[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fbk65AK9SuhDcfPFPi0yZzL4uY36-QkKhvLOr-JFbc20":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":38,"analysis":137,"fingerprints":302},"vkontakte","VKontakte","3.2.0","Yaroslav Bogutsky","https:\u002F\u002Fprofiles.wordpress.org\u002Fyaryj\u002F","\u003Cp>The plugin adds a wide range of VKontakte functionality to your site.\u003Cbr \u002F>\nThe following feature are currently supported:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>comments\u003C\u002Fli>\n\u003Cli>like button\u003C\u002Fli>\n\u003Cli>share button\u003C\u002Fli>\n\u003Cli>group widget\u003C\u002Fli>\n\u003Cli>poll widget\u003C\u002Fli>\n\u003Cli>recommendations widget\u003C\u002Fli>\n\u003C\u002Ful>\n","The plugin adds a wide range of VKontakte functionality to your site.",300,23832,68,5,"2022-04-03T10:37:00.000Z","5.9.13","4.6","5.3",[20,21,22,23,4],"comments","%d0%b2%d0%ba%d0%be%d0%bd%d1%82%d0%b0%d0%ba%d1%82%d0%b5","social","vk","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvkontakte.3.2.0.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":32,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":26,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"yaryj",3,400,30,84,"2026-04-04T07:04:47.758Z",[39,59,80,104,120],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":47,"downloaded":48,"rating":49,"num_ratings":50,"last_updated":24,"tested_up_to":51,"requires_at_least":52,"requires_php":24,"tags":53,"homepage":56,"download_link":57,"security_score":49,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":58},"social-features-for-wp","Social Monster","1.0.10","bogdan_nazar","https:\u002F\u002Fprofiles.wordpress.org\u002Fbogdan_nazar\u002F","\u003Cp>This plugin adds some social functionality to WordPress. Such as FB comments, VK comments, share buttons etc.\u003Cbr \u002F>\nThe main capabilities of this plugin is listed below:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Internal share buttons (G+,FB,VK,Twitter,Delicious,Pinterest,LinkedIn and more) with ability to select preffered ones.\u003C\u002Fli>\n\u003Cli>The tools for ordering internal social buttons.\u003C\u002Fli>\n\u003Cli>The tools for “ShareThis” buttons embedding. Instructions are present to get customized ShareThis data.\u003C\u002Fli>\n\u003Cli>Facebook and Vkontakte comment widgets.\u003C\u002Fli>\n\u003Cli>Option to order them.\u003C\u002Fli>\n\u003Cli>Option to switch on\u002Foff each of widgets including WP internal comments.\u003C\u002Fli>\n\u003Cli>Default language is set to English.\u003C\u002Fli>\n\u003Cli>Already translated for russian users.\u003C\u002Fli>\n\u003Cli>And more other options to cusomize data and view of comment widgets.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This list of available features will grow in the future releases.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>Plugin is free for any use. Don’t delete the authorship note if you’ll going to modify source code under the your needs.\u003C\u002Fp>\n","This plugin adds some social functionality to Wordpress. Such as FB comments, VK comments, share buttons etc.",10,2967,100,1,"4.5.33","3.2.1",[20,54,55,22,4],"facebook","share","http:\u002F\u002Fwww.bogdan-nazar.ru\u002Fwordpress\u002Fmy-plugins\u002Fsocial-monster","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsocial-features-for-wp.1.0.10.zip","2026-03-15T10:48:56.248Z",{"slug":60,"name":61,"version":62,"author":63,"author_profile":64,"description":65,"short_description":66,"active_installs":67,"downloaded":68,"rating":69,"num_ratings":70,"last_updated":71,"tested_up_to":72,"requires_at_least":73,"requires_php":24,"tags":74,"homepage":24,"download_link":77,"security_score":78,"vuln_count":50,"unpatched_count":27,"last_vuln_date":79,"fetched_at":29},"meks-easy-social-share","Meks Easy Social Share","1.3","Meks","https:\u002F\u002Fprofiles.wordpress.org\u002Fmekshq\u002F","\u003Cp>Meks Easy Social share was originally created as a feature for our \u003Ca href=\"https:\u002F\u002Fmekshq.com\u002Ftheme\u002Fjohannes\u002F\" rel=\"nofollow ugc\">Johannes  WordPress theme\u003C\u002Fa> but now it can be used on any WordPress website.