[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fYx0DFMP_Kgr9-g1CWnYR-CVqvWXG06eVBDZrMUd-uN8":3,"$f9kcQBOhyJ-ZRHTZVQWyGf4TiSredmuBaS77xDSd2pZk":272,"$fPzP0nS92Jlkdq1zzKuGUd4OyoPsorq4TBYv3sJ27tfs":276},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"discovery_status":29,"vulnerabilities":30,"developer":31,"crawl_stats":27,"alternatives":36,"analysis":138,"fingerprints":244},"wp-social-invites","WP Social Invites","1.0.0","manishbhojwani3","https:\u002F\u002Fprofiles.wordpress.org\u002Fmanishbhojwani3\u002F","\u003Cp>WP Social Invites allow your visitors to invite their social network friends directly into your WordPress site. This plugin has no conflict with any Plugin.\u003C\u002Fp>\n\u003Cp>Demo link:\u003Cbr \u002F>\nhttp:\u002F\u002Fwebtanner.com\u002Fprojects\u002Fdemos\u002Fwp-social-invites\u002F\u003C\u002Fp>\n\u003Cp>Key Feature:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Send invitation personally in form of personalized text.\u003C\u002Fli>\n\u003Cli>Page and Popup supportive.\u003C\u002Fli>\n\u003Cli>Supports widgets.\u003C\u002Fli>\n\u003Cli>Supports shortcode.\u003C\u002Fli>\n\u003Cli>Default slider layout.\u003C\u002Fli>\n\u003Cli>Responsive popups.\u003C\u002Fli>\n\u003C\u002Ful>\n","WP Social Invites allows your visitors to invite their social friends on your website.",10,1626,0,"2017-03-21T17:11:00.000Z","4.8.28","3.4","",[19,20,21,22,23],"invitations","invites","social-invitation","wordpress-social-invitation","wordpress-social-invites","http:\u002F\u002Fwebtanner.com\u002Fprojects\u002Fweb-slider\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-social-invites.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},1,30,84,"2026-05-20T06:36:17.352Z",[37,60,80,103,122],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":17,"tags":52,"homepage":56,"download_link":57,"security_score":58,"vuln_count":32,"unpatched_count":13,"last_vuln_date":59,"fetched_at":28},"wp-ecards-invites","WP eCards – Branded Digital Greeting Cards","1.4.12","Tim from eCardWidget","https:\u002F\u002Fprofiles.wordpress.org\u002Ftimsayshey\u002F","\u003Cp>Add a branded eCard form or eCard gallery directly to your WordPress site with just a few clicks. Visitors can browse your collection of digital greeting cards, personalize a message, and send it instantly via email or social media — no coding required.\u003C\u002Fp>\n\u003Cp>Perfect for organizations, nonprofits, churches, and businesses looking to engage their community, show appreciation, or run creative campaigns with custom-designed cards.\u003C\u002Fp>\n\u003Cp>This plugin is powered by \u003Ca href=\"https:\u002F\u002Fecardwidget.com\u002F\" rel=\"nofollow ugc\">eCardWidget\u003C\u002Fa> — the leading platform for customizable digital greeting card forms used by top brands and mission-driven organizations.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Why Add Digital Greeting Cards?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Boost engagement. Encourage sharing. Celebrate people. Whether it’s for volunteer appreciation, donor thank-yous, team recognition, or holiday outreach — eCards help you connect in a meaningful way.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Popular Use Cases\u003C\u002Fstrong>\u003Cbr \u002F>\nExplore how businesses, nonprofits, and churches are using eCards to boost engagement and grow impact: \u003Ca href=\"https:\u002F\u002Fecardwidget.com\u002Fexamples\u002F\" rel=\"nofollow ugc\">See real examples\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>🚀 New: Built-in WooCommerce Integration!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Easily sell digital eCards as WooCommerce products and let customers send cards right after checkout. No extra plugin required—it’s all built-in! Perfect for organizations, nonprofits, churches, and businesses who want to offer eCards with full e-commerce power.