[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fMJp2KFTyQU64a-F_M4bLt4KdNbB1dECiGnhvmlKmEK4":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":17,"download_link":22,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25,"vulnerabilities":26,"developer":27,"crawl_stats":24,"alternatives":34,"analysis":129,"fingerprints":264},"twitter-user-timelines","Twitter User Timelines","1.0.8","danielpataki","https:\u002F\u002Fprofiles.wordpress.org\u002Fdanielpataki\u002F","\u003Cp>Twitter User Timelines is a plugin that tries to do Twitter feeds right. Instead of the inflexible Twitter widget I built the whole thing using the REST API. This allows me to use regular ol’ HTML and CSS to style everything. It gives \u003Cstrong>you\u003C\u002Fstrong> a lot of power since you can override the default look in any way you like.\u003C\u002Fp>\n\u003Cp>The widget allows you to show different tweets where it makes sense. You can choose to show a post’s current author’s tweets for example. You can override the default Twitter user on single post, single page and author archive pages.\u003C\u002Fp>\n\u003Ch4>Setup\u003C\u002Fh4>\n\u003Cp>Please note that since the Twitter API requires authentication you will need to create a Twitter application to get a consumer key and secret. This is super easy, I’ve included instructions in the Installation section.\u003C\u002Fp>\n\u003Ch4>Thanks\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Funsplash.com\u002Fdavidmarcu\" rel=\"nofollow ugc\">David Marcu\u003C\u002Fa> for the wonderful photo for the plugin’s featured image\u003C\u002Fli>\n\u003C\u002Ful>\n","Add Twitter streams to your widget areas. It can detect the current author on archive and single pages and show their tweets only.",60,5198,0,"2015-10-11T15:26:00.000Z","4.2.39","3.5.0","",[19,20,21],"social","twitter","widget","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftwitter-user-timelines.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":28,"total_installs":29,"avg_security_score":30,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},12,6840,84,30,83,"2026-04-04T20:19:53.570Z",[35,55,76,95,111],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":30,"num_ratings":45,"last_updated":46,"tested_up_to":47,"requires_at_least":48,"requires_php":17,"tags":49,"homepage":52,"download_link":53,"security_score":54,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25},"juiz-last-tweet-widget","Juiz Last Tweet Widget","1.3.8","Geoffrey","https:\u002F\u002Fprofiles.wordpress.org\u002Fcreativejuiz\u002F","\u003Cp>Add a widget to your sidebar to show your latest tweet(s) with style and without JavaScript! Retweet, Favorite and Reply links are available.\u003C\u002Fp>\n\u003Cp>This sidebar’s widget offer you the possibility to show your last tweet(s) (THE last by default) in your WordPress web site.\u003Cbr \u002F>\nThe advantage of this plugin is the absence of JavaScript script to load tweets from twitter : a very good point for your page speed.\u003Cbr \u002F>\nAnother advantage is the possibility to use a cache system with an adjustable period.\u003Cbr \u002F>\nYou also can show your avatar, action links (Favorite, Reply, Retweet), activate a slideshow of latest tweets, and customize the CSS.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>In admin:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Easy to install.\u003C\u002Fli>\n\u003Cli>Panel for easy configuration (Appearance -> Widgets).\u003C\u002Fli>\n\u003Cli>Show or hide your avatar\u003C\u002Fli>\n\u003Cli>Default CSS can be disabled or customized\u003C\u002Fli>\n\u003Cli>Unlimited customization (colors of the widget, several default styles, etc.)