[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f7qXz8hw6Mn9qDVLB2jHi26W5oAh7N3d3iKWU1DaVh5U":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":18,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":45,"crawl_stats":36,"alternatives":50,"analysis":162,"fingerprints":221},"wp-link-preview","WP Link Preview","1.4.1","Kishan","https:\u002F\u002Fprofiles.wordpress.org\u002Fkgajera\u002F","\u003Cp>This plugin will add a button to your post\u002Fpage editor which can be used to generate and embed a link preview for a given URL. The link preview consists of a title, description and image which will result in a similar look as sharing a link on Facebook.\u003C\u002Fp>\n\u003Cp>The link preview can also be generated with shortcode: [wplinkpreview url=””]\u003C\u002Fp>\n","Display a preview for a URL similar to sharing a link on Facebook.",500,15881,96,4,"2018-06-30T15:50:00.000Z","4.9.29","4.7","",[20,21,22,23,24],"facebook-link-preview","link-excerpt","link-preview","link-teaser","share-link","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-link-preview.1.4.1.zip",64,1,"2025-03-31 00:00:00","2026-03-15T15:16:48.613Z",[31],{"id":32,"url_slug":33,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":36,"severity":38,"cvss_score":39,"cvss_vector":40,"vuln_type":41,"published_date":28,"updated_date":42,"references":43,"days_to_patch":36},"CVE-2025-31527","wp-link-preview-authenticated-contributor-server-side-request-forgery","WP Link Preview \u003C= 1.4.1 - Authenticated (Contributor+) Server-Side Request Forgery","The WP Link Preview plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.4.1. This makes it possible for authenticated attackers, with Contributor-level access and above, to make web requests to arbitrary locations originating from the web application which can be used to query and modify information from internal services.",null,"\u003C=1.4.1","medium",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Server-Side Request Forgery (SSRF)","2025-04-10 13:25:54",[44],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F009e5f43-19e0-4110-890e-1df715f51a84?source=api-prod",{"slug":46,"display_name":7,"profile_url":8,"plugin_count":27,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":47,"trust_score":48,"computed_at":49},"kgajera",30,69,"2026-04-05T01:53:04.302Z",[51,75,98,121,142],{"slug":52,"name":53,"version":54,"author":55,"author_profile":56,"description":57,"short_description":58,"active_installs":59,"downloaded":60,"rating":61,"num_ratings":62,"last_updated":63,"tested_up_to":64,"requires_at_least":65,"requires_php":18,"tags":66,"homepage":70,"download_link":71,"security_score":13,"vuln_count":72,"unpatched_count":73,"last_vuln_date":74,"fetched_at":29},"visual-link-preview","Visual Link Preview","2.3.0","Brecht","https:\u002F\u002Fprofiles.wordpress.org\u002Fbrechtvds\u002F","\u003Cp>Easily create a Facebook-like link preview for any link on your website. You can choose the image and text to display and create your very own custom template. The default template can be styled from the settings to match your website.\u003C\u002Fp>\n\u003Cp>Some examples of what you could use this for:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>A call to action for your affiliate links\u003C\u002Fli>\n\u003Cli>Promote WooCommerce products on your website\u003C\u002Fli>\n\u003Cli>List sources for your article\u003C\u002Fli>\n\u003Cli>A weekly posty of interesting websites you’ve found\u003C\u002Fli>\n\u003Cli>Link to related posts on your own website\u003C\u002Fli>\n\u003Cli>…\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>It does not require any database lookups, which means even having many of these blocks on a page should not affect performance.\u003C\u002Fp>\n\u003Cp>Compatible with both the Classic and Gutenberg Block Editor using shortcodes and blocks.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>\u003Cstrong>Need help?\u003C\u002Fstrong>\u003Cbr \u002F>\n  Check out \u003Ca href=\"https:\u002F\u002Fhelp.bootstrapped.ventures\u002Fcollection\u002F164-visual-link-preview\" rel=\"nofollow ugc\">our documentation\u003C\u002Fa>!\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>This plugin is in active development. Feel free to contact us with any feature requests or ideas.