[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fos5dEVh8JogdGb3QBqbOuWJKTWeBCLWIA8mtSL4YB7M":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":37,"analysis":128,"fingerprints":781},"wp-lifestream2","WP-Lifestream2","1.1.4","Shelby DeNike","https:\u002F\u002Fprofiles.wordpress.org\u002Fsdenike\u002F","\u003Cp>Lifestream displays your social feeds and photos much like you would see it on many of the social networking sites.\u003C\u002Fp>\n\u003Ch3>Requirements\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>PHP 5\u003C\u002Fli>\n\u003Cli>WordPress 2.8 or newer\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Personalizable CSS classes.\u003C\u002Fli>\n\u003Cli>Detailed configuration options.\u003C\u002Fli>\n\u003Cli>Supports nearly every major social networking website\u003C\u002Fli>\n\u003Cli>Unlimited number of feeds in your Lifestream.\u003C\u002Fli>\n\u003Cli>Supports grouping of events.\u003C\u002Fli>\n\u003Cli>Localization ready!\u003C\u002Fli>\n\u003Cli>Digest available to summarize your activities.\u003C\u002Fli>\n\u003Cli>WordPress MU is supported.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Built-in Feeds\u003C\u002Fh3>\n\u003Cp>The plugin includes most of the major social networking feeds available. You may add your own, as well as send me ideas for new feeds at the GitHub Forum. If you wish to add custom extensions, please see extensions\u002FREADME.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Facebook\u003C\u002Fli>\n\u003Cli>Digg\u003C\u002Fli>\n\u003Cli>Blog\u003C\u002Fli>\n\u003Cli>Twitter\u003C\u002Fli>\n\u003Cli>Reddit\u003C\u002Fli>\n\u003Cli>De.licio.us\u003C\u002Fli>\n\u003Cli>GetGlue\u003C\u002Fli>\n\u003Cli>Instapaper\u003C\u002Fli>\n\u003Cli>Jaiku\u003C\u002Fli>\n\u003Cli>Last.fm (Revamped plugin in 0.38)\u003C\u002Fli>\n\u003Cli>Flickr (Improved display in 0.39)\u003C\u002Fli>\n\u003Cli>Photobucket\u003C\u002Fli>\n\u003Cli>Pownce\u003C\u002Fli>\n\u003Cli>YouTube\u003C\u002Fli>\n\u003Cli>Google Plus\u003C\u002Fli>\n\u003Cli>Yelp\u003C\u002Fli>\n\u003Cli>MySpace Blog\u003C\u002Fli>\n\u003Cli>Skitch\u003C\u002Fli>\n\u003Cli>Identi.ca\u003C\u002Fli>\n\u003Cli>Pandora\u003C\u002Fli>\n\u003Cli>TwitPic\u003C\u002Fli>\n\u003Cli>Pict.Mobi\u003C\u002Fli>\n\u003Cli>Vimeo\u003C\u002Fli>\n\u003Cli>StumbleUpon\u003C\u002Fli>\n\u003Cli>Tumblr\u003C\u002Fli>\n\u003Cli>Ma.gnolia\u003C\u002Fli>\n\u003Cli>Zooomr\u003C\u002Fli>\n\u003Cli>Blip.fm\u003C\u002Fli>\n\u003Cli>Brightkite\u003C\u002Fli>\n\u003Cli>Picasa (Web)\u003C\u002Fli>\n\u003Cli>Kongregate\u003C\u002Fli>\n\u003Cli>Viddler\u003C\u002Fli>\n\u003Cli>coComment\u003C\u002Fli>\n\u003Cli>FoodFeed\u003C\u002Fli>\n\u003Cli>MyEpisodes\u003C\u002Fli>\n\u003Cli>Mixx\u003C\u002Fli>\n\u003Cli>SlideShare\u003C\u002Fli>\n\u003Cli>Blip.tv\u003C\u002Fli>\n\u003Cli>Steam\u003C\u002Fli>\n\u003Cli>Xbox Live\u003C\u002Fli>\n\u003Cli>Github\u003C\u002Fli>\n\u003Cli>Readernaut\u003C\u002Fli>\n\u003Cli>ScrnShots\u003C\u002Fli>\n\u003Cli>Mobypicture\u003C\u002Fli>\n\u003Cli>SmugMug\u003C\u002Fli>\n\u003Cli>DeviantArt\u003C\u002Fli>\n\u003Cli>BackType\u003C\u002Fli>\n\u003Cli>LibraryThing\u003C\u002Fli>\n\u003Cli>Netflix\u003C\u002Fli>\n\u003Cli>Wikipedia\u003C\u002Fli>\n\u003Cli>Upcoming.org\u003C\u002Fli>\n\u003Cli>WordPress Codex\u003C\u002Fli>\n\u003Cli>Raptr\u003C\u002Fli>\n\u003Cli>Gowalla\u003C\u002Fli>\n\u003Cli>Kiva\u003C\u002Fli>\n\u003Cli>Codaset\u003C\u002Fli>\n\u003Cli>Foursquare\u003C\u002Fli>\n\u003Cli>Ustream\u003C\u002Fli>\n\u003Cli>World of Warcraft Armory\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Want to add your own? See extensions\u002FREADME for more information.\u003C\u002Fp>\n\u003Ch3>Localization\u003C\u002Fh3>\n\u003Cp>Currently the plugin is localized in the default language of English, as well as the following languages. If you wish to submit a localization please send it to lifestream@fauxzen.com\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Chinese (Simplified)\u003C\u002Fli>\n\u003Cli>Japanese\u003C\u002Fli>\n\u003Cli>Polish\u003C\u002Fli>\n\u003Cli>Danish\u003C\u002Fli>\n\u003Cli>Italian\u003C\u002Fli>\n\u003Cli>Bulgarian\u003C\u002Fli>\n\u003Cli>French\u003C\u002Fli>\n\u003Cli>German\u003C\u002Fli>\n\u003Cli>Danish\u003C\u002Fli>\n\u003Cli>Spanish\u003C\u002Fli>\n\u003Cli>Swedish\u003C\u002Fli>\n\u003Cli>Belorussian\u003C\u002Fli>\n\u003Cli>Catalan\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>An \u003Ca href=\"http:\u002F\u002Fwww.enthropia.com\u002Flabs\u002F\" rel=\"nofollow ugc\">Enthropia Labs\u003C\u002Fa> project.\u003C\u002Fp>\n\u003Cp>Created by David Cramer (\u003Ca href=\"mailto:dcramer@gmail.com\" rel=\"nofollow ugc\">mail\u003C\u002Fa>, \u003Ca href=\"http:\u002F\u002Fwww.davidcramer.net\" rel=\"nofollow ugc\">website\u003C\u002Fa>).\u003C\u002Fp>\n\u003Cp>Maintained by Robert McGhee (\u003Ca href=\"mailto:robert@robertmcghee.co.uk\" rel=\"nofollow ugc\">mail\u003C\u002Fa>, \u003Ca href=\"http:\u002F\u002Fwwww.robertmcghee.co.uk\" rel=\"nofollow ugc\">website\u003C\u002Fa>).