[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f2qR74qT_wLPEW4g5JgEGmT4OMYOXtj6SkKlXcKhRZvw":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":35,"analysis":116,"fingerprints":213},"subscribers-count","Subscribers Count","1.0","hyptos","https:\u002F\u002Fprofiles.wordpress.org\u002Fhyptos\u002F","\u003Cp>Subscriber count show up the number of members of your community.\u003C\u002Fp>\n","Subscriber count show up the number of members of your community.",10,3814,0,"2012-03-14T11:10:00.000Z","3.3.2","3.0","",[19,20,21,22,23],"count","facebook","rss","subscriber","twitter","http:\u002F\u002Fwww.techpaf.fr\u002Fsubscriber-count\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsubscribers-count.1.4.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},1,30,84,"2026-04-04T17:13:21.827Z",[36,55,65,83,99],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":46,"num_ratings":31,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":17,"tags":50,"homepage":53,"download_link":54,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"social-counter-widget","Social Counter Widget","0.8.1","d3wp","https:\u002F\u002Fprofiles.wordpress.org\u002Fd3wp\u002F","\u003Cp>This widget will display your RSS subscribers, Twitter followers and Facebook fans in one nice looking box. Please take a look at the screenshot.\u003C\u002Fp>\n\u003Ch3>Feedback\u003C\u002Fh3>\n\u003Cp>http:\u002F\u002Fwww.webdev3000.com\u002Fsocial-counter-widget\u002F\u003C\u002Fp>\n","This widget will display your RSS subscribers, Twitter followers and Facebook fans in one nice looking box.",20,11061,100,"2011-12-26T15:33:00.000Z","3.1.4","2.0.2",[20,21,51,52,23],"social-counter","social-widget","http:\u002F\u002Fwww.webdev3000.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsocial-counter-widget.0.8.1.zip",{"slug":56,"name":57,"version":58,"author":40,"author_profile":41,"description":59,"short_description":60,"active_installs":11,"downloaded":61,"rating":13,"num_ratings":13,"last_updated":62,"tested_up_to":48,"requires_at_least":49,"requires_php":17,"tags":63,"homepage":53,"download_link":64,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"total-social-counter","Total Social Counter","0.8.0","\u003Cp>This widget combines the number of your RSS readers, twitter followers, and fans of your facebook fan page, to give an estimate of your social popularity.\u003Cbr \u002F>\nTipTip jQuery plugin is used to show nice looking tooltips with count for every particular social network. Credit goes to Martin Angelov from Tutorialzine.com\u003C\u002Fp>\n\u003Ch3>Feedback\u003C\u002Fh3>\n\u003Cp>http:\u002F\u002Fwww.webdev3000.com\u002Ftotal-social-counter-widget\u002F\u003C\u002Fp>\n","This widget combines the number of your RSS readers, twitter followers, and fans of your facebook fan page.",4458,"2011-12-12T17:55:00.000Z",[20,21,51,52,23],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftotal-social-counter.0.8.0.zip",{"slug":66,"name":67,"version":68,"author":69,"author_profile":70,"description":71,"short_description":72,"active_installs":44,"downloaded":73,"rating":13,"num_ratings":13,"last_updated":74,"tested_up_to":75,"requires_at_least":76,"requires_php":17,"tags":77,"homepage":81,"download_link":82,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"social-counters","Social Counters","2.2.9","mortay","https:\u002F\u002Fprofiles.wordpress.org\u002Fmortay\u002F","\u003Cp>It allows to place counters and social sharing links to the most popular social networks like Menéame, Twitter, Facebook, Google Buzz, Tuenti or Bitacoras.com.\u003C\u002Fp>\n\u003Cp>It also has WordPress actions (add_action) and filters (add_filter) allowing to select the social sharing links we want to show.\u003C\u002Fp>\n\u003Cp>The available functions are:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Ccode>the_social_counters( $counters = array() )\u003C\u002Fcode>: Displays selected social counters.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>$counters\u003C\u002Fcode>: Array with list of social counters to view, by default \u003Ccode>bitacoras,tuenti,google-buzz,meneame,twitter,facebook\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ccode>the_social_counters__get ( $counters = array() )\u003C\u002Fcode>: Returns the selected social counters.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>$counters\u003C\u002Fcode>: Array with list of social counters to view, by default \u003Ccode>bitacoras,tuenti,google-buzz,meneame,twitter,facebook\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ccode>social_counter( $social_counter = '', $postparam = false, $linked = true )\u003C\u002Fcode>: Displays a particular social counter\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>$social_counter\u003C\u002Fcode>: Name of social counter, by default the options are \u003Ccode>bitacoras,tuenti,google-buzz,meneame,twitter,facebook\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>$postparam\u003C\u002Fcode>: $post object to get the counter, by default system use global $post;\u003C\u002Fli>\n\u003Cli>\u003Ccode>$linked\u003C\u002Fcode>: Simple option to de-activate link.