[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fncrRfRqVoWnp2FQztCG0ZHzf6P4AzhlSUvKhfH-nywE":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":78,"crawl_stats":38,"alternatives":86,"analysis":182,"fingerprints":427},"telegram-bot","Telegram Bot & Channel","4.1.1","Marco Milesi","https:\u002F\u002Fprofiles.wordpress.org\u002Fmilmor\u002F","\u003Cp>\u003Cstrong>Telegram Bot & Channel\u003C\u002Fstrong> is the all-in-one solution to connect your WordPress site with Telegram. Instantly broadcast posts, automate notifications, and create interactive bots for your audience. No coding required!\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n– 🤖 \u003Cstrong>Bot builder:\u003C\u002Fstrong> Create interactive autoresponders for users and groups\u003Cbr \u002F>\n– 📣 \u003Cstrong>Broadcast:\u003C\u002Fstrong> Send posts, pages, or custom messages to your channels, groups, and subscribers\u003Cbr \u002F>\n– 🔔 \u003Cstrong>Automated notifications:\u003C\u002Fstrong> Instantly notify your audience about new content\u003Cbr \u002F>\n– 🔗 \u003Cstrong>Zapier integration:\u003C\u002Fstrong> Connect Telegram with 400+ apps and automate your workflows\u003Cbr \u002F>\n– 🔐 \u003Cstrong>Secure:\u003C\u002Fstrong> All connections use Telegram WebHooks and require SSL for maximum security\u003Cbr \u002F>\n– 🛡️ \u003Cstrong>Modern UI:\u003C\u002Fstrong> Clean, user-friendly admin panels with stats, logs, and quick actions\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Why choose this plugin?\u003C\u002Fstrong>\u003Cbr \u002F>\n– 100% free and open source\u003Cbr \u002F>\n– No third-party servers: your data stays on your site\u003Cbr \u002F>\n– Easy setup: just add your bot token and go\u003Cbr \u002F>\n– Developer-friendly: extend with custom PHP actions and filters\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Bot & Broadcast:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Send posts, pages, or custom messages with flexible templates\u003Cbr \u002F>\n– Schedule broadcasts for future posts\u003Cbr \u002F>\n– Use custom keyboards and inline buttons for rich user interaction\u003Cbr \u002F>\n– Broadcast to users, groups, supergroups, and channels\u003Cbr \u002F>\n– Unlimited autoresponders and command triggers\u003Cbr \u002F>\n– View insights about your Telegram audience\u003Cbr \u002F>\n– Haversine algorithm for geo-targeted content\u003Cbr \u002F>\n– Create custom applications with command variables\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Zapier & Automation:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Connect Telegram to 400+ apps (RSS, Instagram, Google Sheets, and more)\u003Cbr \u002F>\n– Automate news, weather, social, and IoT notifications\u003Cbr \u002F>\n– Easy Zapier invite and setup\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Security & Privacy:\u003C\u002Fstrong>\u003Cbr \u002F>\n– All actions protected by WordPress nonces (CSRF protection)\u003Cbr \u002F>\n– Only supports secure Telegram WebHooks (SSL required)\u003Cbr \u002F>\n– No data sent to third-party servers (except optional Zapier integration)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Screenshots:\u003C\u002Fstrong>\u003Cbr \u002F>\n1. Modern dashboard with stats and recent activity\u003Cbr \u002F>\n2. Subscribers list\u003Cbr \u002F>\n3. Commands and autoresponders\u003Cbr \u002F>\n4. Zapier integration\u003Cbr \u002F>\n5. Plugin settings with tabs\u003Cbr \u002F>\n6. Dynamic replies and inline buttons\u003Cbr \u002F>\n7. Keyboard example\u003Cbr \u002F>\n8. Post broadcasting\u003Cbr \u002F>\n9. Native Gutenberg support\u003C\u002Fp>\n","Supercharge your WordPress site with Telegram! Broadcast posts, automate notifications, and build interactive bots for your users, groups, and channel …",600,82920,96,22,"2025-11-20T15:01:00.000Z","","4.6","7.0",[20,21,22,23,24],"bot","channel","group","newsletter","telegram","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftelegram-bot\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftelegram-bot.4.1.1.zip",95,3,0,"2025-11-24 16:29:12","2026-03-15T15:16:48.613Z",[33,48,64],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":6,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":30,"updated_date":44,"references":45,"days_to_patch":47},"CVE-2025-13068","telegram-bot-channel-unauthenticated-stored-cross-site-scripting-via-telegram-username","Telegram Bot & Channel \u003C= 4.1 - Unauthenticated Stored Cross-Site Scripting via Telegram Username","The Telegram Bot & Channel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Telegram username in all versions up to, and including, 4.