\u003C\u002Fli>\n\u003Cli>Adjustable period for cache system\u003C\u002Fli>\n\u003Cli>Can active the action links\u003C\u002Fli>\n\u003Cli>Can active an auto slideshow script and chose delay between two tweets\u003C\u002Fli>\n\u003Cli>Shortcode to insert the widget where you want\u003C\u002Fli>\n\u003Cli>Included: Tutorial to create a Twitter plugin (needed for API 1.1)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>In your site:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Smart default style (CSS) and compatible with \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fsocial-subscribers-counter\u002F\" rel=\"ugc\">Social Subscribers Counter\u003C\u002Fa> styles\u003C\u002Fli>\n\u003Cli>Flat styles with customizable colors\u003C\u002Fli>\n\u003Cli>Display link (with special CSS classes) for hastags, users, and web link (\u003Ccode>nofollow\u003C\u002Fcode> links)\u003C\u002Fli>\n\u003Cli>Display twitter’s user link and statut’s link\u003C\u002Fli>\n\u003Cli>Display source (web, Tweetdeck, etc.) when it’s possible\u003C\u002Fli>\n\u003Cli>In option: Show action links like Retweet, Reply and Fav\u003C\u002Fli>\n\u003Cli>In option: little slideshow of one tweet in a list of tweets\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For developpers, numerous hooks are available, template function is available (see FAQ for more info) 😉\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Languages\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>English\u003C\u002Fli>\n\u003Cli>German\u003C\u002Fli>\n\u003Cli>Spannish\u003C\u002Fli>\n\u003Cli>French\u003C\u002Fli>\n\u003Cli>Turkish (thanks to \u003Ca href=\"http:\u002F\u002Fhakanertr.wordpress.com\u002F\" title=\"His website\" rel=\"nofollow ugc\">Hakaner\u003C\u002Fa>!)\u003C\u002Fli>\n\u003Cli>Nowegian (thanks to \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fprofile\u002Fnilsel\" title=\"His WordPress profile\" rel=\"ugc\">Nilsel\u003C\u002Fa>!)\u003C\u002Fli>\n\u003Cli>Italian (thanks to \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fprofile\u002Fsuperciccio14\" title=\"His WordPress profile\" rel=\"ugc\">superciccio14\u003C\u002Fa>!)\u003C\u002Fli>\n\u003Cli>Portuguese (Brazilian) (thanks to \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fprofile\u002Ftrindademeier\" title=\"His WordPress profile\" rel=\"ugc\">trindademeier\u003C\u002Fa>!)\u003C\u002Fli>\n\u003Cli>Dutch (thanks to \u003Ca href=\"http:\u002F\u002Fwww.directic.nl\" title=\"His Web site\" rel=\"nofollow ugc\">Jan Willem Wilmsen\u003C\u002Fa>!)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Thanks to \u003Ca href=\"http:\u002F\u002Fscreenfeed.fr\" rel=\"nofollow ugc\">Greg\u003C\u002Fa> and \u003Ca href=\"http:\u002F\u002Ftweetpress.fr\u002F\" rel=\"nofollow ugc\">Julien\u003C\u002Fa> for your advices in some parts of this plugin 😉\u003C\u002Fp>\n\u003Ch3>Informations\u003C\u002Fh3>\n\u003Cp>Another plugin :\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fjuiz-social-post-sharer\u002F\" title=\"WordPress Social Networks Buttons\" rel=\"ugc\">Juiz Social Post Sharer\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>You like it ? You can donate or \u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Fintent\u002Ftweet?hashtags=CreativeJuiz&original_referer=http%3A%2F%2Fwordpress.org%2Fextend%2Fplugins%2Fjuiz-last-tweet-widget%2F&related=geoffrey_crofte&source=WordPress&text=I%20use%20Juiz-Last-Tweet%20Plugin%20for%20WordPress.%20It's%20usefull!!&url=http%3A%2F%2Fwww.creativejuiz.fr%2Fblog%2Fwordpress%2Fwordpress-plugin-afficher-derniers-tweets-widget&via=geoffrey_crofte\" title=\"Tweet a little word\" rel=\"nofollow ugc\">tweet\u003C\u002Fa> for this plugin.\u003Cbr \u002F>\nThank you !