\u003C\u002Fp>\n\u003Cp>With this social sharing plugin you can easily add social share buttons to your posts and pages. The plugin is highly flexible and provides you with various styling to match your theme design.\u003C\u002Fp>\n\u003Cp>Meks Easy Social Share WordPress plugin is created by \u003Ca href=\"https:\u002F\u002Fmekshq.com\" rel=\"nofollow ugc\">Meks\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Supports Facebook, Twitter, Reddit, Pinterest, Email, Google+, LinkedIn, StumbleUpon, WhatsApp and vKontakte share buttons.\u003C\u002Fli>\n\u003Cli>15+ styling variations\u003C\u002Fli>\n\u003Cli>Use original social brand colors or specify your custom accent color\u003C\u002Fli>\n\u003Cli>Automatically supports post and pages as well as all registered custom post types on the website\u003C\u002Fli>\n\u003Cli>Multiple placement options (above or below posts), plus template tag option for a custom display location anywhere you want\u003C\u002Fli>\n\u003Cli>Hooks and filters provided for an elegant way to modify the plugin through your own WordPress theme or a plugin\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Live example?\u003C\u002Fh3>\n\u003Cp>You can see Meks Easy Social Share live example on our \u003Ca href=\"https:\u002F\u002Fmekshq.com\u002Fdemo\u002Fjohannes\u002F\" rel=\"nofollow ugc\">Johannes theme demo website\u003C\u002Fa>\u003C\u002Fp>\n","Easily display social share buttons for your posts, pages and custom post types. Supports Facebook, Twitter, Reddit, Pinterest, Email, Google+, Linked &hellip;",10000,225931,90,8,"2024-07-29T12:28:00.000Z","6.6.5","3.7",[75,55,22,4,76],"reddit","whatsapp","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmeks-easy-social-share.zip",92,"2022-09-26 00:00:00",{"slug":81,"name":82,"version":83,"author":84,"author_profile":85,"description":86,"short_description":87,"active_installs":88,"downloaded":89,"rating":90,"num_ratings":91,"last_updated":92,"tested_up_to":93,"requires_at_least":94,"requires_php":24,"tags":95,"homepage":101,"download_link":102,"security_score":49,"vuln_count":50,"unpatched_count":27,"last_vuln_date":103,"fetched_at":29},"heateor-social-comments","Social Comments by Heateor","1.6.3","Heateor Support","https:\u002F\u002Fprofiles.wordpress.org\u002Fheateor\u002F","\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong>\u003Cbr \u002F>\nIf you want to integrate only Facebook Comments, you should install \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ffancy-facebook-comments\u002F\" rel=\"ugc\">Fancy Comments\u003C\u002Fa> instead.\u003C\u002Fp>\n\u003Cp>This plugin allows you to transform the commenting system of your website. You can enable Facebook Comments, Disqus Comments and\u002For default WordPress comments simultaneously. You have full control over which of these four commenting systems you want to enable. You can choose between stacked and tabbed interface with re-ordering of the comments.\u003C\u002Fp>\n\u003Ch4>Features:\u003C\u002Fh4>\n\u003Col>\n\u003Cli>GDPR Compliant\u003C\u002Fli>\n\u003Cli>Compatible with Gutenberg editor\u003C\u002Fli>\n\u003Cli>Integrate \u003Cstrong>Facebook Comments\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Integrate \u003Cstrong>Vkontakte Comments\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Integrate \u003Cstrong>Disqus Comments\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Choose between \u003Cstrong>Tabbed and Stacked layouts\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Rearrange order\u003C\u002Fstrong> of enabled commenting systems\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customize labels\u003C\u002Fstrong> for individual comment system as well as combined comment system\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Show\u002FHide comment counts\u003C\u002Fstrong> for individual comment system\u003C\u002Fli>\n\u003Cli>Options to \u003Cstrong>enable Social Commenting on default post types (posts, pages) as well as custom post types\u003C\u002Fstrong> which support comments\u003C\u002Fli>\n\u003Cli>Enable \u003Cstrong>Social Comments with\u002Fwithout default comments system\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customizable behavior for individual comment system\u003C\u002Fstrong>, like – Target Url, language, width of commenting interface, label etc. \u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>What makes this plugin different and why should I choose this plugin when there are many other similar plugins?