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",null,"\u003C=4.1","high",7.2,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-11-25 04:38:02",[46],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Ffe4774ee-16f2-478f-92e3-8a7da7b30336?source=api-prod",1,{"id":49,"url_slug":50,"title":51,"description":52,"plugin_slug":4,"theme_slug":38,"affected_versions":53,"patched_in_version":54,"severity":55,"cvss_score":56,"cvss_vector":57,"vuln_type":58,"published_date":59,"updated_date":60,"references":61,"days_to_patch":63},"CVE-2024-38789","telegram-bot-channel-cross-site-request-forgery","Telegram Bot & Channel \u003C= 3.8.2 - Cross-Site Request Forgery","The Telegram Bot & Channel plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.8.2. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to perform an unauthorized action via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.","\u003C=3.8.2","4.0","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Cross-Site Request Forgery (CSRF)","2024-07-20 00:00:00","2025-05-29 20:01:08",[62],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F4e240c06-cc35-4f26-ae55-4dce60e5bec3?source=api-prod",314,{"id":65,"url_slug":66,"title":67,"description":68,"plugin_slug":4,"theme_slug":38,"affected_versions":69,"patched_in_version":70,"severity":55,"cvss_score":71,"cvss_vector":72,"vuln_type":43,"published_date":73,"updated_date":74,"references":75,"days_to_patch":77},"CVE-2023-34006","telegram-bot-channel-authenticated-administrator-stored-cross-site-scripting","Telegram Bot & Channel \u003C= 3.6.2 - Authenticated (Administrator+) Stored Cross-Site Scripting","The Telegram Bot & Channel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 3.6.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.","\u003C=3.6.2","3.6.3",4.4,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","2023-05-29 00:00:00","2024-01-22 19:56:02",[76],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F6eb099c3-f6f6-4d9c-a9c7-fa1b81ce082e?source=api-prod",239,{"slug":79,"display_name":7,"profile_url":8,"plugin_count":80,"total_installs":81,"avg_security_score":82,"avg_patch_time_days":83,"trust_score":84,"computed_at":85},"milmor",13,12590,97,280,77,"2026-04-04T06:45:26.384Z",[87,108,124,145,165],{"slug":88,"name":89,"version":90,"author":91,"author_profile":92,"description":93,"short_description":94,"active_installs":95,"downloaded":96,"rating":97,"num_ratings":98,"last_updated":99,"tested_up_to":100,"requires_at_least":101,"requires_php":102,"tags":103,"homepage":106,"download_link":107,"security_score":97,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"wptelegram","WP Telegram (Auto Post and Notifications)","4.2.15","WP Socio","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpsocio\u002F","\u003Cp>Integrate your WordPress site perfectly with Telegram with full control.\u003C\u002Fp>\n\u003Ch3>Modules\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>1. Post to Telegram\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>📝 Send posts automatically to Telegram when published or updated\u003C\u002Fli>\n\u003Cli>📢 You can send to a Telegram Channel, Group, Supergroup or private chat\u003C\u002Fli>\n\u003Cli>👥 Supports multiple Channels\u002Fchats\u003C\u002Fli>\n\u003Cli>🙂 Has Message Template composer with Emojis\u003C\u002Fli>\n\u003Cli>⏳ Supports Conditional logic inside Message Template\u003C\u002Fli>\n\u003Cli>🖼 Supports sending featured image along with the text\u003C\u002Fli>\n\u003Cli>🏞 You can choose to send only the Featured Image\u003C\u002Fli>\n\u003Cli>⏱ Supports scheduled (future) posts\u003C\u002Fli>\n\u003Cli>🕰 Messages can be delayed by a specific interval\u003C\u002Fli>\n\u003Cli>⬜️ You can add an Inline button for the post URL\u003C\u002Fli>\n\u003Cli>🛒 Supports WooCommerce products and other Custom Post Types\u003C\u002Fli>\n\u003Cli>✒️ Direct Support for sending Custom Fields\u003C\u002Fli>\n\u003Cli>🗃 You can send Custom Taxonomy Terms\u003C\u002Fli>\n\u003Cli>📋 You can select the post types to be sent\u003C\u002Fli>\n\u003Cli>⏲ You can choose when to send (New and\u002For existing posts)\u003C\u002Fli>\n\u003Cli>🎛 Make use of Custom Rules to filter posts by authors, categories, tags, post formats or custom taxonomy terms\u003C\u002Fli>\n\u003Cli>🎚 You can override the default settings on post edit page\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwptelegram.pro\" rel=\"nofollow ugc\">WP Telegram Pro\u003C\u002Fa> supports multiple channels based upon category\u002Ftag\u002Fauthor\u002Fpost type etc. and also supports unlimited Reaction buttons.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>2. Private Notifications\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>📧 Get your email notifications on Telegram\u003C\u002Fli>\n\u003Cli>🔔 Supports \u003Cstrong>WooCommerce\u003C\u002Fstrong> order notifications, \u003Cstrong>Contact Form 7\u003C\u002Fstrong> and other plugin notifications\u003C\u002Fli>\n\u003Cli>🔕 Allow users to receive their email notifications on Telegram\u003C\u002Fli>\n\u003Cli>🔐 Integrated with \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwptelegram-login\" rel=\"ugc\">WP Telegram Login\u003C\u002Fa> to let users connect their Telegram.