[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fGv2sBNP-9Dn0YGwKiu2PNwm3ys-XVGXrbjXGdkMVGsw":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":17,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":36,"analysis":141,"fingerprints":480},"tp","TP – TweetPress","1.4","Louy Alakkad","https:\u002F\u002Fprofiles.wordpress.org\u002Flouyx\u002F","\u003Cp>TweetPress, gives you all the tools you need to integrate your wordpress and twitter, including “Login with Twitter” and “Comment via Twitter”…\u003Cbr \u002F>\nhighly customizable and easy to use.\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Allow your visitors to comment using their twitter ids\u003C\u002Fli>\n\u003Cli>Adds a tweet button to your posts, so your visitors can share your content.\u003C\u002Fli>\n\u003Cli>Allow your blog users to sign in with their twitter ids. one click signin!\u003C\u002Fli>\n\u003Cli>Automatically publish new posts to a twitter account.\u003C\u002Fli>\n\u003Cli>Easily customizable by theme authors.\u003C\u002Fli>\n\u003Cli>Add a follow button to your blog\u003C\u002Fli>\n\u003C\u002Ful>\n","All the tools you need to integrate your wordpress and twitter.",10,13793,0,"2013-07-26T22:48:00.000Z","3.3.2","3.0","",[19,20,21,22,23],"login","oauth","tweet","tweetbutton","twitter","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftp.1.4.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":25,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"louyx",7,8210,30,84,"2026-04-05T18:37:32.553Z",[37,57,78,95,119],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":16,"requires_php":17,"tags":51,"homepage":55,"download_link":56,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"postmatic-social-commenting","Postmatic Social Commenting","1.1.1","Postmatic","https:\u002F\u002Fprofiles.wordpress.org\u002Fvernal\u002F","\u003Cp>Postmatic Social Commenting takes a lighter weight approach than traditional Social Login plugins.\u003C\u002Fp>\n\u003Ch4>The big difference\u003C\u002Fh4>\n\u003Cp>No WordPress users are created. Nobody is logged in. This is not social \u003Cem>login\u003C\u002Fem>, it is social \u003Cem>commenting\u003C\u002Fem>. That means it is simple, lean, and whoopingly fast.\u003C\u002Fp>\n\u003Ch4>How it works\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Users click the social network icon of their choice when they want to leave a comment.\u003C\u002Fli>\n\u003Cli>The social network asks their permission to share their name, profile image, and email address with your site.\u003C\u002Fli>\n\u003Cli>If they agree a standard WordPress cookie is added to their browser and the comment form is ready for their reply. When they return to your site they are already authorized. Nice.\u003C\u002Fli>\n\u003C\u002Ful>\n","A tiny, fast, and convenient way to let your readers comment using their social profiles.",50,9863,86,3,"2016-03-11T02:16:00.000Z","4.4.34",[52,20,53,54,23],"facebook","social","social-login","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpostmatic-social\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpostmatic-social-commenting.1.1.1.zip",{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":65,"downloaded":66,"rating":67,"num_ratings":68,"last_updated":69,"tested_up_to":70,"requires_at_least":71,"requires_php":17,"tags":72,"homepage":76,"download_link":77,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"tweets-widget","Tweets Widget","1.0","fossasia","https:\u002F\u002Fprofiles.wordpress.org\u002Ffossasia\u002F","\u003Cp>Use anonymous Loklak API OR Connect your Twitter account to this plugin and the widget will display your latest tweets on your site.\u003C\u002Fp>\n\u003Cp>This plugin is compatible with the new \u003Cstrong>Twitter API 1.1\u003C\u002Fstrong> and provides full \u003Cstrong>OAuth\u003C\u002Fstrong> authentication via the WordPress admin area.\u003C\u002Fp>\n\u003Ch3>Shortcodes\u003C\u002Fh3>\n\u003Cp>You can embed tweets in the body of your posts using a WordPress the shortcode \u003Ccode>[tweets]\u003C\u002Fcode>.