[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fMELyZJzaITlx6WP6fi5YcvXk4t6BFO66-yXZdQ4_8XI":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":45,"crawl_stats":36,"alternatives":50,"analysis":156,"fingerprints":263},"social-media-engine","Social Media Engine","1.0.2","ThemesCraft.co","https:\u002F\u002Fprofiles.wordpress.org\u002Fkvasnyi\u002F","\u003Cp>Social follow links shortcode. Built on FontAwesome icons.  30 social networks supported: 500px, behance, bitbucket, delicious, deviantart, digg, dribbble, etsy, facebook, flickr, foursquare, github, google-plus, instagram, lastfm, linkedin, medium, mixcloud, odnoklassniki, quora, reddit, skype, slideshare, soundcloud, spotify, tumblr, twitter, vimeo, vk, wordpress, youtube\u003C\u002Fp>\n\u003Ch4>Usage example\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>This shortcode can be used in posts, pages and widgets areas:\u003Cbr \u002F>\n[sme_social_links facebook=”follow_link” float=”right” skin=”dark” shape=”circle” size=”medium”]\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>For placement in the php code, use function:\u003Cbr \u002F>\ndo_shortcode(‘[sme_social_links facebook=”follow_link”]’)\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Shortcode settings\u003C\u002Fh4>\n\u003Ch4>Skins\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>light\u003C\u002Fli>\n\u003Cli>dark\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Shape\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>circle\u003C\u002Fli>\n\u003Cli>square\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Size\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>medium\u003C\u002Fli>\n\u003Cli>large\u003C\u002Fli>\n\u003Cli>xlarge\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Floating\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>right\u003C\u002Fli>\n\u003Cli>left\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Supported networks\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>500px\u003C\u002Fli>\n\u003Cli>behance\u003C\u002Fli>\n\u003Cli>bitbucket\u003C\u002Fli>\n\u003Cli>delicious\u003C\u002Fli>\n\u003Cli>deviantart\u003C\u002Fli>\n\u003Cli>digg\u003C\u002Fli>\n\u003Cli>dribbble\u003C\u002Fli>\n\u003Cli>etsy\u003C\u002Fli>\n\u003Cli>facebook\u003C\u002Fli>\n\u003Cli>flickr\u003C\u002Fli>\n\u003Cli>foursquare\u003C\u002Fli>\n\u003Cli>github\u003C\u002Fli>\n\u003Cli>google-plus\u003C\u002Fli>\n\u003Cli>instagram\u003C\u002Fli>\n\u003Cli>lastfm\u003C\u002Fli>\n\u003Cli>linkedin\u003C\u002Fli>\n\u003Cli>medium\u003C\u002Fli>\n\u003Cli>mixcloud\u003C\u002Fli>\n\u003Cli>odnoklassniki\u003C\u002Fli>\n\u003Cli>quora\u003C\u002Fli>\n\u003Cli>skype\u003C\u002Fli>\n\u003Cli>slideshare\u003C\u002Fli>\n\u003Cli>soundcloud\u003C\u002Fli>\n\u003Cli>spotify\u003C\u002Fli>\n\u003Cli>tumblr\u003C\u002Fli>\n\u003Cli>twitter\u003C\u002Fli>\n\u003Cli>vimeo\u003C\u002Fli>\n\u003Cli>vk\u003C\u002Fli>\n\u003Cli>wordpress\u003C\u002Fli>\n\u003Cli>youtube\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Based on Font Awesome (http:\u002F\u002Ffontawesome.io),  font is licensed under SIL OFL 1.1.(http:\u002F\u002Fscripts.sil.org\u002FOFL), css file is licensed under MIT License (http:\u002F\u002Fopensource.org\u002Flicenses\u002Fmit-license.html)\u003C\u002Fli>\n\u003C\u002Ful>\n","Social follow links shortcode. Built on FontAwesome icons.  