\u003C\u002Fh4>\n\u003Col>\n\u003Cli>\u003Cstrong>Totally free\u003C\u002Fstrong>. You don’t need to pay single penny to use this plugin.\u003C\u002Fli>\n\u003Cli>Plugin configuration is kept \u003Cstrong>dead simple\u003C\u002Fstrong>. You can configure it with help of an idiot 😉\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Plugin loads optimally\u003C\u002Fstrong> having minimum possible interference with overall loading of your website  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>No third party registration\u003C\u002Fstrong>. We won’t ask you to register at our website to use this plugin, neither will we ask your email.\u003C\u002Fli>\n\u003Cli>We promise to provide \u003Cstrong>best quality\u003C\u002Fstrong> among other similar plugins. If you find our plugin is lacking some feature, you can email us and we will do our best to include that feature in our plugin as soon as possible.\u003C\u002Fli>\n\u003Cli>Our \u003Cstrong>support team is working 24\u002F7\u003C\u002Fstrong> to answer your queries and assist you. You will find us the quickest to assist you among others.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Benefits of Social Comments\u003C\u002Fh4>\n\u003Col>\n\u003Cli>\n\u003Cp>\u003Cstrong>Virality\u003C\u002Fstrong>: When people comment at your blog using their Facebook, Disqus accounts, the comment not only shows up at your blog, but it also appears in their news feed. This puts your blog in front of new audience which further adds to the likelihood of you getting a new returning visitor.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Higher Conversations\u003C\u002Fstrong>: When you know the person commenting on something, it’s more likely that you will also type out your ideas there, unlike the situation when you don’t know the person involved in the conversation.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Credibility\u003C\u002Fstrong>: In traditional comment form, anyone can put any fake name (Bruce Wayne ….. ;)) to comment on your blog. If the same comment is from the original Facebook account of the person who is commenting, you can give credibility to this user and also the people will automatically trust it.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>No Spam\u003C\u002Fstrong>: You can get rid off the spammers and users, commenting using their fake accounts.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Works for the lazy\u003C\u002Fstrong>: Most people are nowadays lazy. To get these people commenting on your blog, it will just require them to login to their Facebook account (which almost everyone does after powering ON computer).\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Important links\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.heateor.com\u002Fheateor-social-comments#live_demo\" rel=\"nofollow ugc\">Plugin Demo\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fsupport.heateor.com\" rel=\"nofollow ugc\">Support Documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.heateor.com\" rel=\"nofollow ugc\">About Us\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fheateor\" rel=\"nofollow ugc\">Our Facebook Page\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplus.google.com\u002F+Heateor\" rel=\"nofollow ugc\">Our GooglePlus Page\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Fheateor\" rel=\"nofollow ugc\">Our Twitter Page\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can send your feedback or\u002Fand testimonial at hello[at]heateor[dot]com\u003C\u002Fp>\n","Integrate Facebook Comments, Vkontakte Comments and\u002For Disqus Comments along with default comment form at your website",800,77227,96,24,"2025-09-12T10:50:00.000Z","6.8.5","2.5.0",[96,97,98,99,100],"disqus-comments","facebook-comments","google-comments","vkontakte-commenting","vkontakte-comments","https:\u002F\u002Fwww.heateor.