[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fPzoptqqbAiwHSsyskT81R7nr2jFlzjvn38b1hkaHoHo":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":36,"analysis":130,"fingerprints":201},"twitter-hash-tag-widget","Twitter Hash Tag Widget","1.1","Matt Martz","https:\u002F\u002Fprofiles.wordpress.org\u002Fsivel\u002F","\u003Cp>A widget for displaying the most recent twitter status updates for a particular hash tag.\u003C\u002Fp>\n\u003Ch3>Upgrade\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Use the plugin updater in WordPress or…\u003C\u002Fli>\n\u003Cli>Delete the previous \u003Ccode>twitter-hash-tag-widget\u003C\u002Fcode> folder from the \u003Ccode>\u002Fwp-content\u002Fplugins\u002F\u003C\u002Fcode> directory\u003C\u002Fli>\n\u003Cli>Upload the new \u003Ccode>twitter-hash-tag-widget\u003C\u002Fcode> folder to the \u003Ccode>\u002Fwp-content\u002Fplugins\u002F\u003C\u002Fcode> directory\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Install.\u003C\u002Fli>\n\u003Cli>Activate.\u003C\u002Fli>\n\u003Cli>Add to your active widgets at \u003Ccode>Appearance->Widgets\u003C\u002Fcode> and configure.\u003C\u002Fli>\n\u003C\u002Fol>\n","A widget for displaying the most recent twitter status updates for a particular hash tag.",20,7302,0,"2010-05-25T19:01:00.000Z","2.9.2","2.8","",[19,20,21,4,22],"hash","tag","twitter","widget","http:\u002F\u002Fwebdevstudios.com\u002Fsupport\u002Fwordpress-plugins\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftwitter-hash-tag-widget.1.1.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":25,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"sivel",12,5340,30,84,"2026-04-04T04:48:48.687Z",[37,59,79,96,112],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":17,"tags":52,"homepage":57,"download_link":58,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"u-tweets","U-Tweets","1.0","Ultimatum Theme","https:\u002F\u002Fprofiles.wordpress.org\u002Fultimatumtheme\u002F","\u003Ch4>U-Tweets\u003C\u002Fh4>\n\u003Cp>U-Tweets is a very easy to use plugin to display your needed tweets feeds on your web site. It is powered with Twitter’s OAuth\u003Cbr \u002F>\nprotocol and ajax.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Works with Twitter API v1.1.\u003C\u002Fli>\n\u003Cli>Easily configurable.\u003C\u002Fli>\n\u003Cli>Supports OAuth Token Authentication (via Twitter App)\u003C\u002Fli>\n\u003Cli>Ajax powered (Tweets refresh live)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Contribute\u003C\u002Fh4>\n\u003Cp>You may also contribute to the plugin yourself on Github. \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fultimatumtheme\u002Futweets\" rel=\"nofollow ugc\">Get involved!\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cp>If you are having issues, set $debug = true; in lib\u002Ftweets.php. Errors \u003Cem>should\u003C\u002Fem> be logged to the JS console on execution.\u003C\u002Fp>\n\u003Cp>If you still can’t figure it out, feel free to submit an issue on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fultimatumtheme\u002Futweets\" rel=\"nofollow ugc\">github page of the plugin\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Unfortunately, We can not guarantee any support for this. We will, however, provide help and support within the constraints of our schedule.\u003C\u002Fp>\n","U-Tweets is a simple to use WordPress Plugin powered with Twitter OAuth API to display tweets.",10,2197,100,1,"2013-06-23T11:27:00.000Z","3.5.2","3.0.1",[53,54,21,55,56],"hash-tags","tweets","twitter-oauth","twitter-widget","http:\u002F\u002Fultimatumtheme.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fu-tweets.zip",{"slug":60,"name":61,"version":62,"author":63,"author_profile":64,"description":65,"short_description":66,"active_installs":67,"downloaded":68,"rating":69,"num_ratings":70,"last_updated":71,"tested_up_to":72,"requires_at_least":73,"requires_php":17,"tags":74,"homepage":77,"download_link":78,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"hashtag","Hashtag","0.5","takien","https:\u002F\u002Fprofiles.wordpress.org\u002Ftakien\u002F","\u003Cp>Use hashtag on WordPress just like on Twitter or Facebook. Word preceded with hash automatically converted into clickable link. If clicked it will search contents contain same hashtag.