\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.paypal.com\u002Fcgi-bin\u002Fwebscr?cmd=_donations&business=P39NJPCWVXGDY&lc=FR&item_name=Juiz%20Last%20Tweet%20Widget%20%2d%20WordPress%20Plugin&currency_code=EUR&bn=PP%2dDonationsBF%3abtn_donateCC_LG%2egif%3aNonHostedGuest\" title=\"Donate to this WordPress plugin\" rel=\"nofollow ugc\">Donate\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Full documentation in the plugin folder ! (documentation.html)\u003Cbr \u002F>\nOr here: \u003Ca href=\"http:\u002F\u002Fcreativejuiz.fr\u002Fblog\u002Fdoc\u002Fjuiz-last-tweet-widget-documentation.html\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fp>\n","Add a widget to your sidebar to show your latest tweet(s) with style and without JavaScript! Retweet, Favorite and Reply links are available.",600,104303,26,"2024-11-28T16:08:00.000Z","6.7.5","3.0.1",[50,51,19,20,21],"last","sidebar","https:\u002F\u002Fwww.creativejuiz.fr\u002Fblog\u002Fwordpress\u002Fwordpress-plugin-afficher-derniers-tweets-widget","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjuiz-last-tweet-widget.zip",92,{"slug":56,"name":57,"version":58,"author":59,"author_profile":60,"description":61,"short_description":62,"active_installs":63,"downloaded":64,"rating":54,"num_ratings":65,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":17,"tags":69,"homepage":74,"download_link":75,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25},"metro-style-social-widget","Metro Style Social Widget","1.0.2","Manivannan M","https:\u002F\u002Fprofiles.wordpress.org\u002Fmanivannan-m\u002F","\u003Cp>A light weight wordpress widget that displays Metro Style social network icons in Sidebar and links to your social network profiles.\u003C\u002Fp>\n\u003Cp>Add button option will display the Like \u002F Follow button on the Social icons so that your users can immediately Like \u002F Follow your page or profile without leaving your site.\u003C\u002Fp>\n\u003Cp>Since every one use Facebook and Twitter, we made them as default and other network as optional.\u003C\u002Fp>\n\u003Ch4>Update\u003C\u002Fh4>\n\u003Cp>Color Picker added, Now you can set any color to any icons in the widget.\u003C\u002Fp>\n\u003Cp>On Users request Google+ and RSS Feed are now optional.\u003C\u002Fp>\n\u003Cp>If needed you can display Google+, Linkedin, Youtube, RSS Feed and Pinterest else choose don’t show option in widget settings.\u003C\u002Fp>\n\u003Cp>Responsive design, Plugin will automatically fit within your siderbar width else you can specify width for the widget.\u003C\u002Fp>\n\u003Ch4>Next Release will Include the Below Feature\u003C\u002Fh4>\n\u003Cul>\n\u003Cli> User side configuration \u002F customization in Widget admin page\u003C\u002Fli>\n\u003Cli> More Styles \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Support \u002F Contact\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwww.aidful.com\u002Fmetro-style-social-widget-wordpress\" title=\"More info about Metro Style Social Widget plugin\" rel=\"nofollow ugc\">More Info \u002F DEMO\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwww.aidful.com\" title=\"Contact at Aidful.com\" rel=\"nofollow ugc\">Developer Blog: Aidful.com\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Sponsors\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwww.specificfeeds.com\u002F\" title=\"Donated 30 USD\" rel=\"nofollow ugc\">SpecificFeeds\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you like this plug-in, please don’t forget to rate this plugin.\u003C\u002Fp>\n","Metro Style Social Network Widget",300,56781,22,"2016-08-02T08:32:00.000Z","4.5.33","2.5",[70,71,72,73,20],"facebook","google","metro-social-widget","specificfeeds","http:\u002F\u002Fwww.aidful.com\u002Fmetro-style-social-widget-wordpress","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmetro-style-social-widget.1.0.2.zip",{"slug":77,"name":78,"version":79,"author":80,"author_profile":81,"description":82,"short_description":83,"active_installs":84,"downloaded":85,"rating":54,"num_ratings":86,"last_updated":87,"tested_up_to":88,"requires_at_least":89,"requires_php":17,"tags":90,"homepage":93,"download_link":94,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25},"social-media-badge-widget","Social Media Badge Widget","2.7.0","StressFree Sites","https:\u002F\u002Fprofiles.wordpress.org\u002Fstressfree-sites\u002F","\u003Cp>This plugin creates a widget which easily displays the social badges from the leading social media websites (Twitter, Facebook, Google+, LinkedIn, You Tube, Pinterest and Flickr) in a clear and elegant way.