Card Validator\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdevelopers.facebook.com\u002Ftools\u002Fdebug\u002F\" rel=\"nofollow ugc\">Meta Sharing Debugger\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","The Open Graph Protocol enables any web page to become a rich object in a social graph. This plugin renders meta tags within an extension framework.",3000,114742,15,"2025-12-20T18:34:00.000Z","6.0","7.4",[20,73,22,74,75],"google","open-graph-protocol","x","https:\u002F\u002Fwww.itthinx.com\u002Fplugins\u002Fopen-graph-protocol\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fopen-graph-protocol-framework.2.1.0.zip",{"slug":22,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":85,"downloaded":86,"rating":28,"num_ratings":28,"last_updated":87,"tested_up_to":88,"requires_at_least":89,"requires_php":18,"tags":90,"homepage":92,"download_link":93,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"Open Graph Pro","1.0","Martin Lormes","https:\u002F\u002Fprofiles.wordpress.org\u002Ftfnab\u002F","\u003Cp>Automagically adds Open Graph tags to your blog. Control how your posts and pages are presented on Facebook and other social media sites. No configuration needed.\u003C\u002Fp>\n\u003Cp>When someone likes or shares your blog on Facebook, your header image is shown. If someone likes or shares a post, the featured image (post thumbnail) is shown. If you haven’t selected a featured image, then the plugin looks for the first image inside the post. If there aren’t any images in your post, then your blog’s header image is shown.\u003C\u002Fp>\n\u003Cp>For more information on the Open Graph protocol go to http:\u002F\u002Fogp.me\u002F\u003C\u002Fp>\n","Adds Open Graph tags to your blog. Control how your posts and pages are presented on Facebook and other social media sites. No configuration needed.",2000,43865,"2017-11-28T17:07:00.000Z","3.2.1","2.9",[20,23,24,53,91],"social-media","http:\u002F\u002Ften-fingers-and-a-brain.com\u002Fwordpress-plugins\u002Fogp\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fogp.1.0.zip",{"slug":23,"name":95,"version":96,"author":97,"author_profile":98,"description":99,"short_description":100,"active_installs":101,"downloaded":102,"rating":28,"num_ratings":28,"last_updated":103,"tested_up_to":104,"requires_at_least":105,"requires_php":18,"tags":106,"homepage":108,"download_link":109,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"Open Graph WP implementation","1.1","Piyush Mishra","https:\u002F\u002Fprofiles.wordpress.org\u002Fpiyushmishra\u002F","\u003Cp>The Open Graph protocol enables any web page to become a rich object in a social graph. For instance, this is used on Facebook to enable any web page to have the same functionality as a Facebook Page.\u003C\u002Fp>\n\u003Cp>While many different technologies and schemas exist and could be combined together, there isn’t a single technology which provides enough information to richly represent any web page within the social graph. The Open Graph protocol builds on these existing technologies and gives developers one thing to implement. Developer simplicity is a key goal of the Open Graph protocol which has informed many of the technical design decisions.\u003C\u002Fp>\n\u003Ch4>For Developers\u003C\u002Fh4>\n\u003Cp>Use \u003Ccode>add_action('open_graph_head_pre','your_function');\u003C\u002Fcode> and \u003Ccode>add_action('open_graph_head_post','your_function');\u003C\u002Fcode> to edit the meta data. For an instance of the class.\u003C\u002Fp>\n\u003Cp>Always use \u003Ccode>open_graph_instance()\u003C\u002Fcode>\u003Cbr \u002F>\nRead more on the Plugin URI > \u003Ca href=\"http:\u002F\u002Fwww.piyushmishra.com\u002Fplugins\u002Fopen-graph.html\" title=\"Plugin URI\" rel=\"nofollow ugc\">Open Graph WP implementation\u003C\u002Fa> or check out the FAQs\u003C\u002Fp>\n","Implements the Open Graph Protocol on a WordPress installation. Can be used by other plugins as a dependency.",70,8791,"2011-03-10T12:47:00.000Z","3.1.4","3.1",[20,107,23,24],"fb","http:\u002F\u002Fwww.piyushmishra.com\u002Fplugins\u002Fopen-graph.html","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fopen-graph.1.1.zip",{"slug":111,"name":112,"version":113,"author":114,"author_profile":115,"description":116,"short_description":117,"active_installs":118,"downloaded":119,"rating":28,"num_ratings":28,"last_updated":120,"tested_up_to":121,"requires_at_least":122,"requires_php":18,"tags":123,"homepage":125,"download_link":126,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"ogp-generator","OGP Generator","0.5.3","ShinichiN","https:\u002F\u002Fprofiles.wordpress.org\u002Fshinichin\u002F","\u003Cp>When shared on Facebook, this plugin shows a nice Thumbnail of your posts, pages and site.\u003C\u002Fp>\n\u003Ch3>Example of Open Graph Protocol tags\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>\u003Cmeta property=\"fb:app_id\"      content=\"you can specify in admin\" \u002F>\n\u003Cmeta property=\"og:title\"       content=\"Post Title\" \u002F>\n\u003Cmeta property=\"og:type\"        content=\"article\" \u002F>\n\u003Cmeta property=\"og:url\"         content=\"Post URL\" \u002F>\n\u003Cmeta property=\"og:image\"       content=\"Post thumbnail, attached image, the first image or default image which you upload\" \u002F>\n\u003Cmeta property=\"og:site_name\"   content=\"Site Title\" \u002F>\n\u003Cmeta property=\"og:locale\"      content=\"Your Locale\" \u002F>\n\u003Cmeta property=\"og:description\" content=\"Post excerpt or text generated from your content\" \u002F>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Rules of the og:image\u003C\u002Fh3>\n\u003Ch4>When a post permalink is shared (is_singular).