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Use standard hashtag ( #hashtag )\u003C\u002Fli>\n\u003Cli>Customizable CSS\u003C\u002Fli>\n\u003Cli>Hashtag also can be used for regular search\u003C\u002Fli>\n\u003Cli>Hash on color code, URL and unicode will be skipped\u003C\u002Fli>\n\u003Cli>Supports for non latin characters\u003C\u002Fli>\n\u003C\u002Ful>\n","Use hashtag on WordPress just like on Twitter or Facebook. Word preceded with hash automatically converted into clickable link.",200,18203,86,8,"2016-01-26T16:14:00.000Z","4.4.34","3.0",[75,60,76,21],"facebook","search","http:\u002F\u002Ftakien.com\u002Fplugins\u002Fhashtag","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhashtag.0.5.zip",{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":11,"downloaded":87,"rating":11,"num_ratings":48,"last_updated":88,"tested_up_to":89,"requires_at_least":15,"requires_php":17,"tags":90,"homepage":94,"download_link":95,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"twitter-hash-tag-shortcode","Twitter Hash Tag Shortcode","0.6.2","Bainternet","https:\u002F\u002Fprofiles.wordpress.org\u002Fbainternet\u002F","\u003Cp>Displaying the most recent twitter status updates for a particular hash tag in your posts\u002Fpages using shortcode.\u003C\u002Fp>\n\u003Cp>Usage:\u003Cbr \u002F>\n    [hashtag_tweets hashtag=”YOUR_TAG” number=”NUMBER_OF_TWEETS_TO_GET” cache=”hours to cache”]\u003C\u002Fp>\n\u003Cp>Feuture relase will have a templating feature but for now i’ll live the design to you with CSS\u003C\u002Fp>\n","Displaying the most recent twitter status updates for a particular hash tag in your posts\u002Fpages using shortcode.",6991,"2016-12-11T12:47:00.000Z","4.7.0",[91,92,93],"tweets-hashtag","twitter-hashtag","twitter-shortcode","http:\u002F\u002Fen.bainternet.info","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftwitter-hash-tag-shortcode.0.6.2.zip",{"slug":97,"name":98,"version":40,"author":99,"author_profile":100,"description":101,"short_description":102,"active_installs":45,"downloaded":103,"rating":13,"num_ratings":13,"last_updated":104,"tested_up_to":105,"requires_at_least":73,"requires_php":17,"tags":106,"homepage":110,"download_link":111,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"automatic-twitter-links","Automatic Twitter Links","Nolongeractive","https:\u002F\u002Fprofiles.wordpress.org\u002Fmarijnrongen\u002F","\u003Cp>The plugin picks out twitter usernames and hashtags and automatically converts them to working links to Twitter profiles and search pages. You will no longer have to manually create these links, it will happen automatically for all page, post and comment content.\u003C\u002Fp>\n","This plugin automatically converts Twitter usernames and hashtags to Twitter profile- and searchlinks in pages, posts and comments.",2528,"2011-06-20T20:48:00.000Z","3.1.4",[60,107,108,21,109],"link","page","user","http:\u002F\u002Fwww.marijnrongen.com\u002Fwordpress-plugins\u002Fautomatic_twitter_links\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fautomatic-twitter-links.1.0.zip",{"slug":113,"name":114,"version":115,"author":116,"author_profile":117,"description":118,"short_description":119,"active_installs":45,"downloaded":120,"rating":13,"num_ratings":13,"last_updated":121,"tested_up_to":122,"requires_at_least":123,"requires_php":17,"tags":124,"homepage":128,"download_link":129,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"fetch-tweets-hashtag-cloud","Fetch Tweets – Hashtag Cloud","1.0.2.1","miunosoft","https:\u002F\u002Fprofiles.wordpress.org\u002Fmiunosoft\u002F","\u003Cp>This is a \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ffetch-tweets\u002F\" rel=\"ugc\">Fetch Tweets\u003C\u002Fa> template that creates a hashtag cloud from the fetched tweets.\u003C\u002Fp>\n\u003Cp>It can be displayed as a list.\u003C\u002Fp>\n\u003Ch4>Notes\u003C\u002Fh4>\n\u003Cp>In order to use this template, \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ffetch-tweets\u002F\" rel=\"ugc\">Fetch Tweets\u003C\u002Fa> needs to be installed and activated.