\u003C\u002Fp>\n\u003Cp>To specify a different user’s timeline add the \u003Ccode>user\u003C\u002Fcode> attribute.\u003Cbr \u002F>\nTo override the default number of 5 tweets add the \u003Ccode>max\u003C\u002Fcode> attribute, e.g:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[tweets max=10 user=KhoslaSopan]\u003Ch3>Theming\u003C\u002Fh3>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>For starters you can alter some of the HTML using built-in WordPress features.\u003Cbr \u002F>\nSee \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FPlugin_API\u002FFilter_Reference#Widgets\" rel=\"nofollow ugc\">Widget Filters\u003C\u002Fa>\u003Cbr \u002F>\nand \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FWidgetizing_Themes\" rel=\"nofollow ugc\">Widgetizing Themes\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>CSS\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This plugin contains no default CSS. That’s deliberate, so you can style it how you want.\u003C\u002Fp>\n\u003Cp>Tweets are rendered as a list which has various hooks you can use. Here’s a rough template:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>.tweets {\n    \u002F* style tweet list wrapper *\u002F\n}\n.tweets h3 {\n    \u002F* style whatever you did with the header *\u002F\n}\n.tweets ul { \n    \u002F* style tweet list*\u002F\n}\n.tweets li {\n   \u002F* style tweet item *\u002F\n}\n.tweets .tweet-text {\n   \u002F* style main tweet text *\u002F\n}\n.tweets .tweet-text a {\n   \u002F* style links, hashtags and mentions *\u002F\n}\n.tweets .tweet-text .emoji {\n  \u002F* style embedded emoji image in tweet *\u002F \n}\n.tweets .tweet-details {\n  \u002F* style datetime and link under tweet *\u002F\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cstrong>Custom HTML\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>If you want to override the default markup of the tweets, the following filters are also available:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Add a header between the widget title and the tweets with \u003Ccode>tweets_render_before\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Perform your own rendering of the timestamp with \u003Ccode>tweets_render_date\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Render plain tweet text to your own HTML with \u003Ccode>tweets_render_text\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Render each composite tweet with \u003Ccode>tweets_render_tweet\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Override the unordered list for tweets with \u003Ccode>tweets_render_list\u003C\u002Fcode> \u003C\u002Fli>\n\u003Cli>Add a footer before the end of the widget with \u003Ccode>tweets_render_after\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Here’s an \u003Cstrong>example\u003C\u002Fstrong> of using some of the above in your theme’s functions.php file:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>add_filter('tweets_render_date', function( $created_at ){\n    $date = DateTime::createFromFormat('D M d H:i:s O Y', $created_at );\n    return $date->format('d M h:ia');\n}, 10 , 1 );\n\nadd_filter('tweets_render_text', function( $text ){\n    return $text; \u002F\u002F \u003C- will use default\n}, 10 , 1 );\n\nadd_filter('tweets_render_tweet', function( $html, $date, $link, array $tweet ){\n    $pic = $tweet['user']['profile_image_url_https'];\n    return '\u003Cp class=\"my-tweet\">\u003Cimg src=\"'.$pic.'\"\u002F>'.$html.'\u003C\u002Fp>\u003Cp class=\"my-date\">\u003Ca href=\"'.$link.'\">'.$date.'\u003C\u002Fa>\u003C\u002Fp>';\n}, 10, 4 );\n\nadd_filter('tweets_render_after', function(){\n    return '\u003Cfooter>\u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Fme\">More from me\u003C\u002Fa>\u003C\u002Ffooter>';\n}, 10, 0 );\u003Ch3>Caching\u003C\u002Fh3>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Responses from the Twitter API are cached for 5 minutes by default. This means your new Tweets will not appear on your site in real time.\u003C\u002Fp>\n\u003Cp>This is deliberate not only for performance, but also to avoid Twitter’s strict rate limits of 15 requests every 15 minutes.