[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f1NvrNPYlkV43JPbO3Osw5IECQbNNr43UTeQd1XkzpYg":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":35,"analysis":129,"fingerprints":239},"sina-weibo-plugin-for-wordpress","Sina Weibo Plugin for WordPress","0.3.1","zhlwish","https:\u002F\u002Fprofiles.wordpress.org\u002Fzhlwish\u002F","\u003Cp>一个很简单的在Wordpress首页显示你的最近的新浪微博的插件\u003C\u002Fp>\n\u003Ch4>The features in English\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>It has a widget, you can drag it drop it where you want in the side.Also you can set it how many tweetes you want to show.\u003C\u002Fli>\n\u003Cli>You do not need to input you Sina account and password, you just tell Sina that you want to use this plugin by click a link.\u003C\u002Fli>\n\u003Cli>It automaticly generate the link of the urls and @xxx in tweets.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If any help is needed, please checkout my tech blog: http:\u002F\u002Fwww.zhlwish.com\u003C\u002Fp>\n\u003Ch4>The features in Chinese\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>自带一个WordPress”小工具”, 你可使用拖拽的方式直接指定插件显示的位置\u003C\u002Fli>\n\u003Cli>使用新浪微博的授权, 不需要用户名和密码, 保证了你帐号的安全\u003C\u002Fli>\n\u003Cli>自动转换微博中的URL和@符号\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>如果使用上需要什么帮助请, 查看我的博客: http:\u002F\u002Fwww.zhlwish.com\u003C\u002Fp>\n","A very simple plugin shows the recent tweets from your Sina Weibo.",10,11163,0,"2011-11-13T06:00:00.000Z","3.2.1","2.7","",[19,20,21,22,23],"sina","sns","weibo","%e6%96%b0%e6%b5%aa","%e6%96%b0%e6%b5%aa%e5%be%ae%e5%8d%9a","http:\u002F\u002Fwww.zhlwish.com\u002Fwp-plugin-for-sina-weibo","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsina-weibo-plugin-for-wordpress.0.3.1.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},1,30,84,"2026-04-05T12:00:02.907Z",[36,53,70,88,109],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":11,"downloaded":44,"rating":13,"num_ratings":13,"last_updated":45,"tested_up_to":46,"requires_at_least":16,"requires_php":17,"tags":47,"homepage":51,"download_link":52,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"qq-weibo-plugin-for-wordpress","QQ Weibo Plugin for WordPress","1.1","shapherd","https:\u002F\u002Fprofiles.wordpress.org\u002Fshapherd\u002F","\u003Cp>一个很简单的在Wordpress首页显示你的最近的腾讯微博的插件\u003C\u002Fp>\n\u003Ch4>The features in English\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>It has a widget, you can drag it drop it where you want in the side.Also you can set it how many tweetes you want to show.\u003C\u002Fli>\n\u003Cli>You do not need to input you qq account and password, you just tell qq that you want to use this plugin by click a link.\u003C\u002Fli>\n\u003Cli>It automaticly generate the link of the urls and @xxx in tweets.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If any help is needed, please checkout my tech blog: http:\u002F\u002Fwww.l-da.com\u003C\u002Fp>\n\u003Ch4>The features in Chinese\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>自带一个WordPress”小工具”, 你可使用拖拽的方式直接指定插件显示的位置\u003C\u002Fli>\n\u003Cli>使用腾讯微博的授权, 不需要用户名和密码, 保证了你帐号的安全\u003C\u002Fli>\n\u003Cli>自动转换微博中的URL和@符号\u003C\u002Fli>\n\u003Cli>显示 热门话题 的URL\u003C\u002Fli>\n\u003Cli>可以设定显示微博的数量\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>如果使用上需要什么帮助请, 查看我的博客: http:\u002F\u002Fwww.l-da.com\u003C\u002Fp>\n","A very simple plugin shows the recent tweets from your QQ Weibo.",5896,"2013-04-03T03:43:00.000Z","3.1.4",[48,49,50,20,21],"%e8%85%be%e8%ae%af","%e8%85%be%e8%ae%af%e5%be%ae%e5%8d%9a","qq","http:\u002F\u002Fl-da.com\u002F94\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fqq-weibo-plugin-for-wordpress.zip",{"slug":54,"name":55,"version":56,"author":57,"author_profile":58,"description":59,"short_description":60,"active_installs":11,"downloaded":61,"rating":13,"num_ratings":13,"last_updated":62,"tested_up_to":63,"requires_at_least":64,"requires_php":17,"tags":65,"homepage":68,"download_link":69,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"weibo-tuchuang","WeiBo TuChuang","1.2","shuangca","https:\u002F\u002Fprofiles.wordpress.org\u002Fshuangca\u002F","\u003Cp>微博图床是将图片上传到微博中作为图床使用。\u003C\u002Fp>\n\u003Cul>\n\u003Cli>上传到微博后自动获取图片链接并插入到文章中。\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>包含功能：\u003C\u002Fp>\n\u003Cul>\n\u003Cli>微博授权。