30 social networks supported: 500px, behance, bitbucket, delicious, deviantart, digg, drib &hellip;",40,3655,0,"2016-11-05T20:39:00.000Z","4.7.32","4.0","",[19,20,21,22,23],"follow-links","social","social-bookmarks","social-links","social-networking","http:\u002F\u002Fawothemes.pro\u002Fplugins\u002Fsocial-media-engine","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsocial-media-engine.1.0.2.zip",64,1,"2025-01-14 00:00:00","2026-03-15T15:16:48.613Z",[31],{"id":32,"url_slug":33,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":36,"severity":38,"cvss_score":39,"cvss_vector":40,"vuln_type":41,"published_date":28,"updated_date":42,"references":43,"days_to_patch":36},"CVE-2025-22749","social-media-engine-authenticated-contributor-stored-cross-site-scripting","Social Media Engine \u003C= 1.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting","The Social Media Engine plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.0.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",null,"\u003C=1.0.2","medium",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-01-22 20:32:28",[44],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fe413fbfd-fc09-4b84-a8b9-231434e0681b?source=api-prod",{"slug":46,"display_name":7,"profile_url":8,"plugin_count":27,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":47,"trust_score":48,"computed_at":49},"kvasnyi",30,69,"2026-04-04T15:23:16.770Z",[51,71,92,113,132],{"slug":52,"name":53,"version":54,"author":55,"author_profile":56,"description":57,"short_description":58,"active_installs":59,"downloaded":60,"rating":61,"num_ratings":62,"last_updated":63,"tested_up_to":64,"requires_at_least":65,"requires_php":66,"tags":67,"homepage":68,"download_link":69,"security_score":70,"vuln_count":13,"unpatched_count":13,"last_vuln_date":36,"fetched_at":29},"the-social-links","The Social Links","2.0.5","seagyn","https:\u002F\u002Fprofiles.wordpress.org\u002Fseags\u002F","\u003Cp>\u003Cstrong>Note: Development for The Social Links happens on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fflickerleap\u002Fthe-social-links\" rel=\"nofollow ugc\">Github\u003C\u002Fa>. Please submit an issue there.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The Social Links plugin adds a widget and shortcode to your WordPress website allowing you to display icons linking to your social profiles. The new version includes the following social networks:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Telegram\u003C\u002Fli>\n\u003Cli>Google+\u003C\u002Fli>\n\u003Cli>Facebook\u003C\u002Fli>\n\u003Cli>Twitter\u003C\u002Fli>\n\u003Cli>Linkedin\u003C\u002Fli>\n\u003Cli>YouTube\u003C\u002Fli>\n\u003Cli>Instagram\u003C\u002Fli>\n\u003Cli>Pinterest\u003C\u002Fli>\n\u003Cli>Behance\u003C\u002Fli>\n\u003Cli>Bitcoin\u003C\u002Fli>\n\u003Cli>Delicious\u003C\u002Fli>\n\u003Cli>DeviantArt\u003C\u002Fli>\n\u003Cli>Digg\u003C\u002Fli>\n\u003Cli>Dribble\u003C\u002Fli>\n\u003Cli>Flickr\u003C\u002Fli>\n\u003Cli>Foursquare\u003C\u002Fli>\n\u003Cli>GitHub\u003C\u002Fli>\n\u003Cli>LastFM\u003C\u002Fli>\n\u003Cli>Medium\u003C\u002Fli>\n\u003Cli>Skype\u003C\u002Fli>\n\u003Cli>Soundcloud\u003C\u002Fli>\n\u003Cli>Spotify\u003C\u002Fli>\n\u003Cli>Tumblr\u003C\u002Fli>\n\u003Cli>Vine\u003C\u002Fli>\n\u003Cli>WordPress\u003C\u002Fli>\n\u003Cli>Telegram\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>We’ve also added support for a \u003Cstrong>shortcode\u003C\u002Fstrong> (\u003Ccode>[the-social-links]\u003C\u002Fcode>) for use in WordPress posts and pages and a \u003Cstrong>custom template tag\u003C\u002Fstrong> (\u003Ccode>\u003C?php the_social_links();?>\u003C\u002Fcode>) for use in template files.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>The Social Links is translation ready!