\u003C\u002Fp>\n\u003Cp>It displays the information in an accordion, so only one section is open at a time, which ensures your website does not become cluttered visually.\u003C\u002Fp>\n\u003Cp>The plugin includes a plugin admin page where it is possible to customise everything from the social media channel to the visual styling of the accordion.\u003C\u002Fp>\n\u003Ch3>Plugin features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Widget content displays in a jQuery accordion.\u003C\u002Fli>\n\u003Cli>Display Twitter, Facebook, Google+, LinkedI, You Tube, Pinterest, Flickr\u003C\u002Fli>\n\u003Cli>Customise the Twitter widget for different colour schemes and to show replies.\u003C\u002Fli>\n\u003Cli>Customise the Facebook widget for different colour schemes, show news stream and show fans faces.\u003C\u002Fli>\n\u003Cli>Change the colour of the accordion, gray, blue, red, green and black.\u003C\u002Fli>\n\u003Cli>Two different icons sets: colour and grey.\u003C\u002Fli>\n\u003Cli>Select accordion section to open on page load.\u003C\u002Fli>\n\u003Cli>Ability to make the accordion all collapsible and load with all section closed.\u003C\u002Fli>\n\u003Cli>Choose which accordion section to display on each widget.\u003C\u002Fli>\n\u003Cli>Skeleton styling to enable easy custom styling.\u003C\u002Fli>\n\u003Cli>Ability to manually load jQuery to increase compatability.\u003C\u002Fli>\n\u003Cli>Troubleshooting section to ensure any problems are resolved quickly.\u003C\u002Fli>\n\u003Cli>Support requests answered in less and 24 hours on average.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Like this plugin?\u003C\u002Fh3>\n\u003Cp>You maybe interested in our \u003Ca href=\"http:\u002F\u002Fsocialprofilesandcontactdetailswordpressplugin.com\u002F\" rel=\"nofollow ugc\">premium plugin\u003C\u002Fa> to enable more features.\u003C\u002Fp>\n\u003Cp>Otherwise, please have a look at our other plugin \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbusiness-contact-widget\u002F\" rel=\"ugc\">Business Contact Widget\u003C\u002Fa> which displays all your contact details in a clear and elegant way.\u003C\u002Fp>\n","This plugin creates a widget which easily displays the social badges from the leading social media websites in a clear an elegant way.",200,54660,5,"2015-09-17T23:00:00.000Z","4.3.34","3.0.0",[91,70,92,20,21],"badge","social-media","http:\u002F\u002Fstressfreesites.co.uk\u002Fplugins\u002Fsocial-media-badge-widget","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsocial-media-badge-widget.2.7.0.zip",{"slug":96,"name":97,"version":98,"author":99,"author_profile":100,"description":101,"short_description":102,"active_installs":103,"downloaded":104,"rating":13,"num_ratings":13,"last_updated":105,"tested_up_to":106,"requires_at_least":107,"requires_php":17,"tags":108,"homepage":109,"download_link":110,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25},"social-icons-widget","Social Icons Widget","0.1a","Curtiss Grymala","https:\u002F\u002Fprofiles.wordpress.org\u002Fcgrymala\u002F","\u003Cp>Adds an available widget to list various social media profiles. The following social media sites are included by default:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Facebook\u003C\u002Fli>\n\u003Cli>Twitter\u003C\u002Fli>\n\u003Cli>YouTube\u003C\u002Fli>\n\u003Cli>LinkedIn\u003C\u002Fli>\n\u003Cli>Google+\u003C\u002Fli>\n\u003Cli>FriendFeed\u003C\u002Fli>\n\u003Cli>Flickr\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin also includes a filter hook allowing you to extend the available services.\u003C\u002Fp>\n\u003Cp>By default, this plugin outputs an unordered list (ul) with a class of \u003Ccode>social-icons-list\u003C\u002Fcode>. Each service is output as a list item (li) with the service name used as the HTML class attribute. Filters are available to allow you to change those HTML elements.