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ccode>social_counter__get( $social_counter = '', $postparam = false, $linked = true )\u003C\u002Fcode>: Returns a particular social counter\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>$social_counter\u003C\u002Fcode>: Name of social counter, by default the options are \u003Ccode>bitacoras,tuenti,google-buzz,meneame,twitter,facebook\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>$postparam\u003C\u002Fcode>: \u003Ccode>$post\u003C\u002Fcode> object to get the counter, by default system uses global \u003Ccode>$post\u003C\u002Fcode> var.\u003C\u002Fli>\n\u003Cli>\u003Ccode>$linked\u003C\u002Fcode>: Simple option to de-activate link.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>It’s also possible to define two constants in ‘wp-config.php’…\u003C\u002Fp>\n\u003Cul>\n\u003Cli>SOCIAL_COUNTER__LOAD_CSS: If we define this constant as \u003Ccode>false\u003C\u002Fcode>, the plugin will not load the default style.\u003C\u002Fli>\n\u003Cli>SOCIAL_COUNTER__LOAD_CSS_SMALL: If we define this constanta as \u003Ccode>true\u003C\u002Fcode>, the plugin will load de small icons.\u003C\u002Fli>\n\u003Cli>SOCIAL_COUNTER__TWITTER_USER: The twitter sharing link includes this username with the RT link.\u003C\u002Fli>\n\u003C\u002Ful>\n","It allows to place counters and social sharing links to the most popular social networks like Menéame, Twitter, Facebook, Google Buzz, Tuenti or Bitac &hellip;",13244,"2016-03-29T12:00:00.000Z","4.4.34","2.9",[78,20,79,80,23],"counter","social","social-bookmarking","http:\u002F\u002Fblogestudio.com\u002Fplugin\u002Fsocial-counters\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsocial-counters.2.2.9.zip",{"slug":84,"name":85,"version":86,"author":87,"author_profile":88,"description":89,"short_description":90,"active_installs":11,"downloaded":91,"rating":13,"num_ratings":13,"last_updated":92,"tested_up_to":93,"requires_at_least":16,"requires_php":17,"tags":94,"homepage":97,"download_link":98,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"lh-posse","LH Posse","1.03","shawfactor","https:\u002F\u002Fprofiles.wordpress.org\u002Fshawfactor\u002F","\u003Cp>Once activated the plugin adds three new feeds:\u003C\u002Fp>\n\u003Cp>To assist in this synidication LH-posse also:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>A Facebook optimised feed of your posts: eg http:\u002F\u002Flhero.org\u002F?feed=lh-posse-fb.\u003C\u002Fli>\n\u003Cli>A twitter optimised feed of your posts: eg http:\u002F\u002Flhero.org\u002F?feed=lh-posse-tw\u003C\u002Fli>\n\u003Cli>A general feed of your attachments: eg http:\u002F\u002Flhero.org\u002F?feed=lh-posse-attach\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>All feeds are built to work with post formats so the message output that is avaialable for each social network (or other location) is tailored for thta social network and adjusted based on the post format used.\u003C\u002Fp>\n\u003Cp>It has been developed for use in \u003Ca href=\"http:\u002F\u002Flocalhero.biz\u002F\" rel=\"nofollow ugc\">LocalHero\u003C\u002Fa>.\u003C\u002Fp>\n","A flexible way to syndicate your content to Facebook, Twitter, or anywhere via IFTTT using customised feeds.",1837,"2017-12-16T00:39:00.000Z","4.9.29",[20,95,96,21,23],"feed","feeds","https:\u002F\u002Flhero.org\u002Fplugins\u002Flh-posse\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flh-posse.zip",{"slug":100,"name":101,"version":6,"author":102,"author_profile":103,"description":104,"short_description":105,"active_installs":11,"downloaded":106,"rating":46,"num_ratings":107,"last_updated":108,"tested_up_to":109,"requires_at_least":16,"requires_php":17,"tags":110,"homepage":114,"download_link":115,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"word-count-and-social-shares","Word Count and Social Shares","DEJAN","https:\u002F\u002Fprofiles.wordpress.org\u002Fdejan-seo\u002F","\u003Cp>This WordPress plugin will work as part of wp-admin and report on correlation between word count and social shares. The objective is to determine optimal post length to ensure most social shares.\u003C\u002Fp>\n\u003Cp>Social Platform:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Twitter\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Google+\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Facebook\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>LinkedIn\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>CSV Export\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Display Diagram\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Limit report by date range\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Total words on the blog (or date range)\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Individual post word count (sortable table of posts, word counts, social