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fheateor-social-comments.1.6.3.zip","2023-01-20 00:00:00",{"slug":105,"name":106,"version":107,"author":7,"author_profile":8,"description":108,"short_description":109,"active_installs":69,"downloaded":110,"rating":69,"num_ratings":111,"last_updated":112,"tested_up_to":16,"requires_at_least":113,"requires_php":114,"tags":115,"homepage":24,"download_link":119,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"vkcommerce","VkCommerce","1.1.1","\u003Cp>VKontakte products is a showcase with goods and services in your VKontakte group. You add products with photos, prices and detailed descriptions on the website, and they are published in the VKontakte catalog, expanding the audience of buyers through users of this social network.\u003C\u002Fp>\n","The plugin publishes photos and descriptions of products from your online store to the storefront in a VKontakte group.",6140,4,"2022-04-26T06:29:00.000Z","5.1","7.0",[116,117,22,4,118],"ecommerce","products","woocommerce","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvkcommerce.1.1.1.zip",{"slug":121,"name":122,"version":123,"author":124,"author_profile":125,"description":126,"short_description":127,"active_installs":128,"downloaded":129,"rating":27,"num_ratings":27,"last_updated":130,"tested_up_to":131,"requires_at_least":132,"requires_php":24,"tags":133,"homepage":135,"download_link":136,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"vkontakte-share-button","VKontakte Share Button","1.0.1","jackyfox","https:\u002F\u002Fprofiles.wordpress.org\u002Fjackyfox\u002F","\u003Cp>VKontakte Share Button plugin brings powerful way to add VKontakte share button for you posts and pages.\u003C\u002Fp>\n\u003Cp>It supports all functions of VKontakte API and easy customizable:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>You can choose one of seven button appearance types include \u003Cstrong>custom\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Place button on posts, pages and frontpage at will\u003C\u002Fli>\n\u003Cli>Select location of button: before or after content, on the left or right\u003C\u002Fli>\n\u003Cli>Exclude pages and posts by ID which should stay without buttons\u003C\u002Fli>\n\u003Cli>Choose description of content: forepart of post\u002Fpage or global description for all site\u003C\u002Fli>\n\u003Cli>Can be used description from meta tag \u003Ccode>description\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Use your own site logo image specifying link or with meta tag \u003Ccode>image-src\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can use the shortcode \u003Ccode>[vk-share-button]\u003C\u002Fcode>.\u003C\u002Fp>\n\u003Cp>Also can be used PHP code in your template:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003C?php if (class_exists('VKShareButton'))\n          if(!isset($VKShareButton)\n              $VKShareButton = new VKShareButton();\n          echo $VKShareButton->the_button() ?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Plugin allows you to add fully customizable share button of VKontakte social