\u003C\u002Fstrong>\u003C\u002Fp>\n","The Social Links plugin adds a widget and shortcode to your WordPress website allowing you to display icons linking to your social profiles.",2000,138326,88,7,"2021-11-09T21:20:00.000Z","5.8.13","4.2","5.6",[20,21,22,23],"https:\u002F\u002Fgithub.com\u002Fseagyn\u002Fthe-social-links","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fthe-social-links.2.0.5.zip",85,{"slug":72,"name":73,"version":74,"author":75,"author_profile":76,"description":77,"short_description":78,"active_installs":79,"downloaded":80,"rating":81,"num_ratings":82,"last_updated":83,"tested_up_to":84,"requires_at_least":85,"requires_php":17,"tags":86,"homepage":90,"download_link":91,"security_score":70,"vuln_count":13,"unpatched_count":13,"last_vuln_date":36,"fetched_at":29},"wpsocialite","WPSocialite","2.4.1","Tom Morton","https:\u002F\u002Fprofiles.wordpress.org\u002Ftm3909\u002F","\u003Cp>No one likes long load times, but we all want to be able to share our content via Facebook, Twitter, and other social networks. These take a long time to load. Paradox? Not anymore! With WPSocialite (utilizing David Bushell’s amazing SocialiteJS plugin [http:\u002F\u002Fwww.socialitejs.com\u002F]) we can manage the loading process of our social sharing links. Load them on hover, on page scroll, and more!\u003C\u002Fp>\n\u003Ch4>Template Tag\u003C\u002Fh4>\n\u003Cpre>\u003Ccode>\u003C?php\n$args = array(\n    'size' => 'large', \u002F\u002Fchoose which size buttons to display.\n    'url' => 'http:\u002F\u002Fgoogle.com', \u002F\u002Fuse this to override the url that is sent to WPSocialite. Not recommended to use in loop.\n    'button_override' => 'facebook,twitter-share,twitter-follow,pinterest,linkedin,gplus,stumbleupon' \u002F\u002Fused to override buttons that are displayed. Add and remove as needed.\n);\nwpsocialite_markup( $args ); ?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Shortcode\u003C\u002Fh4>\n\u003Cpre>\u003Ccode>[wpsocialite size=\"small\" url=\"http:\u002F\u002Fgoogle.com\" button_override=\"facebook,twitter-share,twitter-follow,pinterest,linkedin,gplus,stumbleupon\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Long page loads aren't fun for anyone. Use WPSocialite to take control of heavy social sharing links and load them how you want!",300,39445,94,21,"2013-10-10T13:35:00.000Z","3.6.1","3.0",[87,88,89,22,23],"lazy-loading","lazy-loading-social-links","sharing-links","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fwpsocialite\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpsocialite.zip",{"slug":93,"name":94,"version":95,"author":96,"author_profile":97,"description":98,"short_description":99,"active_installs":100,"downloaded":101,"rating":102,"num_ratings":103,"last_updated":104,"tested_up_to":105,"requires_at_least":16,"requires_php":106,"tags":107,"homepage":110,"download_link":111,"security_score":112,"vuln_count":13,"unpatched_count":13,"last_vuln_date":36,"fetched_at":29},"simple-social-icons","Simple Social Icons","4.0.0","OsomPress","https:\u002F\u002Fprofiles.wordpress.org\u002Fosompress\u002F","\u003Cp>Simple Social Icons is an easy to use, customizable way to display icons that link visitors to your various social profiles. You can choose which profiles to link to, customize the color and size of your icons, and align them to the left, center, or right.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Two Ways to Use Social Icons:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>\u003Cstrong>Widget (WordPress 4.0+):\u003C\u002Fstrong> The traditional widget works on all supported WordPress versions. Simply drag the “Simple Social Icons” widget into any widget area and configure it from the widget form. All available icons are accessible through the widget.