\u003C\u002Fp>\n\u003Cp>You can override the 300 second cache by using the \u003Ccode>tweets_cache_seconds\u003C\u002Fcode> filter in your theme as follows:\u003C\u002Fp>\n\u003Cp>This would extend the cache to 1 minute, which is the lowest value you should consider using on a live site:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>add_filter('tweets_cache_seconds', function( $ttl ){\n    return 60;\n}, 10, 1 );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>This would disable the cache (not recommended other than for debugging):\u003C\u002Fp>\n\u003Cpre>\u003Ccode>add_filter('tweets_cache_seconds', function( $ttl ){\n    return 0;\n}, 10, 1 );\u003Ch3>Emoji\u003C\u002Fh3>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>If you want to disable Emoji image replacement, you can filter the replacement callback function to something empty, e.g:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>add_filter('tweets_emoji_callback', function( $func ){\n    return '';\n} );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cul>\n\u003Cli>\n\u003Cp>or to strip Emoji characters from all tweets, return your own replacement function that returns something else, e.g:\u003C\u002Fp>\n\u003Cp>add_filter(‘tweets_emoji_callback’, function( $func ){\u003Cbr \u002F>\n    return function( array $match ){\u003Cbr \u002F>\n        return ‘\u003C!-- removed emoji -->‘;\u003Cbr \u002F>\n    };\u003Cbr \u002F>\n} );\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>Screenshot taken with permission from http:\u002F\u002Fstayingalivefoundation.org\u002Fblog\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Portuguese translations by \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fprofile\u002Fleandrodimitrio\" rel=\"ugc\">Leandro Dimitrio\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>German translations by \u003Ca href=\"https:\u002F\u002Ftwitter.com\u002FFlorianFelsing\" rel=\"nofollow ugc\">Florian Felsing\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fprofile\u002Fdavid_noh\" rel=\"ugc\">David Noh\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Russian translations by \u003Ca href=\"https:\u002F\u002Ftwitter.com\u002FYakovenkoAndrey\" rel=\"nofollow ugc\">Andrey Yakovenko\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Dutch translations by \u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Fdwichers\" rel=\"nofollow ugc\">Daniel Wichers\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Spanish translations by \u003Ca href=\"http:\u002F\u002Fminimizo.com\" rel=\"nofollow ugc\">Pedro Pica\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Notes\u003C\u002Fh3>\n\u003Cp>Be aware of \u003Ca href=\"https:\u002F\u002Fdev.twitter.com\u002Fterms\u002Fdisplay-requirements\" rel=\"nofollow ugc\">Twitter’s display requirements\u003C\u002Fa> when rendering tweets on your website.\u003C\u002Fp>\n\u003Cp>Example code here uses PHP \u003Ca href=\"http:\u002F\u002Fwww.php.net\u002Fmanual\u002Fen\u002Fclass.closure.php\" rel=\"nofollow ugc\">closures\u003C\u002Fa> which require PHP>=5.3.0 and won’t work on older systems.\u003C\u002Fp>\n","Tweets Widget compatible with the new Twitter API 1.1",20,2531,100,1,"2016-08-29T13:28:00.000Z","4.5.33","3.5.1",[73,74,20,75,23],"loklak","loklak-api","tweets","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Ftweets-widget\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftweets-widget.1.0.1.zip",{"slug":79,"name":80,"version":60,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":11,"downloaded":85,"rating":67,"num_ratings":68,"last_updated":86,"tested_up_to":87,"requires_at_least":88,"requires_php":17,"tags":89,"homepage":93,"download_link":94,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"u-tweets","U-Tweets","Ultimatum Theme","https:\u002F\u002Fprofiles.wordpress.org\u002Fultimatumtheme\u002F","\u003Ch4>U-Tweets\u003C\u002Fh4>\n\u003Cp>U-Tweets is a very easy to use plugin to display your needed tweets feeds on your web site. It is powered with Twitter’s OAuth\u003Cbr \u002F>\nprotocol and ajax.