\u003C\u002Fp>\n","Display a fully customizable visual link preview for any internal or external link.",10000,158587,90,36,"2026-01-19T10:34:00.000Z","6.9.4","4.4",[22,67,68,69],"snippet","summary","visual-link","http:\u002F\u002Fbootstrapped.ventures\u002Fvisual-link-preview\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvisual-link-preview.2.3.0.zip",3,0,"2026-01-18 00:00:00",{"slug":76,"name":77,"version":78,"author":79,"author_profile":80,"description":81,"short_description":82,"active_installs":83,"downloaded":84,"rating":13,"num_ratings":85,"last_updated":86,"tested_up_to":87,"requires_at_least":88,"requires_php":89,"tags":90,"homepage":95,"download_link":96,"security_score":97,"vuln_count":73,"unpatched_count":73,"last_vuln_date":36,"fetched_at":29},"bookmark-card","Bookmark Card","2.2.1","George Mamadashvili","https:\u002F\u002Fprofiles.wordpress.org\u002Fmamaduka\u002F","\u003Cp>Bookmark Card will help you to display external links in a rich format. Just like, when you share links on Facebook or Twitter.\u003C\u002Fp>\n","Turn any URL into a beautiful preview card.",700,10643,5,"2024-07-16T10:41:00.000Z","6.6.5","6.4","5.6",[91,92,93,94,22],"block","blocks","bookmard","card","https:\u002F\u002Fgithub.com\u002FMamaduka\u002Fbookmark-card","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbookmark-card.2.2.1.zip",92,{"slug":99,"name":100,"version":101,"author":102,"author_profile":103,"description":104,"short_description":105,"active_installs":106,"downloaded":107,"rating":108,"num_ratings":85,"last_updated":109,"tested_up_to":64,"requires_at_least":110,"requires_php":111,"tags":112,"homepage":117,"download_link":118,"security_score":119,"vuln_count":27,"unpatched_count":73,"last_vuln_date":120,"fetched_at":29},"activity-link-preview-for-buddypress","Activity Link Preview For BuddyPress","1.7.3","Varun Dubey","https:\u002F\u002Fprofiles.wordpress.org\u002Fvapvarun\u002F","\u003Cp>\u003Cstrong>Activity Link Preview For BuddyPress\u003C\u002Fstrong> automatically generates beautiful link previews when users share URLs in BuddyPress activity posts and comments. The plugin fetches Open Graph data (image, title, description) from shared links and displays them in an attractive card format.\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Automatic Link Detection\u003C\u002Fstrong> – Detects URLs as users type in the activity form\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Rich Previews\u003C\u002Fstrong> – Displays title, description, and featured image from shared links\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Comment Support\u003C\u002Fstrong> – Link previews work in activity comments and replies\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Social Media Embeds\u003C\u002Fstrong> – Special handling for Twitter\u002FX, Facebook, YouTube, and more\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Short URL Support\u003C\u002Fstrong> – Resolves shortened URLs (bit.ly, tinyurl, etc.)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Caching\u003C\u002Fstrong> – Previews are cached for better performance\u003C\u002Fli>\n\u003Cli>\u003Cstrong>REST API Support\u003C\u002Fstrong> – Link preview data available via BuddyPress REST API\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Developer Friendly\u003C\u002Fstrong> – Filters to customize or disable functionality\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Supported Platforms\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Twitter\u002FX – Native tweet embeds\u003C\u002Fli>\n\u003Cli>Facebook – Native post embeds\u003C\u002Fli>\n\u003Cli>YouTube – Video embeds via oEmbed\u003C\u002Fli>\n\u003Cli>LinkedIn, Instagram, Reddit – Link previews\u003C\u002Fli>\n\u003Cli>Any website with Open Graph meta tags\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Requirements\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WordPress 5.0 or higher\u003C\u002Fli>\n\u003Cli>PHP 7.4 or higher\u003C\u002Fli>\n\u003Cli>BuddyPress 6.0+ or BuddyBoss Platform\u003C\u002Fli>\n\u003C\u002Ful>\n","BuddyPress activity link preview displays image, title and description from websites when links are shared in activity posts.",100,10436,80,"2026-03-13T04:40:00.000Z","5.0","7.4",[113,114,22,115,116],"activity","buddypress","open-graph","social","https:\u002F\u002Fwbcomdesigns.com\u002Fdownloads\u002Fbuddypress-activity-link-preview\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Factivity-link-preview-for-buddypress.1.7.3.zip",98,"2025-05-07 00:00:00",{"slug":22,"name":122,"version":123,"author":124,"author_profile":125,"description":126,"short_description":127,"active_installs":106,"downloaded":128,"rating":129,"num_ratings":130,"last_updated":131,"tested_up_to":132,"requires_at_least":133,"requires_php":18,"tags":134,"homepage":139,"download_link":140,"security_score":141,"vuln_count":73,"unpatched_count":73,"last_vuln_date":36,"fetched_at":29},"URL Preview","1.0","abhisheksaha11","https:\u002F\u002Fprofiles.wordpress.org\u002Fabhisheksaha11\u002F","\u003Cp>This plugin can be used to fetch the excerpt of an external website. The excerpt would contain the title, description and image.