\u003C\u002Fli>\n\u003Cli>直接上传图片到微博。\u003C\u002Fli>\n\u003Cli>上传图片后获取图片链接。\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>官方演示\u002FDemo:\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fshuang.ca\u002F2013\u002F12\u002F08\u002Fwordpress-tu-pian-wai-lian-cha-jian-wei-bo-tu-chuang\u002F\" title=\"微博图床插件\" rel=\"nofollow ugc\">\u003Cstrong>微博图床插件官方演示\u003C\u002Fstrong>\u003C\u002Fa>  如果您有任何问题或建议也可以留言，谢谢支持。\u003C\u002Fp>\n","微博图床是将图片上传到微博中作为图床使用。",5071,"2013-12-17T12:57:00.000Z","3.7.41","3.6",[66,19,67,21],"photo","upload","http:\u002F\u002Fshuang.ca\u002F2013\u002F12\u002F08\u002Fwordpress-tu-pian-wai-lian-cha-jian-wei-bo-tu-chuang\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fweibo-tuchuang.1.2.zip",{"slug":71,"name":72,"version":56,"author":73,"author_profile":74,"description":75,"short_description":76,"active_installs":11,"downloaded":77,"rating":13,"num_ratings":13,"last_updated":78,"tested_up_to":79,"requires_at_least":80,"requires_php":81,"tags":82,"homepage":86,"download_link":87,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"wp-to-weibo","WP-TO-WEIBO","hjyl","https:\u002F\u002Fprofiles.wordpress.org\u002Fhjyl\u002F","\u003Cp>synchronize your post to sina weibo when you publisded.\u003Cbr \u002F>\n在发布文章时，形成一条短微博，自动同步到新浪微博的功能，支持文章头条形式。\u003C\u002Fp>\n","synchronize your post to sina weibo when you publisded.",1440,"2019-10-22T14:01:00.000Z","5.2.24","5.0","5.2.4",[19,21,83,84,85],"%e5%90%8c%e6%ad%a5","%e5%a4%b4%e6%9d%a1","%e5%be%ae%e5%8d%9a","https:\u002F\u002Fhjyl.org\u002Fwp-to-weibo","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-to-weibo.zip",{"slug":89,"name":90,"version":91,"author":92,"author_profile":93,"description":94,"short_description":95,"active_installs":96,"downloaded":97,"rating":98,"num_ratings":99,"last_updated":100,"tested_up_to":79,"requires_at_least":101,"requires_php":17,"tags":102,"homepage":107,"download_link":108,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"sns-count-cache","SNS Count Cache","1.1.3","marubon","https:\u002F\u002Fprofiles.wordpress.org\u002Fmarubon\u002F","\u003Cp>SNS Count Cache is a plugin which helps you to shorten page loading time displaying share and follower counts through the use of cache mechanism.\u003C\u002Fp>\n\u003Cp>Notice:\u003Cbr \u002F>\nIn the upgrade from Ver. 0.11.1 or below, Reregistration of information such as client ID, client secret, and access token is needed in the setting page.\u003C\u002Fp>\n\u003Cp>The plugin gets share counts for the following SNS and caches these counts in the background.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Twitter\u003C\u002Fli>\n\u003Cli>Facebook\u003C\u002Fli>\n\u003Cli>Pocket\u003C\u002Fli>\n\u003Cli>Pinterest\u003C\u002Fli>\n\u003Cli>Linkedin\u003C\u002Fli>\n\u003Cli>Hatena Bookmark\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Note: You can select alternative Twitter API for share count retrieval from the following alternatives.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>widgetoon.js & count.jsoon\u003C\u002Fli>\n\u003Cli>OpenShareCount\u003C\u002Fli>\n\u003Cli>TwitCount\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The plugin also caches follower counts for the following SNS in the same way.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Twitter\u003C\u002Fli>\n\u003Cli>Facebook\u003C\u002Fli>\n\u003Cli>Feedly\u003C\u002Fli>\n\u003Cli>Instagram\u003C\u002Fli>\n\u003Cli>OneSignal\u003C\u002Fli>\n\u003Cli>Push7\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The share and follower counts can be retrieved quickly not through network but through the cache using given functions.\u003C\u002Fp>\n\u003Cp>The following shows functions to get share count from the cache:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>scc_get_share_twitter()\u003C\u002Fli>\n\u003Cli>scc_get_share_facebook()\u003C\u002Fli>\n\u003Cli>scc_get_share_pocket()\u003C\u002Fli>\n\u003Cli>scc_get_share_pinterest()\u003C\u002Fli>\n\u003Cli>scc_get_share_linkedin()\u003C\u002Fli>\n\u003Cli>scc_get_share_hatebu()\u003C\u002Fli>\n\u003Cli>scc_get_share_total()\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The following shows functions to get follower count from the cache:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>scc_get_follow_feedly()\u003C\u002Fli>\n\u003Cli>scc_get_follow_twitter()\u003C\u002Fli>\n\u003Cli>scc_get_follow_facebook()\u003C\u002Fli>\n\u003Cli>scc_get_follow_instagram()\u003C\u002Fli>\n\u003Cli>scc_get_follow_onesignal()\u003C\u002Fli>\n\u003Cli>scc_get_follow_push7()\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The following describes meta keys to get share count from custom field.