\u003C\u002Fli>\n\u003Cli>🖊 Users can also enter their Telegram Chat ID manually on page\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>3. Proxy\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>🚫 If your host blocks Telegram, you can use this module\u003C\u002Fli>\n\u003Cli>✅ Bypass the ban on Telegram by making use of proxy\u003C\u002Fli>\n\u003Cli>🚀 Supports \u003Cstrong>Cloudflare worker as proxy\u003C\u002Fstrong> which supports file upload\u003C\u002Fli>\n\u003Cli>😍 Option to use custom \u003Cstrong>Google Script as proxy\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>❇️ Supports all proxies supported by PHP\u003C\u002Fli>\n\u003Cli>🔛 You can select Proxy type – HTTP, SOCKS4, SOCKS4A, SOCKS5, SOCKS5_HOSTNAME\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Excellent LIVE Support on Telegram\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Easy to install and set up for the admin\u003C\u002Fli>\n\u003Cli>Fully customizable with actions and filters\u003C\u002Fli>\n\u003Cli>Can be extended with custom code\u003C\u002Fli>\n\u003Cli>Translation ready\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Getting Started | Post to Telegram\u003C\u002Fh4>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Fm48V-gWz9-o?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch4>WooCommerce, CF7 etc. Notifications\u003C\u002Fh4>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FgVJCtwkorMA?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>Contribution\u003C\u002Fh3>\n\u003Cp>Development takes place in our \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwpsocio\u002Fwp-projects\" rel=\"nofollow ugc\">Github monorepo\u003C\u002Fa>, and all contributions welcome.\u003C\u002Fp>\n\u003Ch3>Excellent LIVE Support on Telegram\u003C\u002Fh3>\n\u003Ch4>Join the Chat\u003C\u002Fh4>\n\u003Cp>We have a public group on Telegram to provide help setting up the plugin, discuss issues, features, translations etc. Join \u003Ca href=\"https:\u002F\u002Ft.me\u002FWPTelegramChat\" rel=\"nofollow ugc\">@WPTelegramChat\u003C\u002Fa>\u003Cbr \u002F>\nFor rules, see the pinned message. No spam please.\u003C\u002Fp>\n\u003Ch4>Get in touch\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Website \u003Ca href=\"https:\u002F\u002Fwpsocio.com\" rel=\"nofollow ugc\">wpsocio.com\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Telegram \u003Ca href=\"https:\u002F\u002Ft.me\u002FWPTelegram\" rel=\"nofollow ugc\">@WPTelegram\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Facebook \u003Ca href=\"https:\u002F\u002Ffb.com\u002FWPTelegram\" rel=\"nofollow ugc\">@WPTelegram\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Twitter \u003Ca href=\"https:\u002F\u002Ftwitter.com\u002FWPTelegram\" rel=\"nofollow ugc\">@WPTelegram\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Upgrade to Pro\u003C\u002Fh4>\n\u003Cp>WP Telegram Pro comes with more powerful features to give you more control. \u003Ca href=\"https:\u002F\u002Fwptelegram.pro\" rel=\"nofollow ugc\">Upgrade NOW\u003C\u002Fa>\u003C\u002Fp>\n","Integrate your WordPress site perfectly with Telegram with full control.",30000,1248809,100,425,"2026-02-14T15:23:00.000Z","6.9.4","6.6","8.0",[21,22,104,105,24],"notifications","posts","https:\u002F\u002Ft.me\u002FWPTelegram","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwptelegram.4.2.15.zip",{"slug":109,"name":110,"version":111,"author":91,"author_profile":92,"description":112,"short_description":113,"active_installs":114,"downloaded":115,"rating":116,"num_ratings":117,"last_updated":99,"tested_up_to":100,"requires_at_least":101,"requires_php":102,"tags":118,"homepage":106,"download_link":121,"security_score":116,"vuln_count":122,"unpatched_count":29,"last_vuln_date":123,"fetched_at":31},"wptelegram-widget","WP Telegram Widget and Join Link","2.2.15","\u003Cp>Display the Telegram Public Channel or Group Feed in a WordPress widget or anywhere you want using a simple shortcode.