\u003C\u002Fp>\n\u003Cp>It also has an option page, which can be used to add CSS to change the look and feel.\u003C\u002Fp>\n","A plugin used to embed the preview of a link similar to facebook and linkedin",5630,94,6,"2014-10-22T07:32:00.000Z","4.0.38","3.3",[135,136,22,137,138],"excerpt","facebook-type-preview","linkedin-type-preview","post","http:\u002F\u002Fajaxtown.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flink-preview.zip",85,{"slug":143,"name":144,"version":145,"author":146,"author_profile":147,"description":148,"short_description":149,"active_installs":150,"downloaded":151,"rating":106,"num_ratings":27,"last_updated":152,"tested_up_to":153,"requires_at_least":154,"requires_php":111,"tags":155,"homepage":160,"download_link":161,"security_score":97,"vuln_count":73,"unpatched_count":73,"last_vuln_date":36,"fetched_at":29},"sharethumb","4Site ShareThumb – Branded Social Preview OG Image Plugin","1.3","Heming Nelson","https:\u002F\u002Fprofiles.wordpress.org\u002F4sitestudios\u002F","\u003Cp>Select one of our optimized post preview image themes and then customize it to create high-performing social share images. ShareThumb grabs the title and the featured image from the post and you define everything else:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Layout (Theme)\u003C\u002Fli>\n\u003Cli>Font\u003C\u002Fli>\n\u003Cli>Font Color\u003C\u002Fli>\n\u003Cli>Logo\u003C\u002Fli>\n\u003Cli>Icon\u003C\u002Fli>\n\u003Cli>Background Color\u003C\u002Fli>\n\u003Cli>Accent Color\u003C\u002Fli>\n\u003Cli>Secondary Color\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>When links to your website are shared on iMessage, Facebook, LinkedIn or any number of platforms, ShareThumb generates the custom social cards that you configured.\u003C\u002Fp>\n\u003Cp>You can set up our social media image generator to create social cards for every page on your website, or you can specify the specific post types that you want to generate the social media preview images for. You can also create custom og:images for individual posts.\u003C\u002Fp>\n\u003Cp>Here’s a one-minute video about our plugin:\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Frf6CSJB9-rQ?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>Why 4Site ShareThumb is Unique\u003C\u002Fh3>\n\u003Cp>ShareThumb uses a different methodology to generate your social share images than most of the other WordPress plugins. We create your link preview images on our app running on cloud servers. When someone shares a link to your post on Discord, that platform requests the open graph image from your site. Our plugin then redirects that request to our app, and our app provides the image to Discord. We store that og:image for the next time a request is made for it. Every 30 days, we check back in with your website to see if you’ve updated the title or the feature image of the post, and then we update the og image.\u003C\u002Fp>\n\u003Cp>This setup has a lot of benefits over serving them up social thumbnails directly from your WordPress website. It takes a lot of processing power to render these custom images. We carry that load for you. It also means that you can run ShareThumb on multiple sites and manage all your thumbs in one place. And you can create custom headlines for posts and override the feature image on your post with a thumbnail that you specifically optimize for sharing.\u003C\u002Fp>\n\u003Cp>We require that you register in order to access these features so we can verify your identity and your ownership of the websites. But registration is free, there’s no trial period, and we don’t ask for your credit card.\u003C\u002Fp>\n\u003Cp>After registering and adding your API Key to the WordPress Plugin Settings, ShareThumb will automatically regenerate your thumbnail every time you update your post title or ShareThumb Settings.\u003C\u002Fp>\n\u003Cp>Here’s a five-minute video that shows you how to register and verify ownership of your site. The process itself only takes a couple minutes.