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Embed branded eCard galleries or individual cards anywhere using a simple shortcode\u003C\u002Fli>\n\u003Cli>Fully customizable card designs, branding, and messaging\u003C\u002Fli>\n\u003Cli>Add your logo, links, and custom background\u003C\u002Fli>\n\u003Cli>Choose from a professional template library or upload your own artwork\u003C\u002Fli>\n\u003Cli>Track sent cards and export sender\u002Frecipient emails (CSV)\u003C\u002Fli>\n\u003Cli>Reliable email delivery with spam protection\u003C\u002Fli>\n\u003Cli>Emoji and animated GIF support\u003C\u002Fli>\n\u003Cli>Responsive design, mobile-friendly\u003C\u002Fli>\n\u003Cli>BCC all outgoing eCards for recordkeeping\u003C\u002Fli>\n\u003Cli>Change layouts, fonts, and colors to match your site\u003C\u002Fli>\n\u003Cli>Custom CSS support\u003C\u002Fli>\n\u003Cli>Send eCards to Facebook friends\u003C\u002Fli>\n\u003Cli>Built-in analytics to track card engagement\u003C\u002Fli>\n\u003Cli>Multilingual support (French, German, Dutch, Spanish, Hebrew, Polish, and more)\u003C\u002Fli>\n\u003Cli>And many more features!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Live Examples\u003C\u002Fh3>\n\u003Cp>See how others are using WP eCards:\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Business \u002F Marketing\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fecardwidget.com\u002Fex\u002Fraising_canes.html\" rel=\"nofollow ugc\">Raising Cane’s\u003C\u002Fa>\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fecardwidget.com\u002Fex\u002Fmanagrams.html\" rel=\"nofollow ugc\">Teremana Tequila\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Nonprofits & Fundraising\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fecardwidget.com\u002Fex\u002Fhabitforhumanity.html\" rel=\"nofollow ugc\">Habitat for Humanity\u003C\u002Fa>\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fecardwidget.com\u002Fex\u002Fmdfoodbank.html\" rel=\"nofollow ugc\">Maryland Food Bank\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Churches\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fecardwidget.com\u002Fex\u002Fvineyardnorthphoenix.html\" rel=\"nofollow ugc\">Vineyard North Phoenix\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Employee Recognition\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fapp.ecardwidget.com\u002Fwidget\u002F5095\" rel=\"nofollow ugc\">Modivcare\u003C\u002Fa>\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fecardwidget.com\u002Fex\u002Fcircalogica.html\" rel=\"nofollow ugc\">Circalogica\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>View more at \u003Ca href=\"https:\u002F\u002Fecardwidget.com\u002Fexamples\u002F\" rel=\"nofollow ugc\">ecardwidget.com\u002Fexamples\u003C\u002Fa>\u003C\u002Fp>\n","Add interactive digital greeting cards to your WordPress site — fully branded, customizable, and shareable by visitors through email or social media.",400,12073,88,26,"2025-12-06T14:57:00.000Z","6.9.4","3.0.1",[53,54,19,20,55],"ecards","evites","recognition","http:\u002F\u002Fecardwidget.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-ecards-invites.zip",99,"2024-12-03 00:00:00",{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":33,"downloaded":68,"rating":69,"num_ratings":70,"last_updated":71,"tested_up_to":72,"requires_at_least":73,"requires_php":17,"tags":74,"homepage":78,"download_link":79,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"invitations-for-slack","Invitations for Slack","1.0.2","rheinardkorf","https:\u002F\u002Fprofiles.wordpress.org\u002Frheinardkorf\u002F","\u003Cp>Invitations for Slack lets you use convenient shortcodes to show “Join us on Slack.” buttons or Slack badges. Just add\u003Cbr \u002F>\nyour Slack token and use the shortcodes wherever you want your visitors to be able to invite themselves from.\u003C\u002Fp>\n\u003Ch3>Features:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Easy to use:\n\u003Cul>\n\u003Cli>Visit \u003Ca href=\"https:\u002F\u002Fapi.slack.com\u002Fweb\" rel=\"nofollow ugc\">https:\u002F\u002Fapi.slack.com\u002Fweb\u003C\u002Fa> to generate your Slack token.\u003C\u002Fli>\n\u003Cli>Add the token to the plugin settings.\u003C\u002Fli>\n\u003Cli>Use the [invitations_for_slack] or [invitations_for_slack_badge] shortcodes.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Invitations are performed using the WP REST API which in turn communicates with the Slack API. No page reloads.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Requirements:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>A Slack team and the team’s access token.\u003C\u002Fli>\n\u003Cli>A self-hosted WordPress website (Not a WordPress.com website.)