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Provides an ajax widget to display channel feed\u003C\u002Fli>\n\u003Cli>Ajax widget contains a Join Channel link\u003C\u002Fli>\n\u003Cli>A separate Join Channel Link\u002FButton\u003C\u002Fli>\n\u003Cli>Pulls updates automatically from Telegram\u003C\u002Fli>\n\u003Cli>Uses a responsive widget to display the feed\u003C\u002Fli>\n\u003Cli>Fits anywhere you want it to be\u003C\u002Fli>\n\u003Cli>The received messages can be seen from \u002Fwp-admin\u003C\u002Fli>\n\u003Cli>Automatically removes deleted messages\u003C\u002Fli>\n\u003Cli>Can be displayed using a shortcode\u003C\u002Fli>\n\u003Cli>Available as a Gutengerg block\u003C\u002Fli>\n\u003Cli>Allows embedding of Telegram public channel messages\u003C\u002Fli>\n\u003Cli>Can be extended with custom code\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Widget Info\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Ajax Widget\u003C\u002Fstrong>\u003Cbr \u002F>\nGoto \u003Cstrong>Appearance\u003C\u002Fstrong> > \u003Cstrong>Widgets\u003C\u002Fstrong> and click\u002Fdrag \u003Cstrong>WP Telegram Ajax Widget\u003C\u002Fstrong> and place it where you want it to be.\u003C\u002Fp>\n\u003Cp>Alternately, you can use the below shortcode.\u003C\u002Fp>\n\u003Cp>Inside page or post content:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[wptelegram-ajax-widget username=\"WPTelegram\" width=\"100%\" height=\"500px\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Inside the theme templates\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003C?php\nif ( function_exists( 'wptelegram_ajax_widget' ) ) {\n    wptelegram_ajax_widget();\n}\n?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>or\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003C?php\n    echo do_shortcode( '[wptelegram-ajax-widget width=\"98%\" height=\"700px\"]' );\n?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cstrong>Legacy Widget\u003C\u002Fstrong>\u003Cbr \u002F>\nGoto \u003Cstrong>Appearance\u003C\u002Fstrong> > \u003Cstrong>Widgets\u003C\u002Fstrong> and click\u002Fdrag \u003Cstrong>WP Telegram Legacy  Widget\u003C\u002Fstrong> and place it where you want it to be.\u003C\u002Fp>\n\u003Cp>Alternately, you can use the below shortcode.\u003C\u002Fp>\n\u003Cp>Inside page or post content:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[wptelegram-widget num_messages=\"5\" width=\"100%\" author_photo=\"auto\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Inside the theme templates\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003C?php\nif ( function_exists( 'wptelegram_widget' ) ) {\n    $args = array(\n        \u002F\u002F 'author_photo' => 'auto',\n        \u002F\u002F 'num_messages' => 5,\n        \u002F\u002F 'width'        => 100,\n    );\n\n    wptelegram_widget( $args );\n}\n?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>or\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003C?php\n    echo do_shortcode( '[wptelegram-widget num_messages=\"5\" width=\"100%\" author_photo=\"always_show\"]' );\n?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cstrong>Join Link\u003C\u002Fstrong>\u003Cbr \u002F>\nGoto \u003Cstrong>Appearance\u003C\u002Fstrong> > \u003Cstrong>Widgets\u003C\u002Fstrong> and click\u002Fdrag \u003Cstrong>WP Telegram Join Channel\u003C\u002Fstrong> and place it where you want it to be.\u003C\u002Fp>\n\u003Cp>Alternately, you can use the below shortcode.\u003C\u002Fp>\n\u003Cp>Inside page or post content:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[wptelegram-join-channel link=\"https:\u002F\u002Ft.me\u002FWPTelegram\" text=\"Join @WPTelegram on Telegram\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Inside the theme templates\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003C?php\nif ( function_exists( 'wptelegram_join_channel' ) ) {\n    $args = array(\n        'link' => 'https:\u002F\u002Ft.me\u002FWPTelegram',\n        'text' => 'Join @WPTelegram on Telegram',\n    );\n    wptelegram_join_channel( $args );\n}\n?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>or\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Excellent Support\u003C\u002Fh3>\n\u003Ch4>Join the Chat\u003C\u002Fh4>\n\u003Cp>We have a public group on Telegram to provide help setting up the plugin, discuss issues, features, translations etc. Join \u003Ca href=\"https:\u002F\u002Ft.me\u002FWPTelegramChat\" rel=\"nofollow ugc\">@WPTelegramChat\u003C\u002Fa>\u003Cbr \u002F>\nFor rules, see the pinned message. No spam please.\u003C\u002Fp>\n\u003Ch4>Get in touch\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Website \u003Ca href=\"https:\u002F\u002Fwpsocio.com\" rel=\"nofollow ugc\">wpsocio.com\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Telegram \u003Ca href=\"https:\u002F\u002Ft.me\u002FWPTelegram\" rel=\"nofollow ugc\">@WPTelegram\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Facebook \u003Ca href=\"https:\u002F\u002Ffb.com\u002FWPTelegram\" rel=\"nofollow ugc\">@WPTelegram\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Twitter \u003Ca href=\"https:\u002F\u002Ftwitter.com\u002FWPTelegram\" rel=\"nofollow ugc\">@WPTelegram\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Contribution\u003C\u002Fh3>\n\u003Cp>Development takes place in our \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwpsocio\u002Fwp-projects\" rel=\"nofollow ugc\">Github monorepo\u003C\u002Fa>, and all contributions welcome.