[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fEgXgEdqlP76iR-5wmjowBis95TZ-UWJsVsvBW4fxCks":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":14,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":37,"analysis":117,"fingerprints":274},"skysa-tweet-app","Skysa Tweet App","1.4","Skysa","https:\u002F\u002Fprofiles.wordpress.org\u002Fdavidskysa\u002F","\u003Cp>Promote your Twitter account at the same time while driving traffic to your website. Customize the default Tweet, set what URL to share in the tweet and set the option to show or hide the tweet count next to the tweet button. By allowing your site visitors to tweet about your site on their twitter accounts, it will help get the word out about your site and drive targeted traffic from twitter users who see the tweets directly to your site.\u003C\u002Fp>\n\u003Cp>http:\u002F\u002Fwww.youtube.com\u002Fwatch?v=Zj1uGXX2xrk&hd=1\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Ftags\u002Fskysa-apps\" rel=\"ugc\">More Skysa App plugins\u003C\u002Fa> -|||- \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fskysa-official\u002F\" rel=\"ugc\">Skysa App Bar Integration plugin\u003C\u002Fa>\u003C\u002Fp>\n","Let people share content on Twitter (a Tweet) without having to leave your web page. This app displays a Tweet button at the bottom of your site.",10,2564,0,"","4.0.38","2.7",[18,19,20,21,22],"skysa","skysa-apps","tweet","tweet-button","twitter","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fskysa-tweet-app","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fskysa-tweet-app.zip",100,null,"2026-03-15T10:48:56.248Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":33,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"davidskysa",8,80,87,30,85,"2026-04-04T19:42:24.046Z",[38,54,71,88,102],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":11,"downloaded":46,"rating":13,"num_ratings":13,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":14,"tags":50,"homepage":51,"download_link":52,"security_score":35,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":53},"personal-tweet-me","Personal Tweet Me Button","1.3","svrooij_nl","https:\u002F\u002Fprofiles.wordpress.org\u002Fsvrooij_nl\u002F","\u003Cp>Adds the official tweet button, to your site as a sidebar widget. You can use a twitter account for the entire site, or use personal accounts per author.\u003C\u002Fp>\n","Adds the official tweet button, to your site as a sidebar widget. You can use a twitter account for the entire site, or use personal accounts per auth &hellip;",3202,"2013-04-13T13:56:00.000Z","3.5.2","3.0",[21,22],"http:\u002F\u002Fwww.smartersoft.nl\u002Fproducten\u002FtweetMe","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpersonal-tweet-me.1.3.zip","2026-03-15T15:16:48.613Z",{"slug":55,"name":56,"version":57,"author":58,"author_profile":59,"description":60,"short_description":61,"active_installs":11,"downloaded":62,"rating":13,"num_ratings":13,"last_updated":63,"tested_up_to":64,"requires_at_least":65,"requires_php":14,"tags":66,"homepage":69,"download_link":70,"security_score":35,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":53},"quotable-tweets","Quotable Tweets by DraftPress","1.1.7","DraftPress Team","https:\u002F\u002Fprofiles.wordpress.org\u002Fdraftpress\u002F","\u003Cp>The Quotable Tweets plugin by https:\u002F\u002Fdraftpress.com gives you an easy way to add a beautiful actionable tweet link to your sidebar.\u003C\u002Fp>\n\u003Cp>Please check out our other \u003Ca href=\"https:\u002F\u002Fdraftpress.com\u002Fproducts\u002F?utm_source=wprepo&utm_medium=quotable-tweets&utm_campaign=desc\" rel=\"nofollow ugc\">plugins\u003C\u002Fa> 🙂\u003C\u002Fp>\n\u003Cp>Contribute to the plugin and submit pull requests through the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwpsite\u002Fquotable-tweets\" rel=\"nofollow ugc\">Quotable Tweets plugin for WordPress GitHub repository\u003C\u002Fa>.