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Block Variations (WordPress 6.9+):\u003C\u002Fstrong> On WordPress 6.9+, this plugin extends the core Social Icons block with additional icon variations. These icons automatically appear when adding a Social Icons block in the block editor. Block variations only add icons that are not already available in WordPress core, so you get the best of both worlds: core icons plus these additional options.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>\u003Cstrong>Important:\u003C\u002Fstrong> If you’re currently using the widget, nothing changes for you. The widget continues to work exactly as before on all WordPress versions. Block variations are an additional feature that only activates on WordPress 6.9+ and doesn’t affect existing widget functionality.\u003C\u002Fp>\n\u003Cp>*Note: The simple_social_default_glyphs filter has been deprecated from this plugin.\u003C\u002Fp>\n","This plugin provides two ways to display social icons: a traditional widget (available on all WordPress versions) and block variations for the core So &hellip;",100000,3241683,86,91,"2025-12-16T12:19:00.000Z","6.9.4","7.4",[108,23,109],"social-media","social-profiles","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsimple-social-icons\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-social-icons.4.0.0.zip",100,{"slug":114,"name":115,"version":116,"author":117,"author_profile":118,"description":119,"short_description":120,"active_installs":121,"downloaded":122,"rating":81,"num_ratings":123,"last_updated":124,"tested_up_to":125,"requires_at_least":126,"requires_php":17,"tags":127,"homepage":130,"download_link":131,"security_score":70,"vuln_count":13,"unpatched_count":13,"last_vuln_date":36,"fetched_at":29},"lightweight-social-icons","Lightweight Social Icons","1.1","Tom","https:\u002F\u002Fprofiles.wordpress.org\u002Fedge22\u002F","\u003Cp>Lightweight Social Icons is an easy to use, lightweight social icon widget which lets you display your favorite social profile icons.\u003C\u002Fp>\n\u003Cp>The icons use an icon font, meaning you can choose the size, border radius (roundess), color and hover color of your icons!\u003C\u002Fp>\n\u003Cp>Check out GeneratePress, our awesome WordPress theme! (https:\u002F\u002Fwordpress.org\u002Fthemes\u002Fgeneratepress)\u003C\u002Fp>\n\u003Ch4>Features include:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Choose your own order\u003C\u002Fli>\n\u003Cli>Icon size\u003C\u002Fli>\n\u003Cli>Border radius\u003C\u002Fli>\n\u003Cli>Background color\u003C\u002Fli>\n\u003Cli>Text\u002Ficon color\u003C\u002Fli>\n\u003Cli>Background color on hover\u003C\u002Fli>\n\u003Cli>Text\u002Ficon color on hover\u003C\u002Fli>\n\u003Cli>Open links in new window\u003C\u002Fli>\n\u003Cli>Enable\u002Fdisable tooltips\u003C\u002Fli>\n\u003Cli>Alignment of icons\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Included icons:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Facebook\u003C\u002Fli>\n\u003Cli>Twitter\u003C\u002Fli>\n\u003Cli>Google+\u003C\u002Fli>\n\u003Cli>Instagram\u003C\u002Fli>\n\u003Cli>LinkedIn\u003C\u002Fli>\n\u003Cli>Pinterest\u003C\u002Fli>\n\u003Cli>Flickr\u003C\u002Fli>\n\u003Cli>Email\u003C\u002Fli>\n\u003Cli>RSS\u003C\u002Fli>\n\u003Cli>Stumbleupon\u003C\u002Fli>\n\u003Cli>Tumblr\u003C\u002Fli>\n\u003Cli>Vimeo\u003C\u002Fli>\n\u003Cli>YouTube\u003C\u002Fli>\n\u003Cli>Github\u003C\u002Fli>\n\u003Cli>Soundcloud\u003C\u002Fli>\n\u003Cli>DeviantArt\u003C\u002Fli>\n\u003Cli>Phone\u003C\u002Fli>\n\u003Cli>Skype\u003C\u002Fli>\n\u003Cli>Dribbble\u003C\u002Fli>\n\u003Cli>Foursquare\u003C\u002Fli>\n\u003Cli>Reddit\u003C\u002Fli>\n\u003Cli>Spotify\u003C\u002Fli>\n\u003Cli>Digg\u003C\u002Fli>\n\u003Cli>Vine\u003C\u002Fli>\n\u003Cli>Codepen\u003C\u002Fli>\n\u003Cli>Delicious\u003C\u002Fli>\n\u003Cli>JSFiddle\u003C\u002Fli>\n\u003Cli>Stack