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Works with Twitter API v1.1.\u003C\u002Fli>\n\u003Cli>Easily configurable.\u003C\u002Fli>\n\u003Cli>Supports OAuth Token Authentication (via Twitter App)\u003C\u002Fli>\n\u003Cli>Ajax powered (Tweets refresh live)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Contribute\u003C\u002Fh4>\n\u003Cp>You may also contribute to the plugin yourself on Github. \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fultimatumtheme\u002Futweets\" rel=\"nofollow ugc\">Get involved!\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cp>If you are having issues, set $debug = true; in lib\u002Ftweets.php. Errors \u003Cem>should\u003C\u002Fem> be logged to the JS console on execution.\u003C\u002Fp>\n\u003Cp>If you still can’t figure it out, feel free to submit an issue on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fultimatumtheme\u002Futweets\" rel=\"nofollow ugc\">github page of the plugin\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Unfortunately, We can not guarantee any support for this. We will, however, provide help and support within the constraints of our schedule.\u003C\u002Fp>\n","U-Tweets is a simple to use WordPress Plugin powered with Twitter OAuth API to display tweets.",2197,"2013-06-23T11:27:00.000Z","3.5.2","3.0.1",[90,75,23,91,92],"hash-tags","twitter-oauth","twitter-widget","http:\u002F\u002Fultimatumtheme.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fu-tweets.zip",{"slug":96,"name":97,"version":98,"author":99,"author_profile":100,"description":101,"short_description":102,"active_installs":103,"downloaded":104,"rating":105,"num_ratings":106,"last_updated":107,"tested_up_to":108,"requires_at_least":109,"requires_php":110,"tags":111,"homepage":114,"download_link":115,"security_score":116,"vuln_count":117,"unpatched_count":13,"last_vuln_date":118,"fetched_at":27},"nextend-facebook-connect","Nextend Social Login and Register","3.1.23","Nextendweb","https:\u002F\u002Fprofiles.wordpress.org\u002Fnextendweb\u002F","\u003Cp>Nextend Social Login is a professional, easy to use and free WordPress plugin. It lets your visitors  register and login to your site using their social profiles (Facebook, Google, X (formerly Twitter), etc.) instead of forcing them to spend valuable time to fill out the default registration form. Besides that, they don’t need to wait for validation emails or keep track of their username and password anymore.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Ftry-nextend-social-login.nextendweb.com\u002Fwp-login.php\" rel=\"nofollow ugc\">Demo\u003C\u002Fa>  |  \u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=buPTza2-6xc&list=PLSawiBnEUNftt3EDqnP2jIXeh6q0pZ5D8&index=1\" rel=\"nofollow ugc\">Tutorial videos\u003C\u002Fa>  |  \u003Ca href=\"https:\u002F\u002Fsocial-login.nextendweb.com\u002Fdocumentation\u002F\" rel=\"nofollow ugc\">Docs\u003C\u002Fa>  |  \u003Ca href=\"https:\u002F\u002Fsocial-login.nextendweb.com\u002Fsupport\u002F\" rel=\"nofollow ugc\">Support\u003C\u002Fa>  |  \u003Ca href=\"https:\u002F\u002Fsocial-login.nextendweb.com\u002Fpricing\u002F\" rel=\"nofollow ugc\">Pro Addon\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FbuPTza2-6xc?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>Nextend Social Login seamlessly integrates with your existing WordPress login and registration form. Existing users can add or remove their social accounts at their WordPress profile page. A single user can attach as many social account as they want allowing them to log in with Facebook, Google or X (formerly Twitter).\u003C\u002Fp>\n\u003Ch4>Three popular providers: Facebook, Google and X (formerly Twitter)\u003C\u002Fh4>\n\u003Cp>Providers are the services which the visitors can use to register and log in to your site. Nextend Social Login allows your visitors to log in with their account from the most popular social networks: Facebook, Google and X (formerly Twitter).