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>scc_share_count_twitter\u003C\u002Fli>\n\u003Cli>scc_share_count_facebook\u003C\u002Fli>\n\u003Cli>scc_share_count_pocket\u003C\u002Fli>\n\u003Cli>scc_share_count_pinterest\u003C\u002Fli>\n\u003Cli>scc_share_count_linkedin\u003C\u002Fli>\n\u003Cli>scc_share_count_hatebu\u003C\u002Fli>\n\u003Cli>scc_share_count_total\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The following describes meta keys to get delta of share count from custom field.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>scc_share_delta_twitter\u003C\u002Fli>\n\u003Cli>scc_share_delta_facebook\u003C\u002Fli>\n\u003Cli>scc_share_delta_pocket\u003C\u002Fli>\n\u003Cli>scc_share_delta_pinterest\u003C\u002Fli>\n\u003Cli>scc_share_delta_linkedin\u003C\u002Fli>\n\u003Cli>scc_share_delta_hatebu\u003C\u002Fli>\n\u003Cli>scc_share_delta_total\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Arbitrary section\u003C\u002Fh3>\n","This plugin gets and caches SNS counts in the background, and help you to shorten page loading time through the use of cache mechanism.",8000,149557,80,4,"2019-06-06T11:21:00.000Z","3.7",[103,104,105,20,106],"cache","performance","share","social","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsns-count-cache\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsns-count-cache.zip",{"slug":110,"name":111,"version":112,"author":113,"author_profile":114,"description":115,"short_description":116,"active_installs":117,"downloaded":118,"rating":13,"num_ratings":13,"last_updated":119,"tested_up_to":120,"requires_at_least":121,"requires_php":122,"tags":123,"homepage":17,"download_link":128,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"cc-addon-pack","Saitama Addon Pack","1.0.8","communitycom","https:\u002F\u002Fprofiles.wordpress.org\u002Fcommunitycom\u002F","\u003Cp>This plug-in is an integrated plug-in with a variety of features that make it powerful your web site.\u003C\u002Fp>\n\u003Cp>[ Powerful　Widgets ]\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Recent Posts – display the link text and the date of the latest article title.\u003C\u002Fli>\n\u003Cli>FB Page Plugin – display the Facebook Page Plugin.\u003C\u002Fli>\n\u003Cli>topic area – display the topic area.\u003C\u002Fli>\n\u003Cli>Contact widget – display contact area.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>[ Social media ]\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Print OG Tags\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>[ Others ]\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Print Google Analytics tag\u003C\u002Fli>\n\u003Cli>Print meta keyword tag\u003C\u002Fli>\n\u003Cli>Print meta description tag\u003C\u002Fli>\n\u003Cli>Set Default Thumbnail\u003C\u002Fli>\n\u003Cli>Set Favicon\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>and more.\u003C\u002Fp>\n","This plug-in is an integrated plug-in with a variety of features that make it powerful your web site.",1000,17975,"2023-11-30T23:49:00.000Z","6.3.8","4.4","7.4",[124,125,126,127,20],"default-thumbnail","disable-emoji","google-analytics","new-posts","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcc-addon-pack.1.0.8.zip",{"attackSurface":130,"codeSignals":150,"taintFlows":194,"riskAssessment":222,"analyzedAt":238},{"hooks":131,"ajaxHandlers":146,"restRoutes":147,"shortcodes":148,"cronEvents":149,"entryPointCount":13,"unprotectedCount":13},[132,138,142],{"type":133,"name":134,"callback":135,"file":136,"line":137},"action","widgets_init","anonymous","weiboplugin.php",244,{"type":133,"name":139,"callback":140,"file":136,"line":141},"admin_menu","weibo_admin_page",254,{"type":133,"name":143,"callback":144,"file":136,"line":145},"wp_head","weibo_include_css",269,[],[],[],[],{"dangerousFunctions":151,"sqlUsage":155,"outputEscaping":157,"fileOperations":192,"externalRequests":31,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":193},[152],{"fn":153,"file":136,"line":137,"context":154},"create_function","add_action('widgets_init', create_function('', 