\u003C\u002Fp>\n","Display the Telegram Public Channel or Group Feed in a WordPress widget or anywhere you want using a simple shortcode.",4000,177861,98,31,[21,119,22,24,120],"feed","widget","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwptelegram-widget.2.2.15.zip",2,"2025-12-22 00:00:00",{"slug":125,"name":126,"version":127,"author":128,"author_profile":129,"description":130,"short_description":131,"active_installs":97,"downloaded":132,"rating":133,"num_ratings":134,"last_updated":135,"tested_up_to":136,"requires_at_least":137,"requires_php":138,"tags":139,"homepage":142,"download_link":143,"security_score":144,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"teligro","Teligro","1.0","Parsa","https:\u002F\u002Fprofiles.wordpress.org\u002Fparselearn\u002F","\u003Cp>\u003Cstrong>Integrate your WordPress site with Telegram\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>New comments, Recovery mode, Auto core update, Users login, Register a new user notification\u003C\u002Fli>\n\u003Cli>Search in WordPress post types\u003C\u002Fli>\n\u003Cli>Send post types manually or automatically to Telegram channel\u003C\u002Fli>\n\u003Cli>Display Telegram channel members count with shortcode\u003C\u002Fli>\n\u003Cli>Connect WordPress profile to Telegram account\u003C\u002Fli>\n\u003Cli>Two Step Telegram bot Authentication\u003C\u002Fli>\n\u003Cli>Connect to Telegram with Proxy\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Integrate with E-Commerce plugins:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwoocommerce\" rel=\"ugc\">WooCommerce\u003C\u002Fa> – Sale products on the Telegram bot. Send product to Telegram channels. New order, Order status change, Product low\u002Fno stock, new order note notification\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Integrate with Forms plugins:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcontact-form-7\" rel=\"ugc\">Contact Form 7\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fflamingo\" rel=\"ugc\">Flamingo\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\" rel=\"nofollow ugc\">WPForms\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwpforms-lite\" rel=\"ugc\">Contact Form by WPForms\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fformidable\" rel=\"ugc\">Formidable Form Builder\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.gravityforms.com\" rel=\"nofollow ugc\">Gravity Forms\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fninja-forms\" rel=\"ugc\">Ninja Forms\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcaldera-forms\" rel=\"ugc\">Caldera Forms\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Feverest-forms\" rel=\"ugc\">Everest Forms\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fhappyforms\" rel=\"ugc\">HappyForms\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fweforms\" rel=\"ugc\">weForms\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fvisual-form-builder\" rel=\"ugc\">Visual Form Builder\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.quform.com\" rel=\"nofollow ugc\">Quform\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fhtml-forms\" rel=\"ugc\">HTML Forms\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fforminator\" rel=\"ugc\">Forminator\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Integrate with Newsletter plugins:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fnewsletter\" rel=\"ugc\">Newsletter\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmailchimp-for-wp\" rel=\"ugc\">MC4WP: Mailchimp for WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Integrate with Security plugins:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwordfence\" rel=\"ugc\">Wordfence Security\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbetter-wp-security\" rel=\"ugc\">iThemes Security (formerly Better WP Security)\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fall-in-one-wp-security-and-firewall\" rel=\"ugc\">All In One WP Security & Firewall\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-cerber\" rel=\"ugc\">Cerber Security, Antispam & Malware Scan\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdologin\" rel=\"ugc\">DoLogin Security\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Integrate with Backup plugins:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbackwpup\" rel=\"ugc\">BackWPup – WordPress Backup Plugin\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbackupwordpress\" rel=\"ugc\">BackUpWordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Integrate with other plugins:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-sms\" rel=\"ugc\">WP