Overflow\u003C\u002Fli>\n\u003Cli>WordPress\u003C\u002Fli>\n\u003Cli>Dropbox\u003C\u002Fli>\n\u003Cli>Steam\u003C\u002Fli>\n\u003Cli>Behance\u003C\u002Fli>\n\u003Cli>iTunes\u003C\u002Fli>\n\u003Cli>Yelp\u003C\u002Fli>\n\u003Cli>500px\u003C\u002Fli>\n\u003Cli>AngelList\u003C\u002Fli>\n\u003Cli>Blog Lovin’\u003C\u002Fli>\n\u003Cli>Paper Plane (Newsletter)\u003C\u002Fli>\n\u003Cli>VK\u003C\u002Fli>\n\u003Cli>Xing\u003C\u002Fli>\n\u003Cli>Bandcamp\u003C\u002Fli>\n\u003Cli>BitBucket\u003C\u002Fli>\n\u003Cli>Snapchat\u003C\u002Fli>\n\u003Cli>Trip Advisor\u003C\u002Fli>\n\u003Cli>Houzz\u003C\u002Fli>\n\u003Cli>Mixcloud\u003C\u002Fli>\n\u003Cli>Last.fm\u003C\u002Fli>\n\u003C\u002Ful>\n","Looking to add simple social icons to your widget areas? Choose the size and color of your icons, and then choose from 47 different social profiles.",30000,464772,63,"2020-03-18T17:14:00.000Z","5.4.19","4.5",[128,129,108,23,109],"social-icon-widget","social-icons","http:\u002F\u002Fgeneratepress.com\u002Flightweight-social-icons","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flightweight-social-icons.1.1.zip",{"slug":133,"name":134,"version":135,"author":136,"author_profile":137,"description":138,"short_description":139,"active_installs":140,"downloaded":141,"rating":142,"num_ratings":143,"last_updated":144,"tested_up_to":105,"requires_at_least":16,"requires_php":145,"tags":146,"homepage":151,"download_link":152,"security_score":153,"vuln_count":154,"unpatched_count":13,"last_vuln_date":155,"fetched_at":29},"powerkit","Powerkit – Supercharge your WordPress Site","3.0.4","codesupplyco","https:\u002F\u002Fprofiles.wordpress.org\u002Fcodesupplyco\u002F","\u003Cp>We’ve been developing \u003Ca href=\"https:\u002F\u002Fcodesupply.co\" rel=\"nofollow ugc\">premium WordPress themes\u003C\u002Fa> for a few years and have always been lacking essentials things in the WordPress core.\u003C\u002Fp>\n\u003Cp>There’re numerous plugins in the WordPress repository, however if you install them all, there’s inconsistency in their backend and frontend styles and possible plugin conflicts.\u003C\u002Fp>\n\u003Cp>That’s why we created Powerkit, essentials components for every WordPress blog or magazine.\u003C\u002Fp>\n\u003Cp>Components have modular structure and can be enabled or disabled with a single click. They have been thoroughly tested and play well together.\u003C\u002Fp>\n\u003Ch3>Social Integrations\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Share Buttons\u003C\u002Fli>\n\u003Cli>Social Links\u003C\u002Fli>\n\u003Cli>Facebook Integration\u003C\u002Fli>\n\u003Cli>Pinterest Integration\u003C\u002Fli>\n\u003Cli>Twitter Integration\u003C\u002Fli>\n\u003Cli>Instagram Integration\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Marketing\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Opt-In Forms\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Content Presentation\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Basic Shortcodes\u003C\u002Fli>\n\u003Cli>Justified Gallery\u003C\u002Fli>\n\u003Cli>Slider Gallery\u003C\u002Fli>\n\u003Cli>Lightbox\u003C\u002Fli>\n\u003Cli>Typekit Fonts\u003C\u002Fli>\n\u003Cli>Custom Fonts\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Image Optimization\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Retina