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FNkY5UrIOUYU?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>Pro Features\u003C\u002Fh3>\n\u003Cp>After you register, you have the option to upgrade to a paid account. With our Pro plan, you can collect statistics on where your links are shared and how many times they are shared. This is information that is not available anywhere else – your site doesn’t collect this data and Google Analytics can’t collect it.\u003C\u002Fp>\n\u003Cp>You can take advantage of artificial intelligence to highlight power words in the post titles that appear superimposed over your image. We call these “smart thumbs”:)\u003C\u002Fp>\n\u003Cp>Other features we will be rolling out soon include the ability to add AI-optimized headlines and AI-generated images that are custom made for your content and optimized to grab people’s attention. We also will be offering the ability to create your own custom thumbnail themes (templates).\u003C\u002Fp>\n\u003Ch3>For more information\u003C\u002Fh3>\n\u003Cp>Visit the \u003Ca href=\"https:\u002F\u002Fwww.4sitestudios.com\u002Fproducts\u002Fsharethumb\u002F\" rel=\"nofollow ugc\">ShareThumb website\u003C\u002Fa>.\u003C\u002Fp>\n","Free social share images for unlimited pages using customizable OG image templates. Upgrade to optimize with AI and get sharing analytics.",20,1732,"2024-09-05T03:31:00.000Z","6.5.8","5.9",[156,22,157,158,159],"facebook","og-image","post-preview","social-media-image","https:\u002F\u002Fsharethumb.io\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsharethumb.1.3.zip",{"attackSurface":163,"codeSignals":197,"taintFlows":208,"riskAssessment":209,"analyzedAt":220},{"hooks":164,"ajaxHandlers":185,"restRoutes":189,"shortcodes":190,"cronEvents":195,"entryPointCount":196,"unprotectedCount":27},[165,171,174,178,182],{"type":166,"name":167,"callback":168,"file":169,"line":170},"action","init","init_tinymce","wplinkpreview.php",23,{"type":166,"name":172,"callback":172,"file":169,"line":173},"admin_print_scripts",24,{"type":166,"name":175,"callback":176,"file":169,"line":177},"wp_enqueue_scripts","enqueue_scripts",28,{"type":179,"name":180,"callback":180,"file":169,"line":181},"filter","mce_external_plugins",76,{"type":179,"name":183,"callback":183,"file":169,"line":184},"mce_buttons",77,[186],{"action":187,"nopriv":188,"callback":187,"hasNonce":188,"hasCapCheck":188,"file":169,"line":108},"fetch_wplinkpreview",false,[],[191],{"tag":192,"callback":193,"file":169,"line":194},"wplinkpreview","shortcode",31,[],2,{"dangerousFunctions":198,"sqlUsage":199,"outputEscaping":201,"fileOperations":73,"externalRequests":27,"nonceChecks":73,"capabilityChecks":196,"bundledLibraries":207},[],{"prepared":73,"raw":73,"locations":200},[],{"escaped":202,"rawEcho":27,"locations":203},21,[204],{"file":169,"line":205,"context":206},39,"raw output",[],[],{"summary":210,"deductions":211},"The wp-link-preview plugin version 1.4.1 presents a mixed security posture.  While it demonstrates good practices such as using prepared statements for all SQL queries and a high percentage of properly escaped output, significant concerns remain. The presence of an unprotected AJAX handler is a critical vulnerability, providing an entry point for attackers without requiring authentication.  Furthermore, the plugin has a documented history of medium severity vulnerabilities, including a recent one related to Server-Side Request Forgery (SSRF) which is still unpatched. This historical pattern suggests potential ongoing security weaknesses that require careful monitoring.  Despite the good aspects of its code, the unpatched SSRF vulnerability and the unprotected AJAX handler pose a substantial risk to WordPress sites using this plugin.",[212,215,218],{"reason":213,"points":214},"Unprotected AJAX handler",10,{"reason":216,"points":217},"Currently unpatched CVE (medium severity)",18,{"reason":219,"points":85},"Vulnerability history (SSRF)","2026-03-16T19:32:43.699Z",{"wat":222,"direct":229},{"assetPaths":223,"generatorPatterns":225,"scriptPaths":226,"versionParams":228},[224],"\u002Fwp-content\u002Fplugins\u002Fwp-link-preview\u002Fwplinkpreview.css",[],[227],"\u002Fwp-content\u002Fplugins\u002Fwp-link-preview\u002Fwplinkpreview.js",[],{"cssClasses":230,"htmlComments":231,"htmlAttributes":232,"restEndpoints":233,"jsGlobals":234,"shortcodeOutput":236},[],[],[],[],[235],"siteurl",[237],"[wplinkpreview url=\""]