\u003C\u002Fh4>\n\u003Col>\n\u003Cli>If your post has a post-thumbnail, that will show up.\u003C\u002Fli>\n\u003Cli>If not, this plugin shows the images attatched to the post.\u003C\u002Fli>\n\u003Cli>If not, this plugin shows the images which is in the content.\u003C\u002Fli>\n\u003Cli>If not, this plugin shows the default image, which you upload in Settings > Reading > OGP Settings.\u003C\u002Fli>\n\u003Cli>If not, this plugin doesn’t show anything. (Other ogp tags such as og:title, og:url and so on will be served.)\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>When the link posted on facebook was not a post link (!is_singular).\u003C\u002Fh4>\n\u003Cp>When home page, archive pages, search result page or what ever else pages are shared on facebook, og:image will be the image you specify in Settings > Reading > OGP Settings.\u003C\u002Fp>\n","When shared on Facebook, this plugin shows a nice Thumbnail of your posts, pages and site.",60,3539,"2015-12-10T01:33:00.000Z","4.4.34","4.0",[20,22,124],"open-graph-tag","http:\u002F\u002Fth-daily.shinichi.me","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fogp-generator.0.5.3.zip",{"attackSurface":128,"codeSignals":149,"taintFlows":201,"riskAssessment":202,"analyzedAt":212},{"hooks":129,"ajaxHandlers":145,"restRoutes":146,"shortcodes":147,"cronEvents":148,"entryPointCount":28,"unprotectedCount":28},[130,136,141],{"type":131,"name":132,"callback":133,"file":134,"line":135},"action","wp_head","anonymous","opengraph.php",151,{"type":131,"name":137,"callback":138,"file":139,"line":140},"admin_menu","add_simplegraph_page","simpleopengraph_options.php",3,{"type":131,"name":142,"callback":143,"file":139,"line":144},"admin_init","admin_init_simpleopengraph",23,[],[],[],[],{"dangerousFunctions":150,"sqlUsage":151,"outputEscaping":153,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":200},[],{"prepared":28,"raw":28,"locations":152},[],{"escaped":28,"rawEcho":154,"locations":155},22,[156,159,161,163,165,167,169,171,173,175,177,179,181,183,185,187,189,191,192,194,196,198],{"file":134,"line":157,"context":158},32,"raw output",{"file":134,"line":160,"context":158},38,{"file":134,"line":162,"context":158},40,{"file":134,"line":164,"context":158},50,{"file":134,"line":166,"context":158},53,{"file":134,"line":168,"context":158},56,{"file":134,"line":170,"context":158},72,{"file":134,"line":172,"context":158},89,{"file":134,"line":174,"context":158},91,{"file":134,"line":176,"context":158},102,{"file":134,"line":178,"context":158},104,{"file":134,"line":180,"context":158},107,{"file":134,"line":182,"context":158},110,{"file":134,"line":184,"context":158},120,{"file":134,"line":186,"context":158},131,{"file":134,"line":188,"context":158},142,{"file":139,"line":190,"context":158},46,{"file":139,"line":166,"context":158},{"file":139,"line":193,"context":158},63,{"file":139,"line":195,"context":158},69,{"file":139,"line":197,"context":158},80,{"file":139,"line":199,"context":158},93,[],[],{"summary":203,"deductions":204},"The \"simple-open-graph\" plugin v2.4 exhibits a generally strong security posture based on the provided static analysis.  The absence of any identified CVEs, coupled with a clean vulnerability history, suggests a well-maintained and secure codebase.  The plugin also scores well on several best practices, including the complete absence of dangerous functions, zero unescaped output, and 100% of SQL queries utilizing prepared statements.  The attack surface is minimal, with no AJAX handlers, REST API routes, shortcodes, or cron events, and importantly, no unprotected entry points are reported.\n\nHowever, a significant concern arises from the static analysis's finding that 0% of the 22 total outputs are properly escaped. This is a critical weakness. While the plugin may not directly process user input into SQL or other potentially harmful operations, unescaped output can still lead to cross-site scripting (XSS) vulnerabilities if dynamic data is rendered directly into the HTML without proper sanitization.  The lack of nonce checks and capability checks further exacerbates this, meaning that even if an output is unintentionally dynamic, there are no built-in mechanisms to prevent unauthorized users from influencing that output or triggering actions that might expose sensitive information through unescaped data.\n\nIn conclusion, the plugin's minimal attack surface and clean vulnerability history are positive indicators.  Nonetheless, the pervasive lack of output escaping represents a substantial security risk that could be exploited to inject malicious scripts.  The absence of nonce and capability checks, while not directly causing an issue in themselves, reduces the plugin's resilience against potential attacks that leverage unescaped output.",[205,207,210],{"reason":206,"points":68},"0% output escaping on 22 outputs",{"reason":208,"points":209},"0 Nonce checks",5,{"reason":211,"points":209},"0 Capability checks","2026-03-16T23:43:58.072Z",{"wat":214,"direct":219},{"assetPaths":215,"generatorPatterns":216,"scriptPaths":217,"versionParams":218},[],[],[],[],{"cssClasses":220,"htmlComments":221,"htmlAttributes":222,"restEndpoints":223,"jsGlobals":224,"shortcodeOutput":225},[],[],[],[],[],[]]