\u003C\u002Fp>\n","A developer-friendly plugin that allows you to add a widget with links to various social media profiles.",100,19301,"2011-08-26T19:53:00.000Z","3.2.1","3.1",[70,92,20,21],"http:\u002F\u002Fplugins.ten-321.com\u002Fsocial-icons-widget\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsocial-icons-widget.0.1.zip",{"slug":112,"name":113,"version":114,"author":115,"author_profile":116,"description":117,"short_description":118,"active_installs":119,"downloaded":120,"rating":121,"num_ratings":122,"last_updated":123,"tested_up_to":124,"requires_at_least":48,"requires_php":17,"tags":125,"homepage":127,"download_link":128,"security_score":23,"vuln_count":13,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25},"round-social-media-buttons","Round Social Media Buttons","1.0","solomon_s_scott","https:\u002F\u002Fprofiles.wordpress.org\u002Fsolomon_s_scott\u002F","\u003Cp>This plugin creates a responsive widget that displays up to eight different social media websites. (Not all 8 are required)\u003C\u002Fp>\n\u003Col>\n\u003Cli>Facebook\u003C\u002Fli>\n\u003Cli>Twitter\u003C\u002Fli>\n\u003Cli>Google+\u003C\u002Fli>\n\u003Cli>YouTube\u003C\u002Fli>\n\u003Cli>LinkedIn\u003C\u002Fli>\n\u003Cli>Instagram\u003C\u002Fli>\n\u003Cli>Pinterest\u003C\u002Fli>\n\u003Cli>Tumblr\u003C\u002Fli>\n\u003C\u002Fol>\n","Provides a responsive social media widget that displays up to eight different social media websites.",90,9114,74,3,"2014-04-17T23:05:00.000Z","3.9.40",[70,126,92,20,21],"linkedin","http:\u002F\u002Fsolomonscott.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fround-social-media-buttons.zip",{"attackSurface":130,"codeSignals":162,"taintFlows":249,"riskAssessment":250,"analyzedAt":263},{"hooks":131,"ajaxHandlers":158,"restRoutes":159,"shortcodes":160,"cronEvents":161,"entryPointCount":13,"unprotectedCount":13},[132,138,142,146,150,154],{"type":133,"name":134,"callback":135,"file":136,"line":137},"action","plugins_loaded","tut_load_textdomain","twitter-user-timelines.php",16,{"type":133,"name":139,"callback":140,"file":136,"line":141},"wp_enqueue_scripts","tut_frontend_assets",31,{"type":133,"name":143,"callback":144,"file":136,"line":145},"admin_menu","tut_settings_page",59,{"type":133,"name":147,"callback":148,"file":136,"line":149},"admin_init","tut_register_settings",75,{"type":133,"name":151,"callback":152,"file":136,"line":153},"admin_enqueue_scripts","tut_equeue_assets",149,{"type":133,"name":155,"callback":156,"file":136,"line":157},"widgets_init","tut_widget_init",170,[],[],[],[],{"dangerousFunctions":163,"sqlUsage":164,"outputEscaping":167,"fileOperations":13,"externalRequests":122,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":248},[],{"prepared":165,"raw":13,"locations":166},1,[],{"escaped":28,"rawEcho":168,"locations":169},49,[170,174,176,177,179,180,181,183,185,186,188,190,191,192,193,194,195,196,197,199,201,202,204,206,207,208,210,211,212,214,216,218,220,222,223,225,226,228,229,231,232,234,236,237,238,240,242,244,246],{"file":171,"line":172,"context":173},"class-twitter-user-timeline.php",86,"raw output",{"file":171,"line":175,"context":173},87,{"file":171,"line":175,"context":173},{"file":171,"line":178,"context":173},91,{"file":171,"line":54,"context":173},{"file":171,"line":54,"context":173},{"file":171,"line":182,"context":173},96,{"file":171,"line":184,"context":173},97,{"file":171,"line":184,"context":173},{"file":171,"line":187,"context":173},101,{"file":171,"line":189,"context":173},107,{"file":171,"line":189,"context":173},{"file":171,"line":189,"context":173},{"file":171,"line":189,"context":173},{"file":171,"line":189,"context":173},{"file":171,"line":189,"context":173},{"file":171,"line":189,"context":173},{"file":171,"line":189,"context":173},{"file":171,"line":198,"context":173},113,{"file":171,"line":200,"context":173},114,{"file":171,"line":200,"context":173},{"file":171,"line":203,"context":173},118,{"file":171,"line":205,"context":173},120,{"file":171,"line":205,"context":173},{"file":171,"line":205,"context