SMS\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-statistics\" rel=\"ugc\">WP Statistics\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-user-avatar\" rel=\"ugc\">WP User Avatar\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Integrate your WordPress site with Telegram",7147,86,8,"2020-10-25T09:56:00.000Z","5.5.18","5.0","5.6",[20,21,140,24,141],"robot","woocommerce","https:\u002F\u002Fgithub.com\u002Fteligro\u002Fteligro","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fteligro.1.0.zip",85,{"slug":146,"name":147,"version":148,"author":149,"author_profile":150,"description":151,"short_description":152,"active_installs":153,"downloaded":154,"rating":13,"num_ratings":155,"last_updated":156,"tested_up_to":157,"requires_at_least":158,"requires_php":16,"tags":159,"homepage":163,"download_link":164,"security_score":144,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"channeller-telegram-channel-administrator","Channeller – Telegram Channel Administrator","1.5.4","Websima","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebsima\u002F","\u003Cp>Bots are special Telegram accounts designed to handle messages automatically. Telegram introduced that bots can be used as channel admins so they can send messages to channels if the bot has been assigned as channel administrator.\u003C\u002Fp>\n\u003Cp>Channeller (Telegram Channel Admin) helps you to integrate Telegram bot and Telegram Channel to your WordPress site and send newsletter to channel members.\u003C\u002Fp>\n\u003Cp>Features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Send to Multiple Channels\u003C\u002Fli>\n\u003Cli>Log Activities\u003C\u002Fli>\n\u003Cli>Support Custom Post Types\u003C\u002Fli>\n\u003Cli>Send Url, short Url or Custom Message\u003C\u002Fli>\n\u003Cli>Send Photo to channel\u003C\u002Fli>\n\u003Cli>Ability to send featured image\u003C\u002Fli>\n\u003Cli>Ability to send post content\u003C\u002Fli>\n\u003Cli>Send Text and Photo Messages to Groups \u003C\u002Fli>\n\u003Cli>Supports Html Tags in Messages including a, b, strong, code, em and pre\u003C\u002Fli>\n\u003Cli>Send Images from other sites\u003C\u002Fli>\n\u003Cli>Send Video Files your WordPress site\u003C\u002Fli>\n\u003Cli>Send Audio Files from your WordPress site\u003C\u002Fli>\n\u003Cli>Set Default Settings for sending\u003C\u002Fli>\n\u003Cli>Send Inline Buttons to channel\u003C\u002Fli>\n\u003Cli>Send Messages as Future Posts\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Notice: add @Channeller_Bot robot to your group to get the Group ID, your bot should be one of the Group members for sending messages.\u003C\u002Fp>\n\u003Cp>how to create a new channel in Telegram (Persian): \u003Ca href=\"http:\u002F\u002Fwebsima.com\u002F%DA%A9%D8%A7%D9%86%D8%A7%D9%84-%D8%AA%D9%84%DA%AF%D8%B1%D8%A7%D9%85\u002F\" title=\"کانال تلگرام\" rel=\"nofollow ugc\">کانال تلگرام\u003C\u002Fa>\u003Cbr \u002F>\nChanneller Settings Help (Persian): \u003Ca href=\"http:\u002F\u002Fwebsima.com\u002Fchanneller\" title=\"Channeller Plugin\" rel=\"nofollow ugc\">Channeller Plugin\u003C\u002Fa>\u003C\u002Fp>\n","Send Text, Link, Photo, Video and Audio Files from Wordpress to Telegram Channels and Groups using bots.",40,21282,19,"2017-02-04T10:14:00.000Z","4.7.32","3.0.1",[24,160,4,161,162],"telegram-api","telegram-channel","translate-ready","http:\u002F\u002Fwebsima.com\u002Fchanneller","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fchanneller-telegram-channel-administrator.zip",{"slug":166,"name":167,"version":168,"author":169,"author_profile":170,"description":171,"short_description":172,"active_installs":173,"downloaded":174,"rating":29,"num_ratings":29,"last_updated":175,"tested_up_to":157,"requires_at_least":176,"requires_php":16,"tags":177,"homepage":16,"download_link":181,"security_score":144,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"broadcast-to-telegram","Broadcast to Telegram","1.2.0","EnzoCostantini55","https:\u002F\u002Fprofiles.wordpress.org\u002Fenzocostantini55\u002F","\u003Cp>\u003Cstrong>Broadcast to Telegram\u003C\u002Fstrong> is a very simple plugin that lets you automatically send post notification to your telegram channel via an admin BOT.\u003Cbr \u002F>It allows you to enroll multiple Telegram channels and you can choose, when sending, which channels make the notification to. It also allows you to choose which type of document is to be used with. \u003Cbr \u002F>It also gives the possibility, when a document is updated, to know which channels have already been sent a notification and edit directly the Telegram original message, marking it as updated by the \u003Cstrong>(M)\u003C\u002Fstrong> symbol.