\u003C\u002Fp>\n","The Quotable Tweets plugin gives you an easy way to add a beautiful actionable tweet link to your sidebar.",1845,"2021-09-15T21:15:00.000Z","5.8.13","4.9",[67,20,68,21,22],"quotable-tweet","tweet-ad","https:\u002F\u002Fdraftpress.com\u002Fproducts","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fquotable-tweets.1.1.7.zip",{"slug":72,"name":73,"version":74,"author":75,"author_profile":76,"description":77,"short_description":78,"active_installs":11,"downloaded":79,"rating":13,"num_ratings":13,"last_updated":80,"tested_up_to":81,"requires_at_least":82,"requires_php":14,"tags":83,"homepage":86,"download_link":87,"security_score":35,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":53},"rsh-tweet-button","rsh-Tweet","1.0","brehash","https:\u002F\u002Fprofiles.wordpress.org\u002Fbrehash\u002F","\u003Cp>This plugin adds the official \u003Ca href=\"http:\u002F\u002Fblog.twitter.com\u002F2010\u002F08\u002Fpushing-our-tweet-button.html\" rel=\"nofollow ugc\">Tweet Button\u003C\u002Fa> from Twitter to your Pages, Posts or Home Page. It lets your users share links directly from the page they’re on. When they click on the Tweet Button, a Tweet box will appear pre-populated with a shortened link that points to the item that they’re sharing.\u003C\u002Fp>\n\u003Cp>This plugin is very customizable via ‘rsh-Tweet Button’ under the ‘Settings’ menu in WordPress Admin. Change the look and feel, pozition and where to seen of the button.\u003C\u002Fp>\n","Adds the official Tweet Button from Twitter.com.",2207,"2010-08-21T07:38:00.000Z","3.0.5","2.0.2",[84,21,22,85],"automated","twitter-button","http:\u002F\u002Fwww.zoonte.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frsh-tweet-button.zip",{"slug":89,"name":90,"version":6,"author":7,"author_profile":8,"description":91,"short_description":92,"active_installs":11,"downloaded":93,"rating":94,"num_ratings":95,"last_updated":96,"tested_up_to":15,"requires_at_least":16,"requires_php":14,"tags":97,"homepage":100,"download_link":101,"security_score":35,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":53},"skysa-twitter-follow-app","Skysa Twitter Follow App","\u003Cp>Simply set the Twitter account you want users to follow; then, when they click the Twitter Follow button at the bottom of your site, they will start following your account on Twitter. You can optionally set to display your current followers count next to the Twitter follow button and also the language of the Twitter follow button text.\u003C\u002Fp>\n\u003Cp>http:\u002F\u002Fwww.youtube.com\u002Fwatch?v=Zj1uGXX2xrk&hd=1\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Ftags\u002Fskysa-apps\" rel=\"ugc\">More Skysa App plugins\u003C\u002Fa> -|||- \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fskysa-official\u002F\" rel=\"ugc\">Skysa App Bar Integration plugin\u003C\u002Fa>\u003C\u002Fp>\n","Allows your site visitors to follow your twitter account with one click, without leaving your sitet.",7528,20,1,"2014-09-08T20:48:00.000Z",[98,99,18,19,22],"follow","follow-button","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fskysa-twitter-follow-app","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fskysa-twitter-follow-app.zip",{"slug":103,"name":104,"version":105,"author":106,"author_profile":107,"description":108,"short_description":109,"active_installs":11,"downloaded":110,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":111,"requires_at_least":49,"requires_php":14,"tags":112,"homepage":115,"download_link":116,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"wp-tweet","WP Tweet","0.1-RC1","Pete Mall","https:\u002F\u002Fprofiles.wordpress.org\u002Fpetemall\u002F","\u003Cp>This plugins enables you to add the official \u003Ca href=\"http:\u002F\u002Fblog.twitter.com\u002F2010\u002F08\u002Fpushing-our-tweet-button.html\" rel=\"nofollow ugc\">Tweet Button\u003C\u002Fa> from Twitter. It lets your users share links directly from the page they’re on. When they click on the Tweet Button, a Tweet box will appear — pre-populated with a shortened link that points to the item that they’re sharing.