network.",40,21191,"2010-08-30T08:38:00.000Z","3.0.5","2.8",[134,55,22,4],"post","http:\u002F\u002Fwww.jackyfox.com\u002Fvk-share-button\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvkontakte-share-button.1.0.1.zip",{"attackSurface":138,"codeSignals":196,"taintFlows":291,"riskAssessment":292,"analyzedAt":301},{"hooks":139,"ajaxHandlers":192,"restRoutes":193,"shortcodes":194,"cronEvents":195,"entryPointCount":27,"unprotectedCount":27},[140,146,149,153,155,158,161,164,168,173,176,178,181,182,188],{"type":141,"name":142,"callback":143,"file":144,"line":145},"action","admin_enqueue_scripts","enqueue_styles","includes\\admin\\class-admin-assets.php",15,{"type":141,"name":142,"callback":147,"file":144,"line":148},"enqueue_scripts",16,{"type":141,"name":150,"callback":150,"file":151,"line":152},"admin_menu","includes\\admin\\class-admin-menus.php",23,{"type":141,"name":150,"callback":154,"file":151,"line":91},"settings_menu",{"type":141,"name":150,"callback":156,"file":151,"line":157},"help_menu",25,{"type":141,"name":150,"callback":159,"file":151,"line":160},"comments_menu",28,{"type":141,"name":162,"callback":162,"file":163,"line":35},"init","includes\\admin\\class-admin.php",{"type":141,"name":165,"callback":166,"file":163,"line":167},"load-options.php","register_settings",31,{"type":141,"name":169,"callback":170,"file":171,"line":172},"wp_head","anonymous","includes\\class-head.php",19,{"type":141,"name":162,"callback":162,"file":174,"line":175},"includes\\class-vkontakte.php",91,{"type":141,"name":177,"callback":177,"file":174,"line":78},"widgets_init",{"type":141,"name":162,"callback":143,"file":179,"line":180},"includes\\frontend\\class-frontend-assets.php",18,{"type":141,"name":162,"callback":147,"file":179,"line":172},{"type":183,"name":184,"callback":185,"file":186,"line":187},"filter","the_content","add_buttons_to_content","includes\\frontend\\class-frontend-buttons.php",38,{"type":183,"name":189,"callback":190,"file":191,"line":148},"comments_template","replace_comments_template","includes\\frontend\\class-frontend-comments.php",[],[],[],[],{"dangerousFunctions":197,"sqlUsage":198,"outputEscaping":200,"fileOperations":14,"externalRequests":27,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":290},[],{"prepared":27,"raw":27,"locations":199},[],{"escaped":175,"rawEcho":201,"locations":202},52,[203,207,209,212,214,216,218,220,221,222,223,225,227,229,231,232,233,234,236,238,240,242,244,246,248,249,250,251,252,253,254,256,257,258,259,260,261,262,264,265,266,267,269,271,274,276,279,281,283,285,286,289],{"file":204,"line":205,"context":206},"includes\\admin\\help\\views\\html-settings-api-integration.php",20,"raw output",{"file":204,"line":208,"context":206},21,{"file":210,"line":211,"context":206},"includes\\admin\\help\\views\\html-widgets-comments.php",11,{"file":210,"line":213,"context":206},12,{"file":210,"line":215,"context":206},13,{"file":210,"line":217,"context":206},17,{"file":219,"line":47,"context":206},"includes\\admin\\help\\views\\html-widgets-group.php",{"file":219,"line":211,"context":206},{"file":219,"line":213,"context":206},{"file":219,"line":148,"context":206},{"file":219,"line":224,"context":206},27,{"file":219,"line":226,"context":206},29,{"file":219,"line":228,"context":206},37,{"file":230,"line":211,"context":206},"includes\\admin\\help\\views\\html-widgets-like-button.php",{"file":230,"line":213,"context":206},{"file":230,"line":215,"context":206},{"file":230,"line":217,"context":206},{"file":235,"line":187,"context":206},"includes\\admin\\help\\views\\html-widgets-overview.php",{"file":235,"line":237,"context":206},43,{"file":235,"line":239,"context":206},48,{"file":235,"line":241,"context":206},53,{"file":235,"line":243,"context":206},58,{"file":235,"line":245,"context":206},63,{"file":247,"line":47,"context":206},"includes\\admin\\help\\views\\html-widgets-poll.php",{"file":247,"line":211,"context":206},{"file":247,"line":213,"context":206},{"file":247,"line":148,"context":206},{"file":247,"line":224,"context":206},{"file":247,"line":226,"context":206},{"file":247,"line":228,"context":206},{"file":255,"line":47,"context":206},"includes\\admin\\help\\views\\html-widgets-recommendations.php",{"file":255,"line":211,"context":206},{"file":255,"line":213,"context":206},{"file":255,"line":148,"context":206},{"file":255,"line":224,"context":206},{"file":255,"line":226,"context":206},{"file":255,"line":228,"context":206},{"file":263,"line":211,"context":206},"includes\\admin\\help\\views\\html-widgets-share-button.php",{"file":263,"line":213,"context":206},{"file":263,"line":215,"context":206},{"file":263,"line":217,"context":206},{"file":268,"line":50,"context