shares)\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Average post length\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","This Wordpress plugin will work as part of wp-admin and report on correlation between word count and social shares.",4296,2,"2015-05-18T10:36:00.000Z","3.5.2",[20,111,112,23,113],"google","social-shares","word-count","dejanseo.com.au","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fword-count-and-social-shares.1.0.zip",{"attackSurface":117,"codeSignals":143,"taintFlows":172,"riskAssessment":199,"analyzedAt":212},{"hooks":118,"ajaxHandlers":139,"restRoutes":140,"shortcodes":141,"cronEvents":142,"entryPointCount":13,"unprotectedCount":13},[119,125,129,131,135],{"type":120,"name":121,"callback":122,"file":123,"line":124},"action","admin_menu","SubscribersCount_ap","subscriber_count.php",232,{"type":120,"name":126,"callback":127,"file":123,"line":128},"activate_Subscribers-count\u002FSubscribers-count.php","init",233,{"type":120,"name":126,"callback":127,"file":123,"line":130},234,{"type":120,"name":132,"callback":133,"file":123,"line":134},"widget","show_widget",235,{"type":120,"name":136,"callback":137,"file":123,"line":138},"wp_print_styles","enqueue_my_styles",236,[],[],[],[],{"dangerousFunctions":144,"sqlUsage":145,"outputEscaping":147,"fileOperations":170,"externalRequests":31,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":171},[],{"prepared":13,"raw":13,"locations":146},[],{"escaped":13,"rawEcho":148,"locations":149},9,[150,154,156,158,160,162,164,166,168],{"file":151,"line":152,"context":153},"includes\\subscriber_stats.class.php",120,"raw output",{"file":151,"line":155,"context":153},126,{"file":151,"line":157,"context":153},132,{"file":151,"line":159,"context":153},139,{"file":123,"line":161,"context":153},70,{"file":123,"line":163,"context":153},91,{"file":123,"line":165,"context":153},96,{"file":123,"line":167,"context":153},101,{"file":123,"line":169,"context":153},106,3,[],[173,190],{"entryPoint":174,"graph":175,"unsanitizedCount":31,"severity":189},"printAdminPage (subscriber_count.php:42)",{"nodes":176,"edges":186},[177,181],{"id":178,"type":179,"label":180,"file":123,"line":161},"n0","source","$_SERVER['REQUEST_URI']",{"id":182,"type":183,"label":184,"file":123,"line":161,"wp_function":185},"n1","sink","echo() [XSS]","echo",[187],{"from":178,"to":182,"sanitized":188},false,"medium",{"entryPoint":191,"graph":192,"unsanitizedCount":31,"severity":198},"\u003Csubscriber_count> (subscriber_count.php:0)",{"nodes":193,"edges":196},[194,195],{"id":178,"type":179,"label":180,"file":123,"line":161},{"id":182,"type":183,"label":184,"file":123,"line":161,"wp_function":185},[197],{"from":178,"to":182,"sanitized":188},"low",{"summary":200,"deductions":201},"The \"subscribers-count\" v1.0 plugin exhibits a mixed security posture, with some commendable practices alongside significant areas of concern.  On the positive side, the plugin has no recorded vulnerabilities (CVEs), no bundled libraries, and demonstrates a commitment to secure database interaction by using prepared statements for all SQL queries. The attack surface also appears to be zero, which is excellent from an entry point perspective.\n\nHowever, the static analysis reveals critical weaknesses.  A striking 100% of output is unescaped, posing a significant risk of Cross-Site Scripting (XSS) vulnerabilities.  The taint analysis indicates flows with unsanitized paths, suggesting potential for code injection or other vulnerabilities, even if currently assessed as low severity.  Furthermore, the complete lack of nonce checks and capability checks on the (albeit non-existent) entry points is a major oversight. While the attack surface is reported as zero, the presence of file operations and external HTTP requests without clear authentication or sanitization could still be exploited if an attacker can influence the input to these functions.\n\nThe vulnerability history being completely clean is a positive indicator, but it does not negate the risks identified in the static analysis.  The lack of past vulnerabilities might be due to the plugin's limited functionality or a lack of targeted analysis in the past. The plugin's strengths lie in its clean record and SQL hygiene, but the severe lack of output escaping and potential for unsanitized input flows demand immediate attention to mitigate significant security risks.",[202,205,207,210],{"reason":203,"points":204},"All output is unescaped",15,{"reason":206,"points":11},"Taint flows with unsanitized paths",{"reason":208,"points":209},"No nonce checks",5,{"reason":211,"points":209},"No capability checks","2026-03-17T01:01:49.526Z",{"wat":214,"direct":220},{"assetPaths":215,"generatorPatterns":217,"scriptPaths":218,"versionParams":219},[216],"\u002Fwp-content\u002Fplugins\u002Fsubscribers-count\u002Fcss\u002Fstyles.css",[],[],[],{"cssClasses":221,"htmlComments":223,"htmlAttributes":224,"restEndpoints":226,"jsGlobals":227,"shortcodeOutput":229},[222],"wrap",[],[225],"placeholder",[],[228],"_gaq",[]]