'return register_widget(\"Weibo_Widget\");'));",{"prepared":13,"raw":13,"locations":156},[],{"escaped":158,"rawEcho":159,"locations":160},9,17,[161,164,166,168,170,172,174,176,178,180,182,183,184,186,188,189,190],{"file":136,"line":162,"context":163},88,"raw output",{"file":136,"line":165,"context":163},91,{"file":136,"line":167,"context":163},97,{"file":136,"line":169,"context":163},129,{"file":136,"line":171,"context":163},166,{"file":136,"line":173,"context":163},200,{"file":136,"line":175,"context":163},203,{"file":136,"line":177,"context":163},215,{"file":136,"line":179,"context":163},225,{"file":136,"line":181,"context":163},226,{"file":136,"line":181,"context":163},{"file":136,"line":181,"context":163},{"file":136,"line":185,"context":163},229,{"file":136,"line":187,"context":163},230,{"file":136,"line":187,"context":163},{"file":136,"line":187,"context":163},{"file":136,"line":191,"context":163},265,2,[],[195,214],{"entryPoint":196,"graph":197,"unsanitizedCount":192,"severity":213},"get_access_token (weiboplugin.php:57)",{"nodes":198,"edges":210},[199,204],{"id":200,"type":201,"label":202,"file":136,"line":203},"n0","source","$_REQUEST (x2)",60,{"id":205,"type":206,"label":207,"file":136,"line":208,"wp_function":209},"n1","sink","update_option() [Settings Manipulation]",63,"update_option",[211],{"from":200,"to":205,"sanitized":212},false,"low",{"entryPoint":215,"graph":216,"unsanitizedCount":192,"severity":213},"\u003Cweiboplugin> (weiboplugin.php:0)",{"nodes":217,"edges":220},[218,219],{"id":200,"type":201,"label":202,"file":136,"line":203},{"id":205,"type":206,"label":207,"file":136,"line":208,"wp_function":209},[221],{"from":200,"to":205,"sanitized":212},{"summary":223,"deductions":224},"The \"sina-weibo-plugin-for-wordpress\" v0.3.1 presents a mixed security picture. On the positive side, the plugin has no recorded vulnerabilities (CVEs) and boasts a clean record, suggesting a potentially mature and stable codebase in terms of external exploits.  Furthermore, all SQL queries are properly prepared, and there are no known bundled libraries to become outdated. The attack surface appears minimal, with no AJAX handlers, REST API routes, shortcodes, or cron events exposed without authentication or authorization.\n\nHowever, significant concerns arise from the static analysis. The presence of the `create_function` is a critical red flag, as it can lead to remote code execution if used with unsanitized input.  The taint analysis revealing \"flows with unsanitized paths\" is also worrying, even if no critical or high severity issues were flagged by the analysis tool.  The low percentage of properly escaped output (35%) indicates a high likelihood of cross-site scripting (XSS) vulnerabilities. The complete lack of nonce checks and capability checks, especially in conjunction with potential unsanitized inputs, further exacerbates the risk of unauthorized actions and data manipulation.\n\nIn conclusion, while the plugin's lack of vulnerability history is a strong positive, the static analysis highlights serious potential weaknesses in its code. The use of `create_function` and the indication of unsanitized paths, coupled with inadequate output escaping and a total absence of authorization checks for potential entry points, create a significant risk profile that requires immediate attention.",[225,228,230,233,236],{"reason":226,"points":227},"Use of create_function",15,{"reason":229,"points":11},"Flows with unsanitized paths",{"reason":231,"points":232},"Low output escaping percentage (35%)",8,{"reason":234,"points":235},"No nonce checks",5,{"reason":237,"points":235},"No capability checks","2026-03-17T01:19:07.838Z",{"wat":240,"direct":246},{"assetPaths":241,"generatorPatterns":243,"scriptPaths":244,"versionParams":245},[242],"\u002Fwp-content\u002Fplugins\u002Fsina-weibo-plugin-for-wordpress\u002Fweibo.css",[],[],[],{"cssClasses":247,"htmlComments":251,"htmlAttributes":252,"restEndpoints":254,"jsGlobals":255,"shortcodeOutput":256},[248,249,250],"weibo_link","follow_me","clear",[],[253],"id=\"weibo\"",[],[],[]]