":206},"includes\\admin\\settings\\views\\styles\\html-content-buttons-template.php",{"file":270,"line":157,"context":206},"includes\\admin\\views\\fields\\html-checkbox.php",{"file":272,"line":273,"context":206},"includes\\admin\\views\\fields\\html-radio.php",36,{"file":275,"line":91,"context":206},"includes\\admin\\views\\fields\\html-select.php",{"file":277,"line":278,"context":206},"includes\\admin\\views\\fields\\html-text.php",22,{"file":280,"line":205,"context":206},"includes\\admin\\views\\fields\\html-textarea.php",{"file":282,"line":217,"context":206},"includes\\frontend\\views\\comments.php",{"file":282,"line":284,"context":206},26,{"file":282,"line":167,"context":206},{"file":287,"line":288,"context":206},"includes\\frontend\\views\\styles\\buttons.php",9,{"file":287,"line":215,"context":206},[],[],{"summary":293,"deductions":294},"The \"vkontakte\" plugin v3.2.0 exhibits a generally strong security posture based on the provided static analysis. The absence of identified AJAX handlers, REST API routes, shortcodes, and cron events significantly limits the plugin's attack surface. Furthermore, the code analysis indicates no dangerous functions, no direct SQL queries, and no taint flows with unsanitized paths, which are excellent indicators of secure coding practices. The plugin also does not make external HTTP requests, further reducing potential vectors for attack. However, there are areas for improvement. The significant percentage of output (36%) that is not properly escaped presents a potential risk of cross-site scripting (XSS) vulnerabilities. Additionally, the complete lack of nonce checks and capability checks on any entry points, combined with zero identified entry points, is concerning. While the current analysis shows no unprotected entry points, the absence of these fundamental security measures on potential future or undocumented entry points is a weakness.\n\nThe plugin's vulnerability history is clean, with zero known CVEs. This suggests a history of secure development or diligent patching by the developers. However, it's important to note that a clean history does not guarantee future security, especially given the identified output escaping and lack of authorization checks. The absence of any recorded vulnerabilities might also be a reflection of the limited attack surface or the thoroughness of the static analysis performed. In conclusion, the \"vkontakte\" plugin v3.2.0 benefits from a very small attack surface and a clean vulnerability history. The core code seems to avoid common pitfalls like raw SQL and dangerous functions. Nevertheless, the lack of proper output escaping for a substantial portion of its outputs and the absence of nonce and capability checks on any potential entry points are notable weaknesses that could be exploited if new entry points are introduced or if the analysis did not cover all potential interaction points.",[295,297,299],{"reason":296,"points":70},"Significant portion of output not properly escaped",{"reason":298,"points":14},"No nonce checks on any entry points",{"reason":300,"points":14},"No capability checks on any entry points","2026-03-16T20:06:55.033Z",{"wat":303,"direct":314},{"assetPaths":304,"generatorPatterns":308,"scriptPaths":309,"versionParams":311},[305,306,307],"\u002Fwp-content\u002Fplugins\u002Fvkontakte\u002Fassets\u002Fcss\u002Fvkontakte.css","\u002Fwp-content\u002Fplugins\u002Fvkontakte\u002Fassets\u002Fjs\u002Fvkontakte.js","\u002Fwp-content\u002Fplugins\u002Fvkontakte\u002Fassets\u002Fjs\u002Fvkontakte-frontend.js",[],[310],"https:\u002F\u002Fvk.com\u002Fjs\u002Fapi\u002Fopenapi.js",[312,313],"vkontakte\u002Fstyle.css?ver=","vkontakte\u002Fscript.js?ver=",{"cssClasses":315,"htmlComments":319,"htmlAttributes":320,"restEndpoints":324,"jsGlobals":325,"shortcodeOutput":327},[316,317,318],"vk_group","vk_poll","vk_recommendations",[],[321,322,323],"data-vkontakte-group","data-vkontakte-poll","data-vkontakte-recommendations",[],[326],"VK",[328,329,330],"[vkontakte_group","[vkontakte_poll","[vkontakte_recommendations"]