\u003C\u002Fli>\n\u003C\u002Ful>\n","Build a Slack community by allowing your visitors (or registered users) to invite themselves to your Slack team.",5795,76,6,"2016-01-29T01:14:00.000Z","4.4.34","4.4",[75,19,20,76,77],"community","join","slack","http:\u002F\u002Frheinard.org","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Finvitations-for-slack.zip",{"slug":81,"name":82,"version":83,"author":84,"author_profile":85,"description":86,"short_description":87,"active_installs":88,"downloaded":89,"rating":90,"num_ratings":48,"last_updated":91,"tested_up_to":92,"requires_at_least":93,"requires_php":17,"tags":94,"homepage":99,"download_link":100,"security_score":101,"vuln_count":70,"unpatched_count":13,"last_vuln_date":102,"fetched_at":28},"invite-anyone","Invite Anyone","1.4.10","Boone Gorges","https:\u002F\u002Fprofiles.wordpress.org\u002Fboonebgorges\u002F","\u003Cp>Invite Anyone has two components:\u003C\u002Fp>\n\u003Cp>1) The ability to invite members to the site by email. The plugin creates a tab on each member’s Profile page called “Send Invites”, which contains a form where users can invite outsiders to join the site. There is a field for a custom message. Also, inviters can optionally select any number of their groups, and when the invitee accepts the invitation he or she automatically receive invitations to join those groups.\u003C\u002Fp>\n\u003Cp>The email invitation part of the plugin is customizable by the BP administrator, via Dashboard > BuddyPress > Invite Anyone.\u003C\u002Fp>\n\u003Cp>2) By default, BuddyPress only allows group admins to invite their friends to groups. In some communities, you might want members to be able to invite non-friends to groups as well. This plugin allows you to do so, by populating the invitation checklist with the entire membership of the site, rather than just a friend list.\u003C\u002Fp>\n\u003Cp>Because member lists can get very long and hard to navigate, this plugin adds a autosuggest search box to the Send Invites screen – the same one that appears on the Compose Message screen – which allows inviters to navigate directly to the members they want to invite.\u003C\u002Fp>\n\u003Cp>Invite Anyone features optional integration with CloudSponge http:\u002F\u002Fcloudsponge.com, a premium address book service, that allows your users to invite their friends to the site in a way that’s easy and fun. Enable it at Dashboard > BuddyPress > Invite Anyone.\u003C\u002Fp>\n\u003Ch3>Translation credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Belarussian: Alexander Ovsov (\u003Ca href=\"http:\u002F\u002Fwebhostinggeeks.com\u002Fscience\" rel=\"nofollow ugc\">Web Geek Science\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Brazilian Portuguese: Celso Bessa\u003C\u002Fli>\n\u003Cli>Catalan: Mònica Grau and Toni Ginard\u003C\u002Fli>\n\u003Cli>Danish: Mort3n\u003C\u002Fli>\n\u003Cli>Dutch: Jesper Popma, Tim de Hoog\u003C\u002Fli>\n\u003Cli>French: Guillaume Coulon, Nicolas Mollet\u003C\u002Fli>\n\u003Cli>German: Lars Berning, Thorsten Wollenhöfer, Matthias Lunz\u003C\u002Fli>\n\u003Cli>Greek: Lena Stergatou\u003C\u002Fli>\n\u003Cli>Italian: Luca Camellini\u003C\u002Fli>\n\u003Cli>Norwegian: Stig Ulfsby\u003C\u002Fli>\n\u003Cli>Russian: Jettochkin, Roman Leonov\u003C\u002Fli>\n\u003Cli>Serbo-Croatian: Anja Skrba\u003C\u002Fli>\n\u003Cli>Spanish: Mauricio Camayo, Gregor Gimmy\u003C\u002Fli>\n\u003Cli>Swedish: Alexander Berthelsen, Jan Anderson\u003C\u002Fli>\n\u003Cli>Ukrainian: \u003Ca href=\"http:\u002F\u002Fwww.coupofy.com\u002F\" rel=\"nofollow ugc\">Ivanka\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Additional details about the plugin can be found in the following languages:\u003Cbr \u002F>\n* Serbo-Croatian: \u003Ca href=\"http:\u002F\u002Fscience.webhostinggeeks.com\u002Fteleogistic\" rel=\"nofollow ugc\">http:\u002F\u002Fscience.webhostinggeeks.com\u002Fteleogistic\u003C\u002Fa>\u003C\u002Fp>\n","Makes BuddyPress's invitation features more powerful.",1000,262222,86,"2024-08-19T17:09:00.000Z","6.6.5","3.2",[95,96,97,19,98],"buddypress","friends","group","invite","http:\u002F\u002Fteleogistic.net\u002Fcode\u002Fbuddypress\u002Finvite-anyone\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Finvite-anyone.1.4.10.zip",83,"2024-08-16 00:00:00",{"slug":104,"name":105,"version":106,"author":107,"author_profile":108,"description":109,"short_description":110,"active_installs":11,"downloaded":111,"rating":13,"num_ratings":13,"last_updated":112,"tested_up_to":113,"requires_at_least":114,"requires_php":17,"tags":115,"homepage":17,"download_link":120,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":121},"eventish","Eventish WP Widget","1.2.3","Armen Margarian","https:\u002F\u002Fprofiles.wordpress.org\u002Feventish\u002F","\u003Cp>Eventish Events Plug-in automatically lists your events in your WordPress based website or blog.