\u003C\u002Fp>\n","Extracts and displays only hastags from the result of Fetch Tweets.",2347,"2014-04-28T09:51:00.000Z","3.7.41","3.3",[125,126,60,127,21],"cloud","fetch-tweets","template","http:\u002F\u002Fen.michaeluno.jp\u002Ffetch-tweets","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffetch-tweets-hashtag-cloud.1.0.2.1.zip",{"attackSurface":131,"codeSignals":143,"taintFlows":186,"riskAssessment":187,"analyzedAt":200},{"hooks":132,"ajaxHandlers":139,"restRoutes":140,"shortcodes":141,"cronEvents":142,"entryPointCount":13,"unprotectedCount":13},[133],{"type":134,"name":135,"callback":136,"file":137,"line":138},"action","widgets_init","anonymous","twitter-hash-tag-widget.php",122,[],[],[],[],{"dangerousFunctions":144,"sqlUsage":148,"outputEscaping":150,"fileOperations":13,"externalRequests":48,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":185},[145],{"fn":146,"file":137,"line":138,"context":147},"create_function","add_action('widgets_init', create_function('', 'return register_widget(\"WP_Widget_Twitter_Hash_Tag\")",{"prepared":13,"raw":13,"locations":149},[],{"escaped":151,"rawEcho":152,"locations":153},6,19,[154,157,159,161,163,164,166,167,168,170,172,173,174,176,178,179,180,182,184],{"file":137,"line":155,"context":156},32,"raw output",{"file":137,"line":158,"context":156},34,{"file":137,"line":160,"context":156},79,{"file":137,"line":162,"context":156},81,{"file":137,"line":47,"context":156},{"file":137,"line":165,"context":156},101,{"file":137,"line":165,"context":156},{"file":137,"line":165,"context":156},{"file":137,"line":169,"context":156},103,{"file":137,"line":171,"context":156},104,{"file":137,"line":171,"context":156},{"file":137,"line":171,"context":156},{"file":137,"line":175,"context":156},107,{"file":137,"line":177,"context":156},108,{"file":137,"line":177,"context":156},{"file":137,"line":177,"context":156},{"file":137,"line":181,"context":156},110,{"file":137,"line":183,"context":156},111,{"file":137,"line":183,"context":156},[],[],{"summary":188,"deductions":189},"The \"twitter-hash-tag-widget\" v1.1 plugin exhibits a mixed security posture.  On the positive side, it has no recorded vulnerabilities (CVEs) and utilizes prepared statements for all its SQL queries, which is a strong defense against SQL injection.  The absence of file operations and external HTTP requests also reduces the attack surface in those areas.  However, several concerning findings are present in the static analysis. The use of the `create_function` is a significant security risk, as it's a deprecated and dangerous function that can lead to arbitrary code execution if improperly handled. Furthermore, the low percentage of properly escaped output (24%) indicates a high risk of Cross-Site Scripting (XSS) vulnerabilities. The lack of nonce and capability checks across all entry points is another major concern, making it susceptible to various attacks if any entry points are discovered or created.\n\nThe plugin's vulnerability history is clean, which is encouraging, suggesting a potentially good development practice in the past or a lack of targeted discovery. However, the static analysis reveals inherent weaknesses that could be exploited. The absence of any taint flows analyzed is a neutral point; it could mean no flows were found or that the analysis was incomplete. The overall security is compromised by the presence of `create_function` and insufficient output escaping, despite the good practices in SQL handling and lack of CVEs.",[190,193,195,198],{"reason":191,"points":192},"Presence of dangerous function create_function",15,{"reason":194,"points":31},"Low percentage of properly escaped output",{"reason":196,"points":197},"Missing nonce checks",5,{"reason":199,"points":197},"Missing capability checks","2026-03-16T23:00:35.117Z",{"wat":202,"direct":207},{"assetPaths":203,"generatorPatterns":204,"scriptPaths":205,"versionParams":206},[],[],[],[],{"cssClasses":208,"htmlComments":210,"htmlAttributes":212,"restEndpoints":213,"jsGlobals":214,"shortcodeOutput":215},[4,209],"view-all",[211],"\u003C!--{$raw_response->errors['http_request_failed'][0]}-->",[],[],[],[]]