\u003C\u002Fp>\n","Adds the official Tweet Button from Twitter.",5444,"3.1.4",[113,114,20,21,22],"button","retweet","http:\u002F\u002Fdevelopersmind.com\u002Fwordpress-plugins\u002Fwp-tweet\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-tweet.zip",{"attackSurface":118,"codeSignals":147,"taintFlows":210,"riskAssessment":257,"analyzedAt":273},{"hooks":119,"ajaxHandlers":134,"restRoutes":143,"shortcodes":144,"cronEvents":145,"entryPointCount":146,"unprotectedCount":146},[120,127,130],{"type":121,"name":122,"callback":123,"priority":124,"file":125,"line":126},"action","wp_print_footer_scripts","SkysaApps_Output",11,"skysa-required\\index.php",103,{"type":121,"name":128,"callback":123,"priority":124,"file":125,"line":129},"wp_footer",105,{"type":121,"name":131,"callback":132,"priority":124,"file":125,"line":133},"admin_menu","SkysaApps_Admin",109,[135,140],{"action":136,"nopriv":137,"callback":138,"hasNonce":137,"hasCapCheck":137,"file":125,"line":139},"skysa_appload",false,"SkysaApps_Ajax",111,{"action":136,"nopriv":141,"callback":138,"hasNonce":137,"hasCapCheck":137,"file":125,"line":142},true,112,[],[],[],2,{"dangerousFunctions":148,"sqlUsage":149,"outputEscaping":164,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":209},[],{"prepared":13,"raw":150,"locations":151},4,[152,156,159,161],{"file":153,"line":154,"context":155},"skysa-required\\admin.php",208,"$wpdb->get_row() with variable interpolation",{"file":157,"line":158,"context":155},"skysa-required\\ajax.php",66,{"file":157,"line":160,"context":155},97,{"file":162,"line":163,"context":155},"skysa-required\\output.php",70,{"escaped":95,"rawEcho":165,"locations":166},22,[167,170,172,174,176,178,179,181,183,185,186,188,190,192,194,196,198,200,201,203,205,207],{"file":153,"line":168,"context":169},104,"raw output",{"file":153,"line":171,"context":169},181,{"file":153,"line":173,"context":169},190,{"file":153,"line":175,"context":169},239,{"file":153,"line":177,"context":169},307,{"file":153,"line":177,"context":169},{"file":153,"line":180,"context":169},313,{"file":153,"line":182,"context":169},361,{"file":153,"line":184,"context":169},455,{"file":153,"line":184,"context":169},{"file":153,"line":187,"context":169},462,{"file":153,"line":189,"context":169},487,{"file":153,"line":191,"context":169},542,{"file":153,"line":193,"context":169},543,{"file":153,"line":195,"context":169},545,{"file":153,"line":197,"context":169},551,{"file":153,"line":199,"context":169},619,{"file":153,"line":199,"context":169},{"file":153,"line":202,"context":169},624,{"file":153,"line":204,"context":169},650,{"file":157,"line":206,"context":169},179,{"file":162,"line":208,"context":169},160,[],[211,227,236,247],{"entryPoint":212,"graph":213,"unsanitizedCount":95,"severity":226},"SkysaApps_Admin_DrawTabs (skysa-required\\admin.php:168)",{"nodes":214,"edges":224},[215,219],{"id":216,"type":217,"label":218,"file":153,"line":173},"n0","source","$_GET['page']",{"id":220,"type":221,"label":222,"file":153,"line":173,"wp_function":223},"n1","sink","echo() [XSS]","echo",[225],{"from":216,"to":220,"sanitized":137},"medium",{"entryPoint":228,"graph":229,"unsanitizedCount":146,"severity":226},"SkysaApps_Admin_AppPage (skysa-required\\admin.php:197)",{"nodes":230,"edges":234},[231,233],{"id":216,"type":217,"label":232,"file":153,"line":182},"$_GET['page'] (x2)",{"id":220,"type":221,"label":222,"file":153,"line":182,"wp_function":223},[235],{"from":216,"to":220,"sanitized":137},{"entryPoint":237,"graph":238,"unsanitizedCount":245,"severity":246},"\u003Cadmin> (skysa-required\\admin.php:0)",{"nodes":239,"edges":243},[240,242],{"id":216,"type":217,"label":241,"file":153,"line":173},"$_GET['page'] (x3)",{"id":220,"type":221,"label":222,"file":153,"line":173,"wp_function":223},[244],{"from":216,"to":220,"sanitized":137},3,"low",{"entryPoint":248,"graph":249,"unsanitizedCount":95,"severity":246},"\u003Cajax> (skysa-required\\ajax.php:0)",{"nodes":250,"edges":255},[251,254],{"id":216,"type":217,"label":252,"file":157,"line":253},"$_GET",54,{"id":220,"type":221,"label":222,"file":157,"line":206,"wp_function":223},[256],{"from":216,"to":220,"sanitized":137},{"summary":258,"deductions":259},"The skysa-tweet-app v1.4 plugin exhibits several significant security concerns, primarily stemming from its attack surface and lack of proper input validation and sanitization. The plugin exposes two AJAX handlers without any authentication checks, creating direct entry points for unauthenticated users. This is compounded by the fact that all identified taint flows (4 in total) have unsanitized paths, though no critical or high severity issues were flagged in this area. The static analysis also reveals that 100% of SQL queries are not using prepared statements, posing a