\u003C\u002Fp>\n\u003Ch4>Free version features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>One click registration and login via Facebook, Google and X (formerly Twitter)\u003C\u002Fli>\n\u003Cli>Your current users can easily connect their Facebook, Google or X (formerly Twitter) profiles with their account\u003C\u002Fli>\n\u003Cli>Social accounts are tied to a WordPress user account so every account can be accessed with and without social account\u003C\u002Fli>\n\u003Cli>You can define custom redirect URL after the registration (upon first login) using any of the social accounts.\u003C\u002Fli>\n\u003Cli>You can define custom redirect URL after each login with any of the enabled social accounts.\u003C\u002Fli>\n\u003Cli>Display Facebook, Google, X (formerly Twitter) profile picture as avatar\u003C\u002Fli>\n\u003Cli>Login widget and shortcodes\u003C\u002Fli>\n\u003Cli>Customizable designs to match your site\u003C\u002Fli>\n\u003Cli>Editable and translatable texts on the login buttons\u003C\u002Fli>\n\u003Cli>Very simple to setup and use\u003C\u002Fli>\n\u003Cli>Clean, user friendly UI\u003C\u002Fli>\n\u003Cli>Fast and helpful support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Additional features in the \u003Ca href=\"https:\u002F\u002Fsocial-login.nextendweb.com\u002F\" rel=\"nofollow ugc\">Pro addon\u003C\u002Fa>\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WooCommerce compatibility\u003C\u002Fli>\n\u003Cli>BuddyPress compatibility\u003C\u002Fli>\n\u003Cli>UserPro compatibility\u003C\u002Fli>\n\u003Cli>Ultimate Member compatibility\u003C\u002Fli>\n\u003Cli>Easy Digital Downloads compatibility\u003C\u002Fli>\n\u003Cli>Pro providers: LinkedIn, Amazon, VKontakte, WordPress.com, Yahoo, PayPal, Disqus, Apple, GitHub, Microsoft, Line, Discord, Slack, TikTok, Steam, Twitch, Kakao, Reddit, Spotify and more coming soon\u003C\u002Fli>\n\u003Cli>Configure whether email address should be asked on registration at each provider\u003C\u002Fli>\n\u003Cli>Configure whether username should be asked on registration at each provider\u003C\u002Fli>\n\u003Cli>Choose from icons or wide buttons\u003C\u002Fli>\n\u003Cli>Several login layouts\u003C\u002Fli>\n\u003Cli>Restrict specific user roles from using the social logins. (You can restrict different roles for each provider.)\u003C\u002Fli>\n\u003Cli>Assign specific user roles to the newly registered users who use any social login provider. (You can set different roles for each provider.)\u003C\u002Fli>\n\u003Cli>Show the name of the linked providers in the Users table\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Usage\u003C\u002Fh4>\n\u003Cp>After you activated the plugin configure and enable the provider you want to use, then the plugin will automatically\u003C\u002Fp>\n\u003Cul>\n\u003Cli>add the login buttons to the WordPress login page. See screenshot #1\u003C\u002Fli>\n\u003Cli>add the account linking buttons to the WordPress profile page. See screenshot #2\u003C\u002Fli>\n\u003C\u002Ful>\n","One click registration & login plugin for Facebook, Google, X (formerly Twitter) and more. Quick setup and easy configuration.",200000,7588989,98,441,"2026-02-23T09:51:00.000Z","6.9.4","4.9","7.4",[52,112,54,23,113],"google","x","https:\u002F\u002Fsocial-login.nextendweb.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnextend-facebook-connect.3.1.23.zip",89,6,"2025-11-27 14:54:41",{"slug":120,"name":121,"version":122,"author":123,"author_profile":124,"description":125,"short_description":126,"active_installs":127,"downloaded":128,"rating":67,"num_ratings":65,"last_updated":129,"tested_up_to":130,"requires_at_least":131,"requires_php":110,"tags":132,"homepage":137,"download_link":138,"security_score":105,"vuln_count":139,"unpatched_count":13,"last_vuln_date":140,"fetched_at":27},"daggerhart-openid-connect-generic","OpenID Connect Generic Client","3.11.3","Jonathan Daggerhart","https:\u002F\u002Fprofiles.wordpress.org\u002Fdaggerhart\u002F","\u003Cp>This plugin allows to authenticate users against OpenID Connect OAuth2 API with Authorization Code Flow.