\u003C\u002Fp>\n\u003Cp>Core concept inspired by \u003Ca href=\"http:\u002F\u002Frick.jinlabs.com\u002Fcode\u002Frss-stream\" rel=\"nofollow ugc\">RSS Stream\u003C\u002Fa>.\u003C\u002Fp>\n","Create a Lifestream on your blog",10,6589,0,"2012-02-12T20:52:00.000Z","3.3.2","2.8","",[19,20,21,22,23],"lifestream","miniblogging","rss","social","twitter","http:\u002F\u002Fwww.fauxzen.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-lifestream2.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":26,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"sdenike",2,40,30,84,"2026-04-04T16:39:20.530Z",[38,54,74,84,103],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":17,"short_description":44,"active_installs":11,"downloaded":45,"rating":13,"num_ratings":13,"last_updated":17,"tested_up_to":46,"requires_at_least":47,"requires_php":17,"tags":48,"homepage":50,"download_link":51,"security_score":52,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":53},"rss-stream","RSS Stream","1.0.3","Ricardo Gonzalez","https:\u002F\u002Fprofiles.wordpress.org\u002Frickgc\u002F","RSS Stream displays your social feeds in a lifestream way.",14504,"2.3.3","2",[19,49,21,22,23],"microblogging","http:\u002F\u002Frick.jinlabs.com\u002Fcode\u002Frss-stream","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frss-stream.zip",100,"2026-03-15T10:48:56.248Z",{"slug":55,"name":56,"version":57,"author":58,"author_profile":59,"description":60,"short_description":61,"active_installs":62,"downloaded":63,"rating":52,"num_ratings":64,"last_updated":65,"tested_up_to":66,"requires_at_least":67,"requires_php":17,"tags":68,"homepage":72,"download_link":73,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"social-counter-widget","Social Counter Widget","0.8.1","d3wp","https:\u002F\u002Fprofiles.wordpress.org\u002Fd3wp\u002F","\u003Cp>This widget will display your RSS subscribers, Twitter followers and Facebook fans in one nice looking box. Please take a look at the screenshot.\u003C\u002Fp>\n\u003Ch3>Feedback\u003C\u002Fh3>\n\u003Cp>http:\u002F\u002Fwww.webdev3000.com\u002Fsocial-counter-widget\u002F\u003C\u002Fp>\n","This widget will display your RSS subscribers, Twitter followers and Facebook fans in one nice looking box.",20,11061,1,"2011-12-26T15:33:00.000Z","3.1.4","2.0.2",[69,21,70,71,23],"facebook","social-counter","social-widget","http:\u002F\u002Fwww.webdev3000.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsocial-counter-widget.0.8.1.zip",{"slug":75,"name":76,"version":77,"author":58,"author_profile":59,"description":78,"short_description":79,"active_installs":11,"downloaded":80,"rating":13,"num_ratings":13,"last_updated":81,"tested_up_to":66,"requires_at_least":67,"requires_php":17,"tags":82,"homepage":72,"download_link":83,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"total-social-counter","Total Social Counter","0.8.0","\u003Cp>This widget combines the number of your RSS readers, twitter followers, and fans of your facebook fan page, to give an estimate of your social popularity.\u003Cbr \u002F>\nTipTip jQuery plugin is used to show nice looking tooltips with count for every particular social network. Credit goes to Martin Angelov from Tutorialzine.com\u003C\u002Fp>\n\u003Ch3>Feedback\u003C\u002Fh3>\n\u003Cp>http:\u002F\u002Fwww.webdev3000.com\u002Ftotal-social-counter-widget\u002F\u003C\u002Fp>\n","This widget combines the number of your RSS readers, twitter followers, and fans of your facebook fan page.",4458,"2011-12-12T17:55:00.000Z",[69,21,70,71,23],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftotal-social-counter.0.8.0.zip",{"slug":85,"name":86,"version":87,"author":88,"author_profile":89,"description":90,"short_description":91,"active_installs":11,"downloaded":92,"rating":52,"num_ratings":32,"last_updated":93,"tested_up_to":94,"requires_at_least":95,"requires_php":96,"tags":97,"homepage":101,"download_link":102,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"tweetboost","Schedule Tweets – TweetBoost Free","1.1.0","Hudson Atwell","https:\u002F\u002Fprofiles.wordpress.org\u002Fhudson-atwell\u002F","\u003Ch4>Simple and Easy To Use\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>TweetBoost Free\u003C\u002Fstrong> helps content creators quickly create and schedule Twitter tweets from within the post edit screen.\u003C\u002Fp>\n\u003Cp>This plugin is a light weight version of our amazingly powerful \u003Ca href=\"https:\u002F\u002Fwptweetboost.com\" rel=\"nofollow ugc\">TweetBoost PRO plugin\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Powerful Dashboard Widgets\u003C\u002Fh4>\n\u003Cp>TweetBoost Free provides powerful Dashboard Widgets to help manage scheduling.\u003C\u002Fp>\n\u003Ch4>1. The Calendar Widget\u003C\u002Fh4>\n\u003Cp>Our Calendar Widget easily and beautifully visualizes your Twitter publishing schedule over the course of many months, years.