substantial risk of SQL injection vulnerabilities. Furthermore, only a meager 4% of output escaping is properly handled, indicating a high likelihood of Cross-Site Scripting (XSS) vulnerabilities. While the plugin has no recorded vulnerability history, this lack of past issues does not negate the current, actively present risks identified in the code analysis. The absence of nonce and capability checks on AJAX endpoints is a critical oversight. In conclusion, despite a clean vulnerability history, the current state of skysa-tweet-app v1.4 presents a high security risk due to its unprotected entry points, raw SQL queries, and widespread lack of output escaping.",[260,262,264,266,269,271],{"reason":261,"points":11},"AJAX handlers without authentication",{"reason":263,"points":11},"SQL queries without prepared statements",{"reason":265,"points":31},"Low percentage of properly escaped output",{"reason":267,"points":268},"Taint flows with unsanitized paths",7,{"reason":270,"points":268},"AJAX handlers without nonce checks",{"reason":272,"points":268},"AJAX handlers without capability checks","2026-03-16T23:20:41.966Z",{"wat":275,"direct":283},{"assetPaths":276,"generatorPatterns":279,"scriptPaths":280,"versionParams":282},[277,278],"\u002Fwp-content\u002Fplugins\u002Fskysa-tweet-app\u002Fskysa-required\u002Fjs\u002Fadmin.js","\u002Fwp-content\u002Fplugins\u002Fskysa-tweet-app\u002Fskysa-required\u002Fcss\u002Fadmin.css",[],[281],"\u002F\u002Fplatform.twitter.com\u002Fwidgets.js",[],{"cssClasses":284,"htmlComments":287,"htmlAttributes":298,"restEndpoints":303,"jsGlobals":304,"shortcodeOutput":306},[285,286],"SKYUI-Mod-Tweet-Button-holder","SKYUI-Mod-Tweet-Button",[288,289,290,291,292,293,294,293,295,296,293,297],"*************************************************************\n*                 This app was made using the:              *\n*                       Skysa App SDK                       *\n*    http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fskysa-app-sdk\u002F     *\n*************************************************************","*************************************************************\n*                Skysa App SDK version 2.0                  *\n*            Download the latest version here:              *\n*    http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fskysa-app-sdk\u002F     *\n*************************************************************","* Direct modification of this file for a production plugin  *\n* is not recommended, due to incompatibilites it could      *\n* cause for other plugins using this SDK.                   *","* Instead it is remmended that you contact and submit your  *\n* proposed changes to Skysa's staff at staff@skysa.com.     *","* Your proposed changes can then be reviewed for inclusion  *\n* in the next version of the SDK, which will be made        *\n* available to you and publically available for use in      *\n* creation of new plugins and to update old ones.           *","*                                                           *","* When these core files are included with plugins made      *\n* using this SDK, the loader file will choose the most      *\n* recent version of the core files to use. So it is very    *\n* important that any changes made are updated in a version  *\n* change in the core SDK. This will ensure that your plugn, *\n* as well as other plugins, will not be broken by the       *\n* installation of any others on the same site.              *","* Thank you for taking this into consideration, and feel    *\n* free to contact staff@sksya.com with any questions. You   *\n* may also contact Skysa here:                              *","* http:\u002F\u002Fwww.skysa.com\u002Fpage\u002Fcontact                         *","*   Please include these comments with any redistribution.  *",[299,300,301,302],"data-url","data-text","data-count","data-via",[],[305],"S",[307],"\u003Cdiv id=\"$button_id\" class=\"SKYUI-Mod-Tweet-Button-holder\">\u003Cspan class=\"SKYUI-Mod-Tweet-Button\">\u003Ca href=\"http:\u002F\u002Ftwitter.com\u002Fshare\" class=\"twitter-share-button\" data-url=\"$app_option3\" data-text=\"$app_data\" data-count=\"#fvar_count\" data-via=\"$app_title\">\u003C\u002Fa>\u003C\u002Fspan>\u003C\u002Fdiv>"]