\u003Cbr \u002F>\nOnce installed, it can be configured to automatically authenticate users (SSO), or provide a “Login with OpenID Connect”\u003Cbr \u002F>\nbutton on the login form. After consent has been obtained, an existing user is automatically logged into WordPress, while\u003Cbr \u002F>\nnew users are created in WordPress database.\u003C\u002Fp>\n\u003Cp>Much of the documentation can be found on the Settings > OpenID Connect Generic dashboard page.\u003C\u002Fp>\n\u003Cp>Please submit issues to the Github repo: https:\u002F\u002Fgithub.com\u002Foidc-wp\u002Fopenid-connect-generic\u003C\u002Fp>\n","A simple client that provides SSO or opt-in authentication against a generic OAuth2 Server implementation.",10000,177319,"2026-02-13T04:36:00.000Z","6.9.0","5.0",[133,19,134,135,136],"apps","oauth2","openidconnect","security","https:\u002F\u002Fgithub.com\u002Foidc-wp\u002Fopenid-connect-generic","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdaggerhart-openid-connect-generic.3.11.3.zip",2,"2025-12-17 00:00:00",{"attackSurface":142,"codeSignals":324,"taintFlows":432,"riskAssessment":468,"analyzedAt":479},{"hooks":143,"ajaxHandlers":303,"restRoutes":313,"shortcodes":314,"cronEvents":322,"entryPointCount":323,"unprotectedCount":139},[144,150,154,158,163,167,172,176,180,183,186,189,193,197,201,205,208,212,215,219,223,226,229,233,236,240,244,247,251,255,259,262,266,269,272,275,278,281,285,288,291,295,299],{"type":145,"name":146,"callback":147,"file":148,"line":149},"action","init","tp_init","tp.php",47,{"type":145,"name":151,"callback":152,"file":148,"line":153},"admin_menu","tp_admin_add_page",128,{"type":145,"name":155,"callback":156,"file":148,"line":157},"network_admin_menu","tp_network_admin_add_page",136,{"type":145,"name":159,"callback":160,"priority":161,"file":148,"line":162},"admin_init","tp_admin_init",9,144,{"type":145,"name":164,"callback":165,"file":148,"line":166},"admin_notices","anonymous",150,{"type":168,"name":169,"callback":170,"priority":11,"file":148,"line":171},"filter","pre_update_option_tp_app_options","tp_update_app_options",157,{"type":145,"name":173,"callback":174,"file":148,"line":175},"wp_enqueue_scripts","anywhereloader",277,{"type":145,"name":177,"callback":178,"file":148,"line":179},"oauth_start_twitter","tp_oauth_start",308,{"type":145,"name":159,"callback":181,"file":148,"line":182},"tp_comm_error_check",411,{"type":145,"name":164,"callback":184,"file":148,"line":185},"tp_comment_admin_notice",414,{"type":145,"name":159,"callback":187,"file":148,"line":188},"tp_comm_admin_init",422,{"type":145,"name":190,"callback":191,"file":148,"line":192},"tp_validate_options","tp_comm_validate_options",446,{"type":168,"name":194,"callback":195,"priority":11,"file":148,"line":196},"get_avatar","tp_comm_avatar",572,{"type":168,"name":198,"callback":199,"file":148,"line":200},"comment_post_redirect","tp_comment_cookie",627,{"type":145,"name":202,"callback":203,"file":148,"line":204},"comment_form","tp_comm_comments_enable",636,{"type":145,"name":202,"callback":206,"file":148,"line":207},"tp_comm_send_place",637,{"type":145,"name":209,"callback":210,"priority":33,"file":148,"line":211},"wp_footer","tp_comm_footer_script",638,{"type":145,"name":146,"callback":213,"file":148,"line":214},"tp_comm_logout",640,{"type":145,"name":216,"callback":217,"file":148,"line":218},"comment_post","tp_comm_send_to_twitter",641,{"type":145,"name":220,"callback":221,"priority":68,"file":148,"line":222},"comment_form_before_fields","alt_comment_login",642,{"type":145,"name":221,"callback":224,"file":148,"line":225},"tp_comm_login_button",643,{"type":145,"name":220,"callback":227,"priority":139,"file":148,"line":228},"comment_user_details_begin",644,{"type":145,"name":230,"callback":231,"priority":65,"file":148,"line":232},"comment_form_after_fields","comment_user_details_end",645,{"type":145,"name":216,"callback":234,"priority":11,"file":148,"line":235},"tp_comm_add_meta",646,{"type":168,"name":237,"callback":238,"file":148,"line":239},"pre_comment_on_post","tp_comm_fill_in_fields",647,{"type":145,"name":241,"callback":242,"file":148,"line":243},"profile_personal_options","tp_login_profile_page",654,{"type":145,"name":