Images\u003C\u002Fli>\n\u003Cli>Lazyload\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Utilities\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Contributors Widget\u003C\u002Fli>\n\u003Cli>Author Widget\u003C\u002Fli>\n\u003Cli>Featured Posts Widget\u003C\u002Fli>\n\u003Cli>Scroll To Top Button\u003C\u002Fli>\n\u003C\u002Ful>\n","Essential components for every WordPress site: share buttons, social links, social media integrations, galleries, lazyload, custom widgets, and more.",20000,876126,90,14,"2025-12-03T14:00:00.000Z","5.4",[147,148,149,150,22],"gallery","lazyload","share-buttons","slider","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpowerkit\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpowerkit.3.0.4.zip",98,2,"2024-04-05 00:00:00",{"attackSurface":157,"codeSignals":173,"taintFlows":248,"riskAssessment":249,"analyzedAt":262},{"hooks":158,"ajaxHandlers":165,"restRoutes":166,"shortcodes":167,"cronEvents":172,"entryPointCount":27,"unprotectedCount":13},[159],{"type":160,"name":161,"callback":162,"file":163,"line":164},"action","wp_enqueue_scripts","sme_scripts","social-media-engine.php",38,[],[],[168],{"tag":169,"callback":170,"file":163,"line":171},"sme_social_links","sme_social_links_function",245,[],{"dangerousFunctions":174,"sqlUsage":175,"outputEscaping":177,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":247},[],{"prepared":13,"raw":13,"locations":176},[],{"escaped":13,"rawEcho":178,"locations":179},33,[180,183,185,187,189,191,193,195,197,199,201,203,205,207,209,211,213,215,217,219,221,223,225,227,229,231,233,235,237,239,241,243,245],{"file":163,"line":181,"context":182},101,"raw output",{"file":163,"line":184,"context":182},106,{"file":163,"line":186,"context":182},110,{"file":163,"line":188,"context":182},114,{"file":163,"line":190,"context":182},118,{"file":163,"line":192,"context":182},122,{"file":163,"line":194,"context":182},126,{"file":163,"line":196,"context":182},130,{"file":163,"line":198,"context":182},134,{"file":163,"line":200,"context":182},138,{"file":163,"line":202,"context":182},142,{"file":163,"line":204,"context":182},146,{"file":163,"line":206,"context":182},150,{"file":163,"line":208,"context":182},154,{"file":163,"line":210,"context":182},158,{"file":163,"line":212,"context":182},162,{"file":163,"line":214,"context":182},166,{"file":163,"line":216,"context":182},170,{"file":163,"line":218,"context":182},174,{"file":163,"line":220,"context":182},178,{"file":163,"line":222,"context":182},182,{"file":163,"line":224,"context":182},186,{"file":163,"line":226,"context":182},190,{"file":163,"line":228,"context":182},194,{"file":163,"line":230,"context":182},198,{"file":163,"line":232,"context":182},202,{"file":163,"line":234,"context":182},206,{"file":163,"line":236,"context":182},210,{"file":163,"line":238,"context":182},214,{"file":163,"line":240,"context":182},218,{"file":163,"line":242,"context":182},222,{"file":163,"line":244,"context":182},226,{"file":163,"line":246,"context":182},230,[],[],{"summary":250,"deductions":251},"The \"social-media-engine\" plugin v1.0.2 exhibits a mixed security posture. While the static analysis reveals no directly exploitable attack vectors through AJAX or REST API endpoints, and all SQL queries use prepared statements, significant concerns arise from the complete lack of output escaping. This indicates a high probability of Cross-Site Scripting (XSS) vulnerabilities, where user-supplied input could be injected and executed within the browser. The absence of nonce checks and capability checks on the single identified shortcode entry point further exacerbates this risk, as it implies that actions triggered by the shortcode might not be properly authorized or protected against CSRF attacks.