":173},{"file":171,"line":209,"context":173},122,{"file":171,"line":209,"context":173},{"file":171,"line":209,"context":173},{"file":171,"line":213,"context":173},240,{"file":171,"line":215,"context":173},243,{"file":171,"line":217,"context":173},246,{"file":171,"line":219,"context":173},249,{"file":171,"line":221,"context":173},254,{"file":171,"line":221,"context":173},{"file":171,"line":224,"context":173},256,{"file":171,"line":224,"context":173},{"file":171,"line":227,"context":173},258,{"file":171,"line":227,"context":173},{"file":171,"line":230,"context":173},259,{"file":171,"line":230,"context":173},{"file":171,"line":233,"context":173},262,{"file":171,"line":235,"context":173},265,{"file":171,"line":235,"context":173},{"file":171,"line":235,"context":173},{"file":171,"line":239,"context":173},268,{"file":171,"line":241,"context":173},269,{"file":171,"line":243,"context":173},270,{"file":171,"line":245,"context":173},281,{"file":136,"line":247,"context":173},135,[],[],{"summary":251,"deductions":252},"The \"twitter-user-timelines\" plugin, version 1.0.8, exhibits a generally positive security posture, primarily due to the absence of known vulnerabilities and the careful handling of SQL queries. The static analysis reveals no dangerous functions, no file operations, and no exploitable taint flows, which are strong indicators of secure coding practices in these critical areas. The plugin also has a very small attack surface, with no exposed AJAX handlers, REST API routes, shortcodes, or cron events that could be easily leveraged by attackers. This limited entry point count is a significant strength.\n\nHowever, there are notable concerns. The plugin fails to implement any nonce checks or capability checks, which are fundamental security mechanisms in WordPress for verifying user intent and permissions. Coupled with this, a significant percentage (80%) of output is not properly escaped. This could lead to Cross-Site Scripting (XSS) vulnerabilities if any of the data processed by the plugin, even if not directly originating from user input in this specific analysis, is later rendered in the browser without sanitization. The presence of external HTTP requests without any explicit checks for authentication or sanitization could also pose risks if the plugin interacts with untrusted external services.\n\nGiven the lack of vulnerability history and the absence of critical code signals like raw SQL or dangerous functions, the plugin's current state appears relatively safe. However, the missing nonce and capability checks, combined with the high rate of unescaped output, represent significant potential weaknesses that could be exploited. A balanced conclusion is that while the plugin has avoided common pitfalls and has a minimal attack surface, the absence of basic WordPress security best practices for input validation and output sanitization creates a tangible risk that should be addressed.",[253,256,258,261],{"reason":254,"points":255},"No nonce checks implemented",15,{"reason":257,"points":255},"No capability checks implemented",{"reason":259,"points":260},"20% of outputs properly escaped (80% unescaped)",8,{"reason":262,"points":86},"External HTTP requests without explicit checks","2026-03-16T21:49:35.578Z",{"wat":265,"direct":275},{"assetPaths":266,"generatorPatterns":269,"scriptPaths":270,"versionParams":272},[267,268],"\u002Fwp-content\u002Fplugins\u002Ftwitter-user-timelines\u002Fstyles\u002Fdefault.css","\u002Fwp-content\u002Fplugins\u002Ftwitter-user-timelines\u002Fscript.js",[],[271],"\u002F\u002Fplatform.twitter.com\u002Fwidgets.js",[273,274],"twitter-user-timelines\u002Fstyles\u002Fdefault.css?ver=","twitter-user-timelines\u002Fscript.js?ver=",{"cssClasses":276,"htmlComments":277,"htmlAttributes":278,"restEndpoints":283,"jsGlobals":284,"shortcodeOutput":286},[4],[],[279,280,281,282],"data-screen-name","data-tweet-limit","data-theme","data-omit-script",[],[285],"twttr",[287],"[twitter-user-timeline]"]