245,"callback":245,"file":148,"line":246},"tp_login_connect",712,{"type":145,"name":248,"callback":249,"file":148,"line":250},"login_form","tp_login_add_login_button",724,{"type":168,"name":252,"callback":253,"file":148,"line":254},"authenticate","tp_login_check",731,{"type":145,"name":256,"callback":257,"file":148,"line":258},"wp_logout","tp_logout",752,{"type":145,"name":209,"callback":260,"file":148,"line":261},"tweetbutton_footer",867,{"type":168,"name":263,"callback":264,"priority":33,"file":148,"line":265},"the_content","tweetbutton_automatic",906,{"type":145,"name":159,"callback":267,"file":148,"line":268},"tweetbutton_admin_init",909,{"type":168,"name":190,"callback":270,"file":148,"line":271},"tweetbutton_validate_options",978,{"type":145,"name":151,"callback":273,"file":148,"line":274},"tp_publish_meta_box_add",1023,{"type":145,"name":159,"callback":276,"file":148,"line":277},"tp_publish_admin_init",1029,{"type":145,"name":279,"callback":279,"file":148,"line":280},"tp_publish_preauth",1087,{"type":145,"name":282,"callback":283,"priority":11,"file":148,"line":284},"transition_post_status","tp_publish_auto_check",1136,{"type":168,"name":190,"callback":286,"file":148,"line":287},"tp_publish_validate_options",1203,{"type":145,"name":289,"callback":165,"file":148,"line":290},"widgets_init",1296,{"type":168,"name":292,"callback":293,"file":148,"line":294},"tp_follow","tp_follow_button",1303,{"type":145,"name":146,"callback":296,"file":297,"line":298},"oauth_init","wp-oauth.php",16,{"type":145,"name":300,"callback":301,"file":297,"line":302},"template_redirect","oauth_template_redirect",27,[304,309],{"action":305,"nopriv":306,"callback":305,"hasNonce":307,"hasCapCheck":307,"file":148,"line":308},"tp_comm_get_display",true,false,639,{"action":310,"nopriv":307,"callback":311,"hasNonce":307,"hasCapCheck":307,"file":148,"line":312},"disconnect_twuid","tp_login_disconnect_twuid",699,[],[315,318],{"tag":22,"callback":316,"file":148,"line":317},"tweetbutton_shortcode",884,{"tag":319,"callback":320,"file":148,"line":321},"twitterfollow","tp_follow_shortcode",1247,[],4,{"dangerousFunctions":325,"sqlUsage":331,"outputEscaping":333,"fileOperations":68,"externalRequests":68,"nonceChecks":68,"capabilityChecks":139,"bundledLibraries":431},[326,329],{"fn":327,"file":148,"line":166,"context":328},"create_function","add_action('admin_notices', create_function( '', \"echo '\u003Cdiv class=\\\"error\\\">\u003Cp>\".sprintf(__('TweetP",{"fn":327,"file":148,"line":290,"context":330},"add_action('widgets_init', create_function('', 'return register_widget(\"TP_Follow_Widget\");'));",{"prepared":139,"raw":13,"locations":332},[],{"escaped":31,"rawEcho":45,"locations":334},[335,338,340,342,344,346,348,350,352,354,356,358,360,362,364,365,367,369,371,373,375,377,379,381,383,385,387,389,391,393,395,397,399,401,403,405,407,409,411,413,415,417,419,421,423,424,425,427,429,430],{"file":148,"line":336,"context":337},197,"raw output",{"file":148,"line":339,"context":337},247,{"file":148,"line":341,"context":337},253,{"file":148,"line":343,"context":337},419,{"file":148,"line":345,"context":337},430,{"file":148,"line":347,"context":337},432,{"file":148,"line":349,"context":337},438,{"file":148,"line":351,"context":337},443,{"file":148,"line":353,"context":337},478,{"file":148,"line":355,"context":337},502,{"file":148,"line":357,"context":337},558,{"file":148,"line":359,"context":337},665,{"file":148,"line":361,"context":337},670,{"file":148,"line":363,"context":337},672,{"file":148,"line":363,"context":337},{"file":148,"line":366,"context":337},679,{"file":148,"line":368,"context":337},682,{"file":148,"line":370,"context":337},728,{"file":148,"line":372,"context":337},863,{"file":148,"line":374,"context":337},922,{"file":148,"line":376,"context":337},928,{"file":148,"line":378,"context":337},934,{"file":148,"line":380,"context":337},940,{"file":148,"line":382,"context":337},969,{"file":148,"line":384,"context":337},975,{"file":148,"line":386,"context":337},1038,{"file":148,"line":388,"context":337},1056,{"file":148,"line":390,"context":337