\u003C\u002Fp>\n\u003Ch4>2. The Action Log Widget\u003C\u002Fh4>\n\u003Cp>Our Action Log widget  shows all events that pass through the TweetBoost Free system. Some case-example events are:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Successfully Published Tweets\u003C\u002Fli>\n\u003Cli>Unsuccessful Tweet Publishing Attempts\u003C\u002Fli>\n\u003Cli>Bad API Connections\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Highlights\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Quickly schedule Tweets to Twitter without ever leaving the post edit screen.\u003C\u002Fli>\n\u003Cli>At any point in time, change the content of a Tweet to schedule a brand new Tweet for the same content.\u003C\u002Fli>\n\u003Cli>Visualize scheduled Tweets within our special Dashboard calendar widget.\u003C\u002Fli>\n\u003Cli>View all action events, such as successful tweets, or even unsuccessful tweets, within our special Action Log Widget.\u003C\u002Fli>\n\u003Cli>Scheduled Tweets CAN include images uploaded from the post media gallery.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Developers & Designers\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>TweetBoost FREE\u003C\u002Fstrong> is a collaborative project between two \u003Ca href=\"https:\u002F\u002Fcodeable.io\u002F?ref=76T5o\" rel=\"nofollow ugc\">Codeable.io\u003C\u002Fa> experts, \u003Ca href=\"https:\u002F\u002Fcodeable.io\u002Fdevelopers\u002Fmatt-bissett\u002F?ref=76T5o\" rel=\"nofollow ugc\">Matthew Bissett\u003C\u002Fa> & \u003Ca href=\"https:\u002F\u002Fcodeable.io\u002Fdevelopers\u002Fhudson-atwell\u002F?ref=76T5o\" rel=\"nofollow ugc\">Hudson Atwell\u003C\u002Fa>. Combined they have over 16 years experience in the WordPress sector.\u003C\u002Fp>\n","Quickly schedule tweets from within the post edit screen. Visualize your Twitter schedule in a beautiful dashboard calendar widget.",1548,"2020-01-30T21:16:00.000Z","5.3.0","3.8","5.6",[98,21,99,100,23],"marketing-automation","social-automation","tweets","https:\u002F\u002Fwptweetboost.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftweetboost.1.1.0.zip",{"slug":104,"name":105,"version":106,"author":107,"author_profile":108,"description":109,"short_description":110,"active_installs":111,"downloaded":112,"rating":113,"num_ratings":114,"last_updated":115,"tested_up_to":116,"requires_at_least":117,"requires_php":118,"tags":119,"homepage":123,"download_link":124,"security_score":125,"vuln_count":126,"unpatched_count":13,"last_vuln_date":127,"fetched_at":28},"nextend-facebook-connect","Nextend Social Login and Register","3.1.23","Nextendweb","https:\u002F\u002Fprofiles.wordpress.org\u002Fnextendweb\u002F","\u003Cp>Nextend Social Login is a professional, easy to use and free WordPress plugin. It lets your visitors  register and login to your site using their social profiles (Facebook, Google, X (formerly Twitter), etc.) instead of forcing them to spend valuable time to fill out the default registration form. Besides that, they don’t need to wait for validation emails or keep track of their username and password anymore.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Ftry-nextend-social-login.nextendweb.com\u002Fwp-login.php\" rel=\"nofollow ugc\">Demo\u003C\u002Fa>  |  \u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=buPTza2-6xc&list=PLSawiBnEUNftt3EDqnP2jIXeh6q0pZ5D8&index=1\" rel=\"nofollow ugc\">Tutorial videos\u003C\u002Fa>  |  \u003Ca href=\"https:\u002F\u002Fsocial-login.nextendweb.com\u002Fdocumentation\u002F\" rel=\"nofollow ugc\">Docs\u003C\u002Fa>  |  \u003Ca href=\"https:\u002F\u002Fsocial-login.nextendweb.com\u002Fsupport\u002F\" rel=\"nofollow ugc\">Support\u003C\u002Fa>  |  \u003Ca href=\"https:\u002F\u002Fsocial-login.nextendweb.com\u002Fpricing\u002F\" rel=\"nofollow ugc\">Pro Addon\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FbuPTza2-6xc?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>Nextend Social Login seamlessly integrates with your existing WordPress login and registration form. Existing users can add or remove their social accounts at their WordPress profile page. A single user can attach as many social account as they want allowing them to log in with Facebook, Google or X (formerly Twitter).\u003C\u002Fp>\n\u003Ch4>Three popular providers: Facebook, Google and X (formerly Twitter)\u003C\u002Fh4>\n\u003Cp>Providers are the services which the visitors can use to register and log in to your site. Nextend Social Login allows your visitors to log in with their account from the most popular social networks: Facebook, Google and X (formerly Twitter).\u003C\u002Fp>\n\u003Ch4>Free version features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>One click registration and login via Facebook, Google and X (formerly Twitter)\u003C\u002Fli>\n\u003Cli>Your current users can easily connect their Facebook, Google or X (formerly Twitter) profiles with their account\u003C\u002Fli>\n\u003Cli>Social accounts are tied to a WordPress user account so every account can be accessed with and without social account\u003C\u002Fli>\n\u003Cli>You can define custom redirect URL after the registration (upon first login) using any of the social accounts.