\n\nThe vulnerability history shows a known medium severity vulnerability of the Cross-Site Scripting type, which aligns with the concerns raised by the static analysis regarding output escaping. The fact that this vulnerability is currently unpatched is a critical red flag, indicating an immediate risk to users of this plugin. The consistent pattern of XSS vulnerabilities suggests a recurring lack of secure coding practices in handling user input and rendering output within the plugin.\n\nIn conclusion, while the plugin avoids some common pitfalls like raw SQL queries and a broad attack surface, the critical issues of unescaped output and an unpatched XSS vulnerability present a substantial security risk. The absence of essential security checks like nonces and capability checks on its entry point further weakens its security posture. Users should exercise extreme caution and consider updating to a patched version if available, or otherwise avoid using this plugin until these critical issues are addressed.",[252,255,257,260],{"reason":253,"points":254},"Unpatched medium CVE (XSS)",15,{"reason":256,"points":254},"0% proper output escaping",{"reason":258,"points":259},"0 Nonce checks",10,{"reason":261,"points":259},"0 Capability checks","2026-03-16T22:09:39.664Z",{"wat":264,"direct":271},{"assetPaths":265,"generatorPatterns":268,"scriptPaths":269,"versionParams":270},[266,267],"\u002Fwp-content\u002Fplugins\u002Fsocial-media-engine\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fsocial-media-engine\u002Ffont-awesome\u002Fcss\u002Ffont-awesome.css",[],[],[],{"cssClasses":272,"htmlComments":274,"htmlAttributes":275,"restEndpoints":276,"jsGlobals":277,"shortcodeOutput":278},[273],"sme-social-follow",[],[],[],[],[279,280,281,282,283,284,285,286,287,288,289,290,291,292,293,294,295,296,297,298,299,300,301,302,303,304,305,306,307,308,309,310,311,312],"\u003Cdiv class=\"sme-social-follow","\u003Cli>\u003Ca href=","\u003Ci class=\"fa fa-500px\">\u003C\u002Fi>","\u003Ci class=\"fa fa-behance\">\u003C\u002Fi>","\u003Ci class=\"fa fa-bitbucket\">\u003C\u002Fi>","\u003Ci class=\"fa fa-delicious\">\u003C\u002Fi>","\u003Ci class=\"fa fa-deviantart\">\u003C\u002Fi>","\u003Ci class=\"fa fa-digg\">\u003C\u002Fi>","\u003Ci class=\"fa fa-dribbble\">\u003C\u002Fi>","\u003Ci class=\"fa fa-etsy\">\u003C\u002Fi>","\u003Ci class=\"fa fa-facebook\">\u003C\u002Fi>","\u003Ci class=\"fa fa-flickr\">\u003C\u002Fi>","\u003Ci class=\"fa fa-foursquare\">\u003C\u002Fi>","\u003Ci class=\"fa fa-github\">\u003C\u002Fi>","\u003Ci class=\"fa fa-google-plus\">\u003C\u002Fi>","\u003Ci class=\"fa fa-instagram\">\u003C\u002Fi>","\u003Ci class=\"fa fa-lastfm\">\u003C\u002Fi>","\u003Ci class=\"fa fa-linkedin\">\u003C\u002Fi>","\u003Ci class=\"fa fa-medium\">\u003C\u002Fi>","\u003Ci class=\"fa fa-mixcloud\">\u003C\u002Fi>","\u003Ci class=\"fa fa-odnoklassniki\">\u003C\u002Fi>","\u003Ci class=\"fa fa-pinterest\">\u003C\u002Fi>","\u003Ci class=\"fa fa-quora\">\u003C\u002Fi>","\u003Ci class=\"fa fa-reddit\">\u003C\u002Fi>","\u003Ci class=\"fa fa-skype\">\u003C\u002Fi>","\u003Ci class=\"fa fa-slideshare\">\u003C\u002Fi>","\u003Ci class=\"fa fa-soundcloud\">\u003C\u002Fi>","\u003Ci class=\"fa fa-spotify\">\u003C\u002Fi>","\u003Ci class=\"fa fa-tumblr\">\u003C\u002Fi>","\u003Ci class=\"fa fa-twitter\">\u003C\u002Fi>","\u003Ci class=\"fa fa-vimeo\">\u003C\u002Fi>","\u003Ci class=\"fa fa-vk\">\u003C\u002Fi>","\u003Ci class=\"fa fa-wordpress\">\u003C\u002Fi>","\u003Ci class=\"fa fa-youtube\">\u003C\u002Fi>"]