\u003C\u002Fp>\n","Allows WordPress sites to send notifications to a Telegram channel. It's possible send notification to multiple channels.",10,2008,"2017-02-04T11:33:00.000Z","4.4",[178,21,179,180,24],"bot-api","messenger","notification","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbroadcast-to-telegram.zip",{"attackSurface":183,"codeSignals":284,"taintFlows":384,"riskAssessment":411,"analyzedAt":426},{"hooks":184,"ajaxHandlers":280,"restRoutes":281,"shortcodes":282,"cronEvents":283,"entryPointCount":29,"unprotectedCount":29},[185,190,194,197,200,202,206,209,212,215,218,221,225,229,233,237,240,243,245,249,253,254,256,259,262,265,268,271,274,277],{"type":186,"name":187,"callback":188,"file":189,"line":122},"action","admin_notices","closure","admin-messages.php",{"type":191,"name":192,"callback":188,"file":193,"line":28},"filter","manage_edit-telegram_subscribers_columns","columns.php",{"type":191,"name":195,"callback":188,"file":193,"line":196},"manage_edit-telegram_groups_columns",15,{"type":191,"name":198,"callback":188,"file":193,"line":199},"bulk_actions-edit-telegram_subscribers",26,{"type":191,"name":201,"callback":188,"priority":173,"file":193,"line":117},"handle_bulk_actions-edit-telegram_subscribers",{"type":186,"name":203,"callback":204,"priority":173,"file":193,"line":205},"manage_telegram_subscribers_posts_custom_column","t_manage_columns",43,{"type":186,"name":207,"callback":204,"priority":173,"file":193,"line":208},"manage_telegram_groups_posts_custom_column",44,{"type":186,"name":210,"callback":188,"file":193,"line":211},"admin_init",72,{"type":191,"name":213,"callback":188,"priority":173,"file":193,"line":214},"posts_search",76,{"type":186,"name":216,"callback":188,"file":217,"line":122},"init","custom-post-types.php",{"type":186,"name":219,"callback":188,"file":217,"line":220},"add_meta_boxes",140,{"type":186,"name":222,"callback":223,"file":217,"line":224},"save_post","telegram_command_extra_save_meta_box_data",201,{"type":186,"name":226,"callback":227,"priority":173,"file":217,"line":228},"future_post","telegram_on_post_scheduled",388,{"type":186,"name":230,"callback":231,"priority":173,"file":217,"line":232},"publish_post","telegram_send_post_notification",389,{"type":186,"name":234,"callback":235,"priority":173,"file":217,"line":236},"publish_future_post","telegram_send_post_notification_future",390,{"type":186,"name":238,"callback":188,"file":217,"line":239},"post_submitbox_misc_actions",392,{"type":186,"name":241,"callback":188,"file":217,"line":242},"enqueue_block_editor_assets",457,{"type":186,"name":216,"callback":188,"file":217,"line":244},483,{"type":186,"name":246,"callback":188,"file":247,"line":248},"plugins_loaded","telegram-bot.php",18,{"type":186,"name":250,"callback":251,"file":247,"line":252},"admin_menu","telegram_admin_menu",36,{"type":186,"name":210,"callback":188,"file":247,"line":144},{"type":186,"name":216,"callback":188,"file":247,"line":255},115,{"type":186,"name":257,"callback":231,"priority":173,"file":247,"line":258},"publish_page",116,{"type":186,"name":260,"callback":188,"file":247,"line":261},"template_redirect",164,{"type":191,"name":263,"callback":188,"file":247,"line":264},"query_vars",183,{"type":191,"name":266,"callback":188,"file":247,"line":267},"user_can_richedit",198,{"type":191,"name":269,"callback":188,"file":247,"line":270},"enter_title_here",475,{"type":186,"name":272,"callback":188,"file":247,"line":273},"admin_print_footer_scripts",493,{"type":191,"name":275,"callback":188,"priority":173,"file":247,"line":276},"quicktags_settings",506,{"type":186,"name":278,"callback":188,"file":247,"line":279},"widgets_init",554,[],[],[],[],{"dangerousFunctions":285,"sqlUsage":286,"outputEscaping":288,"fileOperations":173,"externalRequests":122,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":383},[],{"prepared":47,"raw":29,"locations":287},[],{"escaped":289,"rawEcho":290,"locations":291},57,54,[292,295,297,299,301,303,305,307,309,311,314,315,316,317,320,321,323,325,326,328,329,331,333,334,336,339,341,342,344,345,347,349,350,352,354,355,356,357,359,360,362,364,366,367,368,370,371,373,374,376,377,378,380,382],{"file":193,"line":293,"context":294},60,"raw output",{"file":193,"line":296,"context":294},93,{"file":217,"line":298,"context":294},150,{"file":217,"line":300,"context":294},153,{"file":217,"line":302,"context":294},156,{"file":217,"line":304,"context":294},159,{"file":217,"line":306,"context":294},409,{"file":217,"line":308,"context":294},435,{"file":217,"line":310,"context":294},437,{"file":312,"line":313,"context":294},"panel\\main.php",28,{"file":312,"line":252,"context":294},{"file":312,"line":153,"context":294},{"file":312,"line":208,"context":294},{"file":318,"line":319,"context":294},"panel\\send.php",7,{"file":318,"line":153,"context":294},{"file":318,"line":322,"context":294},46,{"file":318,"line":324,"context":294},49,{"file":318,"line":290,"context":294},{"file":318,"line