\u003C\u002Fli>\n\u003Cli>You can define custom redirect URL after each login with any of the enabled social accounts.\u003C\u002Fli>\n\u003Cli>Display Facebook, Google, X (formerly Twitter) profile picture as avatar\u003C\u002Fli>\n\u003Cli>Login widget and shortcodes\u003C\u002Fli>\n\u003Cli>Customizable designs to match your site\u003C\u002Fli>\n\u003Cli>Editable and translatable texts on the login buttons\u003C\u002Fli>\n\u003Cli>Very simple to setup and use\u003C\u002Fli>\n\u003Cli>Clean, user friendly UI\u003C\u002Fli>\n\u003Cli>Fast and helpful support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Additional features in the \u003Ca href=\"https:\u002F\u002Fsocial-login.nextendweb.com\u002F\" rel=\"nofollow ugc\">Pro addon\u003C\u002Fa>\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WooCommerce compatibility\u003C\u002Fli>\n\u003Cli>BuddyPress compatibility\u003C\u002Fli>\n\u003Cli>UserPro compatibility\u003C\u002Fli>\n\u003Cli>Ultimate Member compatibility\u003C\u002Fli>\n\u003Cli>Easy Digital Downloads compatibility\u003C\u002Fli>\n\u003Cli>Pro providers: LinkedIn, Amazon, VKontakte, WordPress.com, Yahoo, PayPal, Disqus, Apple, GitHub, Microsoft, Line, Discord, Slack, TikTok, Steam, Twitch, Kakao, Reddit, Spotify and more coming soon\u003C\u002Fli>\n\u003Cli>Configure whether email address should be asked on registration at each provider\u003C\u002Fli>\n\u003Cli>Configure whether username should be asked on registration at each provider\u003C\u002Fli>\n\u003Cli>Choose from icons or wide buttons\u003C\u002Fli>\n\u003Cli>Several login layouts\u003C\u002Fli>\n\u003Cli>Restrict specific user roles from using the social logins. (You can restrict different roles for each provider.)\u003C\u002Fli>\n\u003Cli>Assign specific user roles to the newly registered users who use any social login provider. (You can set different roles for each provider.)\u003C\u002Fli>\n\u003Cli>Show the name of the linked providers in the Users table\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Usage\u003C\u002Fh4>\n\u003Cp>After you activated the plugin configure and enable the provider you want to use, then the plugin will automatically\u003C\u002Fp>\n\u003Cul>\n\u003Cli>add the login buttons to the WordPress login page. See screenshot #1\u003C\u002Fli>\n\u003Cli>add the account linking buttons to the WordPress profile page. See screenshot #2\u003C\u002Fli>\n\u003C\u002Ful>\n","One click registration & login plugin for Facebook, Google, X (formerly Twitter) and more. Quick setup and easy configuration.",200000,7588989,98,441,"2026-02-23T09:51:00.000Z","6.9.4","4.9","7.4",[69,120,121,23,122],"google","social-login","x","https:\u002F\u002Fsocial-login.nextendweb.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnextend-facebook-connect.3.1.23.zip",89,6,"2025-11-27 14:54:41",{"attackSurface":129,"codeSignals":183,"taintFlows":672,"riskAssessment":768,"analyzedAt":780},{"hooks":130,"ajaxHandlers":173,"restRoutes":174,"shortcodes":175,"cronEvents":176,"entryPointCount":13,"unprotectedCount":13},[131,137,141,146,149,153,157,161,165,168],{"type":132,"name":133,"callback":134,"file":135,"line":136},"action","admin_menu","options_menu","inc\\core.php",540,{"type":132,"name":138,"callback":139,"file":135,"line":140},"wp_head","header",541,{"type":142,"name":143,"callback":144,"file":135,"line":145},"filter","the_content","embed_callback",542,{"type":132,"name":147,"callback":147,"file":135,"line":148},"init",543,{"type":142,"name":150,"callback":151,"file":135,"line":152},"cron_schedules","get_cron_schedules",545,{"type":132,"name":154,"callback":155,"file":135,"line":156},"lifestream_digest_cron","digest_update",546,{"type":132,"name":158,"callback":159,"file":135,"line":160},"lifestream_cron","update",547,{"type":132,"name":162,"callback":163,"file":135,"line":164},"lifestream_cleanup","cleanup_history",548,{"type":132,"name":166,"callback":166,"file":135,"line":167},"template_redirect",549,{"type":132,"name":169,"callback":170,"file":171,"line":172},"widgets_init","lifestream_widget_register","inc\\widget.php",214,[],[],[],[177,179,181],{"hook":162,"callback":162,"file":135,"line":178},1617,{"hook":158,"callback":158,"file":135,"line":180},1620,{"hook":154,"callback":154,"file":135,"line":182},1642,{"dangerousFunctions":184,"sqlUsage":203,"outputEscaping":270,"fileOperations":354,"externalRequests":13,"nonceChecks":13,"capabilityChecks":357,"bundledLibraries":671},[185,189,192,195,198,201],{"fn":186,"file":135,"line":187,"context":188},"unserialize",62,"$this->data = array(unserialize($row->data));",{"fn":186,"file":135,"line":190,"context":191},74,"$this->feed = new $cls($this->lifestream, unserialize($row->options), $row->feed_id);",{"fn":186,"file":135,"line":193,"context":194},180,"$this->data = unserialize($row->data);",{"fn":186,"file":135,"line":196,"context":197},985,"$result->data = unserialize($result->data);",{"fn":186,"file":135,"line":199,"context":200},2210,"if (!empty($row->options)) $options = unserialize($row->options);",{"fn":186,"file":135,"line":202,"context":197},2576,{"prepared":204,"raw":34,"locations":205},107,[206,209,212,214,216,219,221,223,225,227,229,231,233,235,237,239,241,243,245,247,249,251,253,255,257,259,261,263,265,268],{"file":135,"line":207,"context":208},884,"$wpdb->get_results() with variable interpolation",{"file":135,"line":210,"context":211},1296,"$wpdb->query() with variable interpolation",{"file":135,"line":213,"context":211},1302,{"file":135,"line":215,"context":208},1304,{"file":135,"line":217,"context":218},1334,"$wpdb->get_row() with variable interpolation",{"file":135,"line":220,"context":218},1373,{"file":135,"line":222,"context":208},1431,{"file":135,"line":224,"context":208},1665,{"file":135,"line":226,"context":211},1883,{"file":135,"line":228,"context":211},1884,{"file":135,"line":230,"context":211},1888,{"file":135,"line":232,"context":211},1889,{"file":135,"line":234,"context":211},1890,{"file":135,"line":236,"context":211},1891,{"file":135,"line":238,"context":211},1892,{"file":135,"line":240,"context":211},1893,{"file":135,"line":242,"context":211},1900,{"file":135,"line":244,"context":211},1905,{"file":135,"line":246,"context":211},1906,{"file":135,"line":248,"context":211},1910,{"file":135,"line":250,"context":211},1914,{"file":135,"line":252,"context":211},1918,{"file":135,"line":254,"context":211},1922,{"file":135,"line":256,"context":211},1923,{"file":135,"line":258,"context":211},1924,{"file":135,"line":260,"context":211},1925,{"file":135,"line":262,"context":211},1929,{"file":135,"line":264,"context":211},1930,{"file":266,"line":267,"context":208},"inc\\syndicate.php",86,{"file":171,"line":269,"context":208},128,{"escaped":13,"rawEcho":271,"locations":272},261,[273,276,278,281,283,286,288,290,292,294,296,298,300,302,304,306,309,311,313,315,317,319,321,323,325,327,329,331,333,335,337,338,340,341,343,345,346,348,349,350,352,355,356,358,360,362,363,364,365,366,368,370,371,373,375,376,378,379,381,383,385,387,389,391,393,395,397,399,401,403,404,405,406,407,408,409,410,411,412,413,414,415,416,417,418,419,420,421,422,423,425,427,429,431,433,434,435,436,437,438,441,443,444,446,448,450,452,453,456,457,458,459,460,462,463,464,465,466,468,469,471,473,474,475,477,479,480,481,483,485,487,488,490,492,493,494,495,497,498,499,500,501,502,503,506,507,508,509,511,512,514,516,518,520,522,523,524,525,526,527,528,529,530,531,533,534,536,538,540,542,543,544,546,548,550,552,555,557,560,561,562,563,564,565,566,567,568,569,571,573,575,576,578,580,581,582,583,584,586,587,588,590,592,594,595,596,598,599,601,602,603,604,605,606,608,609,610,611,612,614,615,616,617,619,620,622,624,626,627,628,629,630,632,634,636,637,638,640,641,642,643,644,646,647,649,650,651,653,654,655,656,657,659,660,661,663,664,666,667,668,670],{"file":274,"line":34,"context":275},"extensions\\facebook\\extension.inc.php","raw output",{"file":274,"line":277,"context":275},35,{"file":279,"line":280,"context":275},"extensions\\twitter\\extension.inc.php",124,{"file":279,"line":282,"context":275},129,{"file":284,"line":285,"context":275},"extensions\\twitterfaves\\extension.inc.php",130,{"file":284,"line":287,"context":275},135,{"file":135,"line":289,"context":275},641,{"file":135,"line":291,"context":275},897,{"file":135,"line":293,"context":275},898,{"file":135,"line":295,"context":275},1281,{"file":135,"line":297,"context":275},1285,{"file":135,"line":299,"context":275},2958,{"file":135,"line":301,"context":275},2962,{"file":266,"line":303,"context":275},53,{"file":266,"line":305,"context":275},114,{"file":307,"line":308,"context":275},"inc\\template.php",150,{"file":307,"line":310,"context":275},158,{"file":307,"line":312,"context":275},165,{"file":307,"line":314,"context":275},172,{"file":307,"line":316,"context":275},179,{"file":307,"line":318,"context":275},186,{"file":307,"line":320,"context":275},193,{"file":307,"line":322,"context":275},199,{"file":307,"line":324,"context":275},205,{"file":307,"line":326,"context":275},227,{"file":307,"line":328,"context":275},244,{"file":171,"line":330,"context":275},26,{"file":171,"line":332,"context":275},28,{"file":171,"line":334,"context":275},46,{"file":171,"line":336,"context":275},149,{"file":171,"line":336,"context":275},{"file":171,"line":339,"context":275},155,{"file":171,"line":339,"context":275},{"file":171,"line":342,"context":275},160,{"file":171,"line":344,"context":275},166,{"file":171,"line":314,"context":275},{"file":171,"line":347,"context":275},174,{"file":171,"line":347,"context":275},{"file":171,"line":347,"context":275},{"file":171,"line":351,"context":275},178,{"file":353,"line":354,"context":275},"pages\\add-feed.inc.php",8,{"file":353,"line":354,"context":275},{"file":353,"line":357,"context":275},12,{"file":353,"line":359,"context":275},15,{"file":353,"line":361,"context":275},25,{"file":353,"line":361,"context":275},{"file":353,"line":330,"context":275},{"file":353,"line":332,"context":275},{"file":353,"line":332,"context":275},{"file