},1061,{"file":148,"line":392,"context":337},1068,{"file":148,"line":394,"context":337},1071,{"file":148,"line":396,"context":337},1080,{"file":148,"line":398,"context":337},1081,{"file":148,"line":400,"context":337},1082,{"file":148,"line":402,"context":337},1083,{"file":148,"line":404,"context":337},1084,{"file":148,"line":406,"context":337},1110,{"file":148,"line":408,"context":337},1115,{"file":148,"line":410,"context":337},1125,{"file":148,"line":412,"context":337},1233,{"file":148,"line":414,"context":337},1259,{"file":148,"line":416,"context":337},1260,{"file":148,"line":418,"context":337},1262,{"file":148,"line":420,"context":337},1287,{"file":148,"line":422,"context":337},1288,{"file":148,"line":422,"context":337},{"file":148,"line":422,"context":337},{"file":148,"line":426,"context":337},1290,{"file":148,"line":428,"context":337},1291,{"file":148,"line":428,"context":337},{"file":148,"line":428,"context":337},[],[433,451],{"entryPoint":434,"graph":435,"unsanitizedCount":13,"severity":450},"tp_app_options_page (tp.php:185)",{"nodes":436,"edges":448},[437,442],{"id":438,"type":439,"label":440,"file":148,"line":441},"n0","source","$_POST",190,{"id":443,"type":444,"label":445,"file":148,"line":446,"wp_function":447},"n1","sink","update_option() [Settings Manipulation]",191,"update_option",[449],{"from":438,"to":443,"sanitized":306},"low",{"entryPoint":452,"graph":453,"unsanitizedCount":13,"severity":450},"\u003Ctp> (tp.php:0)",{"nodes":454,"edges":465},[455,457,458,461],{"id":438,"type":439,"label":456,"file":148,"line":441},"$_POST (x2)",{"id":443,"type":444,"label":445,"file":148,"line":446,"wp_function":447},{"id":459,"type":439,"label":460,"file":148,"line":441},"n2","$_POST (x4)",{"id":462,"type":444,"label":463,"file":148,"line":349,"wp_function":464},"n3","echo() [XSS]","echo",[466,467],{"from":438,"to":443,"sanitized":306},{"from":459,"to":462,"sanitized":306},{"summary":469,"deductions":470},"The plugin 'tp' v1.4 presents a mixed security posture. While it demonstrates good practices in its handling of SQL queries, utilizing prepared statements for all queries and performing a reasonable number of capability checks, there are significant areas of concern. The presence of two AJAX handlers without authentication checks creates a direct attack vector. Furthermore, only 12% of outputs are properly escaped, indicating a high risk of Cross-Site Scripting (XSS) vulnerabilities, especially given the absence of critical or high-severity taint flows which might otherwise catch such issues. The plugin also utilizes the deprecated and insecure `create_function` function twice.  Encouragingly, the plugin has no recorded vulnerability history, suggesting a generally stable past. However, the current static analysis findings, particularly the unprotected entry points and poor output escaping, introduce notable risks that outweigh the positive aspects.",[471,473,476],{"reason":472,"points":11},"Unprotected AJAX handlers",{"reason":474,"points":475},"Low percentage of properly escaped output",8,{"reason":477,"points":478},"Use of dangerous function: create_function",5,"2026-03-17T00:31:38.793Z",{"wat":481,"direct":490},{"assetPaths":482,"generatorPatterns":485,"scriptPaths":486,"versionParams":487},[483,484],"\u002Fwp-content\u002Fplugins\u002Ftp\u002Fcss\u002Ftweetpress.css","\u002Fwp-content\u002Fplugins\u002Ftp\u002Fjs\u002Ftweetpress.js",[],[484],[488,489],"tp\u002Fstyle.css?ver=","tp\u002Fscript.js?ver=",{"cssClasses":491,"htmlComments":497,"htmlAttributes":501,"restEndpoints":505,"jsGlobals":506,"shortcodeOutput":509},[492,493,494,495,496],"tweetpress-widget-container","tweetpress-tweet-body","tweetpress-tweet-meta","tp_tweet_button","tp_share_button",[498,499,500],"\u003C!-- TweetPress widget starts -->","\u003C!-- TweetPress widget ends -->","\u003C!-- If you like this plugin, Follow me @l0uy for more updates. -->",[502,503,504],"data-tweet-url","data-tweet-text","data-tweet-via",[],[507,508],"tweetpress","TP_AJAX_URL",[510,511,512],"[tweetpress_feed]","[tweetpress_timeline]","[tweetpress_buttons]"]