":327,"context":294},56,{"file":318,"line":289,"context":294},{"file":318,"line":330,"context":294},58,{"file":318,"line":332,"context":294},59,{"file":318,"line":293,"context":294},{"file":318,"line":335,"context":294},63,{"file":337,"line":338,"context":294},"panel\\settings.php",39,{"file":337,"line":340,"context":294},42,{"file":337,"line":330,"context":294},{"file":337,"line":343,"context":294},65,{"file":337,"line":302,"context":294},{"file":337,"line":346,"context":294},174,{"file":337,"line":348,"context":294},182,{"file":337,"line":267,"context":294},{"file":337,"line":351,"context":294},206,{"file":247,"line":353,"context":294},55,{"file":247,"line":289,"context":294},{"file":247,"line":330,"context":294},{"file":247,"line":335,"context":294},{"file":247,"line":358,"context":294},64,{"file":247,"line":343,"context":294},{"file":247,"line":361,"context":294},66,{"file":247,"line":363,"context":294},78,{"file":365,"line":80,"context":294},"widget.php",{"file":365,"line":196,"context":294},{"file":365,"line":248,"context":294},{"file":365,"line":369,"context":294},20,{"file":365,"line":313,"context":294},{"file":365,"line":372,"context":294},29,{"file":365,"line":372,"context":294},{"file":365,"line":375,"context":294},30,{"file":365,"line":117,"context":294},{"file":365,"line":117,"context":294},{"file":365,"line":379,"context":294},32,{"file":365,"line":381,"context":294},33,{"file":365,"line":381,"context":294},[],[385,403],{"entryPoint":386,"graph":387,"unsanitizedCount":29,"severity":402},"telegram_send_panel (panel\\send.php:2)",{"nodes":388,"edges":399},[389,394],{"id":390,"type":391,"label":392,"file":318,"line":393},"n0","source","$_GET",45,{"id":395,"type":396,"label":397,"file":318,"line":322,"wp_function":398},"n1","sink","echo() [XSS]","echo",[400],{"from":390,"to":395,"sanitized":401},true,"low",{"entryPoint":404,"graph":405,"unsanitizedCount":29,"severity":402},"\u003Csend> (panel\\send.php:0)",{"nodes":406,"edges":409},[407,408],{"id":390,"type":391,"label":392,"file":318,"line":393},{"id":395,"type":396,"label":397,"file":318,"line":322,"wp_function":398},[410],{"from":390,"to":395,"sanitized":401},{"summary":412,"deductions":413},"The telegram-bot plugin v4.1.1 exhibits a mixed security posture. On the positive side, the static analysis reveals no exposed AJAX handlers, REST API routes, shortcodes, or cron events that lack authentication or permission checks, indicating a well-secured attack surface. The plugin also exclusively uses prepared statements for its single SQL query and has a reasonable number of nonces and capability checks. However, there are notable concerns. The output escaping is only 51% proper, which leaves a significant portion of outputs potentially vulnerable to cross-site scripting (XSS) attacks.  While the taint analysis did not uncover any critical or high-severity issues, the file operations and external HTTP requests warrant attention in conjunction with the output escaping. The vulnerability history is a significant concern, with three known CVEs, including one high-severity vulnerability, although none are currently unpatched. The prevalence of Cross-Site Request Forgery (CSRF) and XSS in past vulnerabilities suggests recurring issues with input validation and output sanitization, despite some efforts in the code.  Overall, while the attack surface is minimal, the historical vulnerability pattern and the low output escaping rate present a moderate risk that requires careful monitoring and potential remediation.",[414,416,418,421,424],{"reason":415,"points":319},"Low output escaping percentage",{"reason":417,"points":196},"History of high severity vulnerability",{"reason":419,"points":420},"History of medium severity vulnerabilities",6,{"reason":422,"points":423},"History of CSRF vulnerabilities",5,{"reason":425,"points":423},"History of XSS vulnerabilities","2026-03-16T19:27:23.240Z",{"wat":428,"direct":439},{"assetPaths":429,"generatorPatterns":433,"scriptPaths":434,"versionParams":435},[430,431,432],"\u002Fwp-content\u002Fplugins\u002Ftelegram-bot\u002Fpanel\u002Fcss\u002Fbootstrap.min.css","\u002Fwp-content\u002Fplugins\u002Ftelegram-bot\u002Fpanel\u002Fcss\u002Ftelegram-bot.css","\u002Fwp-content\u002Fplugins\u002Ftelegram-bot\u002Fpanel\u002Fjs\u002Ftelegram-bot.js",[],[],[436,437,438],"\u002Fwp-content\u002Fplugins\u002Ftelegram-bot\u002Fpanel\u002Fcss\u002Fbootstrap.min.css?ver=","\u002Fwp-content\u002Fplugins\u002Ftelegram-bot\u002Fpanel\u002Fcss\u002Ftelegram-bot.css?ver=","\u002Fwp-content\u002Fplugins\u002Ftelegram-bot\u002Fpanel\u002Fjs\u002Ftelegram-bot.js?ver=",{"cssClasses":440,"htmlComments":442,"htmlAttributes":443,"restEndpoints":445,"jsGlobals":446,"shortcodeOutput":447},[441],"telegram-log-panel",[],[444],"data-tb-token",[],[],[]]