":353,"line":367,"context":275},32,{"file":353,"line":369,"context":275},36,{"file":353,"line":369,"context":275},{"file":353,"line":372,"context":275},38,{"file":353,"line":374,"context":275},41,{"file":353,"line":374,"context":275},{"file":353,"line":377,"context":275},42,{"file":353,"line":377,"context":275},{"file":353,"line":380,"context":275},44,{"file":353,"line":382,"context":275},67,{"file":353,"line":384,"context":275},76,{"file":353,"line":386,"context":275},77,{"file":353,"line":388,"context":275},80,{"file":353,"line":390,"context":275},87,{"file":353,"line":392,"context":275},97,{"file":353,"line":394,"context":275},133,{"file":353,"line":396,"context":275},138,{"file":398,"line":354,"context":275},"pages\\changelog.inc.php",{"file":400,"line":11,"context":275},"pages\\edit-feed.inc.php",{"file":400,"line":402,"context":275},16,{"file":400,"line":361,"context":275},{"file":400,"line":361,"context":275},{"file":400,"line":330,"context":275},{"file":400,"line":332,"context":275},{"file":400,"line":332,"context":275},{"file":400,"line":367,"context":275},{"file":400,"line":369,"context":275},{"file":400,"line":369,"context":275},{"file":400,"line":372,"context":275},{"file":400,"line":374,"context":275},{"file":400,"line":374,"context":275},{"file":400,"line":377,"context":275},{"file":400,"line":377,"context":275},{"file":400,"line":380,"context":275},{"file":400,"line":382,"context":275},{"file":400,"line":384,"context":275},{"file":400,"line":386,"context":275},{"file":400,"line":388,"context":275},{"file":400,"line":390,"context":275},{"file":400,"line":392,"context":275},{"file":400,"line":424,"context":275},134,{"file":400,"line":426,"context":275},139,{"file":400,"line":428,"context":275},154,{"file":400,"line":430,"context":275},176,{"file":400,"line":432,"context":275},177,{"file":400,"line":432,"context":275},{"file":400,"line":432,"context":275},{"file":400,"line":432,"context":275},{"file":400,"line":351,"context":275},{"file":400,"line":316,"context":275},{"file":439,"line":440,"context":275},"pages\\errors.inc.php",18,{"file":439,"line":442,"context":275},39,{"file":439,"line":442,"context":275},{"file":439,"line":445,"context":275},52,{"file":439,"line":447,"context":275},61,{"file":439,"line":449,"context":275},65,{"file":439,"line":451,"context":275},69,{"file":439,"line":386,"context":275},{"file":454,"line":455,"context":275},"pages\\events.inc.php",17,{"file":454,"line":33,"context":275},{"file":454,"line":374,"context":275},{"file":454,"line":377,"context":275},{"file":454,"line":377,"context":275},{"file":454,"line":461,"context":275},43,{"file":454,"line":380,"context":275},{"file":454,"line":380,"context":275},{"file":454,"line":380,"context":275},{"file":454,"line":380,"context":275},{"file":454,"line":467,"context":275},45,{"file":454,"line":334,"context":275},{"file":454,"line":470,"context":275},54,{"file":472,"line":440,"context":275},"pages\\feeds.inc.php",{"file":472,"line":303,"context":275},{"file":472,"line":470,"context":275},{"file":472,"line":476,"context":275},55,{"file":472,"line":478,"context":275},56,{"file":472,"line":478,"context":275},{"file":472,"line":478,"context":275},{"file":472,"line":482,"context":275},60,{"file":472,"line":484,"context":275},63,{"file":472,"line":486,"context":275},64,{"file":472,"line":449,"context":275},{"file":472,"line":489,"context":275},73,{"file":472,"line":491,"context":275},96,{"file":472,"line":491,"context":275},{"file":472,"line":491,"context":275},{"file":472,"line":491,"context":275},{"file":496,"line":445,"context":275},"pages\\maintenance.inc.php",{"file":496,"line":445,"context":275},{"file":496,"line":303,"context":275},{"file":496,"line":303,"context":275},{"file":496,"line":190,"context":275},{"file":496,"line":388,"context":275},{"file":496,"line":267,"context":275},{"file":504,"line":505,"context":275},"pages\\settings.inc.php",23,{"file":504,"line":505,"context":275},{"file":504,"line":34,"context":275},{"file":504,"line":34,"context":275},{"file":504,"line":510,"context":275},37,{"file":504,"line":380,"context":275},{"file":504,"line":513,"context":275},51,{"file":504,"line":515,"context":275},58,{"file":504,"line":517,"context":275},105,{"file":504,"line":519,"context":275},112,{"file":504,"line":521,"context":275},119,{"file":504,"line":396,"context":275},{"file":504,"line":344,"context":275},{"file":504,"line":344,"context":275},{"file":504,"line":351,"context":275},{"file":504,"line":351,"context":275},{"file":504,"line":316,"context":275},{"file":504,"line":316,"context":275},{"file":504,"line":193,"context":275},{"file":504,"line":193,"context":275},{"file":504,"line":532,"context":275},183,{"file":504,"line":532,"context":275},{"file":504,"line":535,"context":275},185,{"file":504,"line":537,"context":275},198,{"file":504,"line":539,"context":275},225,{"file":504,"line":541,"context":275},257,{"file":504,"line":541,"context":275},{"file":504,"line":271,"context":275},{"file":504,"line":545,"context":275},282,{"file":504,"line":547,"context":275},289,{"file":504,"line":549,"context":275},305,{"file":504,"line":551,"context":275},319,{"file":553,"line":554,"context":275},"templates\\event.php",19,{"file":556,"line":277,"context":275},"templates\\home.php",{"file":558,"line":559,"context":275},"themes\\boxy\\main.inc.php",13,{"file":558,"line":559,"context":275},{"file":558,"line":359,"context":275},{"file":558,"line":359,"context":275},{"file":558,"line":359,"context":275},{"file":558,"line":359,"context":275},{"file":558,"line":455,"context":275},{"file":558,"line":554,"context":275},{"file":558,"line":554,"context":275},{"file":558,"line":554,"context":275},{"file":570,"line":32,"context":275},"themes\\boxy\\templates\\basic.inc.php",{"file":570,"line":572,"context":275},4,{"file":574,"line":32,"context":275},"themes\\boxy\\templates\\bookmark.inc.php",{"file":574,"line":572,"context":275},{"file":574,"line":577,"context":275},9,{"file":579,"line":32,"context":275},"themes\\boxy\\templates\\comment.inc.php",{"file":579,"line":572,"context":275},{"file":579,"line":577,"context":275},{"file":579,"line":577,"context":275},{"file":579,"line":11,"context":275},{"file":585,"line":32,"context":275},"themes\\boxy\\templates\\generic.inc.php",{"file":585,"line":572,"context":275},{"file":585,"line":354,"context":275},{"file":589,"line":64,"context":275},"themes\\boxy\\templates\\photo.inc.php",{"file":589,"line":591,"context":275},3,{"file":593,"line":32,"context":275},"themes\\boxy\\templates\\post.inc.php",{"file":593,"line":572,"context":275},{"file":593,"line":577,"context":275},{"file":597,"line":64,"context":275},"themes\\boxy\\templates\\video.inc.php",{"file":597,"line":591,"context":275},{"file":600,"line":126,"context":275},"themes\\default\\digest.inc.php",{"file":600,"line":126,"context":275},{"file":600,"line":354,"context":275},{"file":600,"line":354,"context":275},{"file":600,"line":354,"context":275},{"file":600,"line":354,"context":275},{"file":600,"line":607,"context":275},11,{"file":600,"line":559,"context":275},{"file":600,"line":559,"context":275},{"file":600,"line":559,"context":275},{"file":600,"line":359,"context":275},{"file":613,"line":357,"context":275},"themes\\default\\main.inc.php",{"file":613,"line":559,"context":275},{"file":613,"line":455,"context":275},{"file":613,"line":330,"context":275},{"file":613,"line":618,"context":275},27,{"file":613,"line":332,"context":275},{"file":613,"line":621,"context":275},29,{"file":613,"line":623,"context":275},33,{"file":613,"line":625,"context":275},34,{"file":613,"line":277,"context":275},{"file":613,"line":510,"context":275},{"file":613,"line":374,"context":275},{"file":613,"line":467,"context":275},{"file":613,"line":631,"context":275},49,{"file":613,"line":633,"context":275},50,{"file":635,"line":357,"context":275},"themes\\default\\sidebar.inc.php",{"file":635,"line":357,"context":275},{"file":635,"line":357,"context":275},{"file":635,"line":639,"context":275},14,{"file":635,"line":402,"context":275},{"file":635,"line":402,"context":275},{"file":635,"line":402,"context":275},{"file":635,"line":440,"context":275},{"file":645,"line":32,"context":275},"themes\\default\\templates\\basic.inc.php",{"file":645,"line":572,"context":275},{"file":648,"line":32,"context":275},"themes\\default\\templates\\bookmark.inc.php",{"file":648,"line":572,"context":275},{"file":648,"line":577,"context":275},{"file":652,"line":32,"context":275},"themes\\default\\templates\\comment.inc.php",{"file":652,"line":572,"context":275},{"file":652,"line":577,"context":275},{"file":652,"line":577,"context":275},{"file":652,"line":11,"context":275},{"file":658,"line":32,"context":275},"themes\\default\\templates\\generic.inc.php",{"file":658,"line":572,"context":275},{"file":658,"line":354,"context":275},{"file":662,"line":64,"context":275},"themes\\default\\templates\\photo.inc.php",{"file":662,"line":591,"context":275},{"file":665,"line":32,"context":275},"themes\\default\\templates\\post.inc.php",{"file":665,"line":572,"context":275},{"file":665,"line":577,"context":275},{"file":669,"line":64,"context":275},"themes\\default\\templates\\video.inc.php",{"file":669,"line":591,"context":275},[],[673,709,723,735,743,756],{"entryPoint":674,"graph":675,"unsanitizedCount":13,"severity":708},"options_page (inc\\core.php:901)",{"nodes":676,"edges":703},[677,682,688,692,696,700],{"id":678,"type":679,"label":680,"file":135,"line":681},"n0","source","$_REQUEST (x4)",955,{"id":683,"type":684,"label":685,"file":135,"line":686,"wp_function":687},"n1","sink","query() [SQLi]",1072,"query",{"id":689,"type":679,"label":690,"file":135,"line":691},"n2","$_GET['id']",1125,{"id":693,"type":684,"label":694,"file":135,"line":691,"wp_function":695},"n3","get_results() [SQLi]","get_results",{"id":697,"type":679,"label":698,"file":135,"line":699},"n4","$_GET (x5)",1292,{"id":701,"type":684,"label":694,"file":135,"line":702,"wp_function":695},"n5",1306,[704,706,707],{"from":678,"to":683,"sanitized":705},true,{"from":689,"to":693,"sanitized":705},{"from":697,"to":701,"sanitized":705},"low",{"entryPoint":710,"graph":711,"unsanitizedCount":13,"severity":708},"\u003Ccore> (inc\\core.php:0)",{"nodes":712,"edges":719},[713,714,715,716,717,718],{"id":678,"type":679,"label":680,"file":135,"line":681},{"id":683,"type":684,"label":685,"file":135,"line":686,"wp_function":687},{"id":689,"type":679,"label":690,"file":135,"line":691},{"id":693,"type":684,"label":694,"file":135,"line":691,"wp_function":695},{"id":697,"type":679,"label":698,"file":135,"line":699},{"id":701,"type":684,"label":694,"file":135,"line":702,"wp_function":695},[720,721,722],{"from":678,"to":683,"sanitized":705},{"from":689,"to":693,"sanitized":705},{"from":697,"to":701,"sanitized":705},{"entryPoint":724,"graph":725,"unsanitizedCount":13,"severity":708},"\u003Cadd-feed.inc> (pages\\add-feed.inc.php:0)",{"nodes":726,"edges":733},[727,730],{"id":678,"type":679,"label":728,"file":353,"line":729},"$_POST (x2)",22,{"id":683,"type":684,"label":731,"file":353,"line":377,"wp_function":732},"echo() [XSS]","echo",[734],{"from":678,"to":683,"sanitized":705},{"entryPoint":736,"graph":737,"unsanitizedCount":13,"severity":708},"\u003Cedit-feed.inc> (pages\\edit-feed.inc.php:0)",{"nodes":738,"edges":741},[739,740],{"id":678,"type":679,"label":728,"file":400,"line":729},{"id":683,"type":684,"label":731,"file":400,"line":377,"wp_function":732},[742],{"from":678,"to":683,"sanitized":705},{"entryPoint":744,"graph":745,"unsanitizedCount":64,"severity":755},"get_events (inc\\core.php:2021)",{"nodes":746,"edges":752},[747,750],{"id":678,"type":679,"label":748,"file":135,"line":749},"$_",2021,{"id":683,"type":684,"label":694,"file":135,"line":751,"wp_function":695},2148,[753],{"from":678,"to":683,"sanitized":754},false,"high",{"entryPoint":757,"graph":758,"unsanitizedCount":64,"severity":755},"lifestream_sidebar_widget (inc\\core.php:2966)",{"nodes":759,"edges":766},[760,762],{"id":678,"type":679,"label":748,"file":135,"line":761},2966,{"id":683,"type":684,"label":763,"file":135,"line":764,"wp_function":765},"call_user_func() [RCE]",2986,"call_user_func",[767],{"from":678,"to":683,"sanitized":754},{"summary":769,"deductions":770},"The static analysis of wp-lifestream2 v1.1.4 reveals a mixed security posture. While the plugin demonstrates strengths in its limited attack surface, with no apparent AJAX handlers, REST API routes, or shortcodes exposed without authentication, several significant concerns arise from the code signals and taint analysis. The presence of the `unserialize` function six times, coupled with two taint flows identified as having unsanitized paths and high severity, indicates a potential for remote code execution or data manipulation if malicious input is processed. Furthermore, the complete lack of output escaping across all identified outputs is a critical vulnerability that could lead to cross-site scripting (XSS) attacks.\n\nThe vulnerability history is a positive indicator, with no known CVEs or past vulnerabilities recorded. This suggests that the plugin has historically been maintained with security in mind or has not been a target for exploits. However, this should not overshadow the critical risks identified in the static and taint analysis. The absence of nonce checks on any entry points and the limited capability checks across the codebase further expose the plugin to potential attack vectors. In conclusion, while the plugin has a small attack surface and a clean vulnerability history, the identified `unserialize` vulnerabilities, unsanitized taint flows, and complete lack of output escaping present significant and immediate security risks that require urgent attention.",[771,773,775,777],{"reason":772,"points":359},"Unsanitized taint flows (High Severity)",{"reason":774,"points":11},"Dangerous function: unserialize usage",{"reason":776,"points":354},"Output escaping: 0% properly escaped",{"reason":778,"points":779},"Nonce checks: 0",5,"2026-03-17T01:34:43.148Z",{"wat":782,"direct":791},{"assetPaths":783,"generatorPatterns":786,"scriptPaths":787,"versionParams":788},[784,785],"\u002Fwp-content\u002Fplugins\u002Fwp-lifestream2\u002Flifestream.css","\u002Fwp-content\u002Fplugins\u002Fwp-lifestream2\u002Flifestream.js",[],[785],[789,790],"wp-lifestream2\u002Flifestream.css?ver=","wp-lifestream2\u002Flifestream.js?ver=",{"cssClasses":792,"htmlComments":793,"htmlAttributes":797,"restEndpoints":801,"jsGlobals":802,"shortcodeOutput":808},[],[794,795,796],"\u003C!-- Lifestream configuration options -->","\u003C!-- Lifestream output starts -->","\u003C!-- Lifestream output ends -->",[798,799,800],"data-lifestream-feed","data-lifestream-owner","data-lifestream-feed-id",[],[803,804,805,806,807],"Lifestream","ls_config","ls_feeds","ls_theme","ls_icons",[809,810,811,812,813],"\u003Cdiv class=\"lifestream-output\">","\u003Cdiv class=\"lifestream-event\">","\u003Cdiv class=\"lifestream-feed-icon\">","\u003Cdiv class=\"lifestream-event-title\">","\u003Cdiv class=\"lifestream-event-date\">"]