\u003Cbr \u002F>\nThis plug-in updates your event listing in real time whenever you add or remove your events on \u003Ca href=\"http:\u002F\u002Fwww.eventish.com\u002F\" rel=\"nofollow ugc\">Eventish.com\u003C\u002Fa> or whenever your events expire.\u003C\u002Fp>\n\u003Cp>By simply installing this plug-in you will be able to integrate your events, previously posted on \u003Ca href=\"http:\u002F\u002Fwww.eventish.com\u002F\" rel=\"nofollow ugc\">Eventish.com\u003C\u002Fa>, with your website.\u003Cbr \u002F>\nThis way you will no longer have to post the same events several times and will be able to significantly increase their visibly.\u003C\u002Fp>\n\u003Cp>Eventish Events Plug-in is still in an active development stage, with new features coming out on a regular basis.\u003C\u002Fp>\n\u003Cp>Go ahead to give this hassle-free plug-in a try!\u003C\u002Fp>\n\u003Cp>About Eventish.com\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fwww.eventish.com\u002F\" rel=\"nofollow ugc\">Eventish.com\u003C\u002Fa> offers online event registration and management solutions for RSVP, General Admission and Banquet type events. Due to its useful features and innovative solutions (Banquet Room Designer) Eventish makes event marketing and ticketing easier and more affordable as never before!\u003C\u002Fp>\n","This plugin displays your www.eventish.com events list in your Wordpress based website as a sidebar widget.",3128,"2011-11-22T13:53:00.000Z","3.2.1","2.5.2",[116,104,117,118,119],"email-invitations","events","online-registration","sell-tickets","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feventish.zip","2026-04-06T09:54:40.288Z",{"slug":123,"name":124,"version":125,"author":126,"author_profile":127,"description":128,"short_description":129,"active_installs":13,"downloaded":130,"rating":13,"num_ratings":13,"last_updated":131,"tested_up_to":50,"requires_at_least":132,"requires_php":133,"tags":134,"homepage":17,"download_link":136,"security_score":137,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":121},"cwsi-invites","Invitations and RSVPs","1.5.1","Charlene Copeland","https:\u002F\u002Fprofiles.wordpress.org\u002Fsjcope\u002F","\u003Cp>Invitations and RSVPs provides a frontend form for your users to respond to your event.\u003C\u002Fp>\n\u003Cp>Uninstalling the plugin will NOT remove the associated tables.\u003C\u002Fp>\n\u003Cp>Pre-requisites:\u003Cbr \u002F>\nNone\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Invited people can respond\u003C\u002Fli>\n\u003Cli>Administrators can manage responses.\u003C\u002Fli>\n\u003C\u002Ful>\n","Set up a an invitation and RSVP system on your WordPress site.",1014,"2026-02-25T20:04:00.000Z","6.3","8.0",[19,135],"rsvps","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcwsi-invites.1.5.1.zip",100,{"attackSurface":139,"codeSignals":165,"taintFlows":206,"riskAssessment":234,"analyzedAt":243},{"hooks":140,"ajaxHandlers":156,"restRoutes":157,"shortcodes":158,"cronEvents":164,"entryPointCount":32,"unprotectedCount":13},[141,147,152],{"type":142,"name":143,"callback":144,"file":145,"line":146},"action","widgets_init","mdb_social_invites_load_widget","inc\\widget.php",78,{"type":142,"name":148,"callback":149,"file":150,"line":151},"admin_menu","mdb_social_invites_menu","wp-social-invites.php",23,{"type":142,"name":153,"callback":154,"file":150,"line":155},"wp_enqueue_scripts","load_mdb_social_invites_styles_and_scripts",153,[],[],[159],{"tag":160,"callback":161,"file":162,"line":163},"WP-SOCIAL-INVITES","mdb_social_invites_shortcode","inc\\shortcode.php",22,[],{"dangerousFunctions":166,"sqlUsage":167,"outputEscaping":169,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":32,"bundledLibraries":205},[],{"prepared":13,"raw":13,"locations":168},[],{"escaped":170,"rawEcho":171,"locations":172},35,19,[173,176,177,179,180,182,183,185,186,188,189,191,193,195,196,198,199,201,203],{"file":162,"line":174,"context":175},8,"raw output",{"file":162,"line":174,"context":175},{"file":162,"line":178,"context":175},16,{"file":162,"line":178,"context":175},{"file":145,"line":181,"context":175},24,{"file":145,"line":48,"context":175},{"file":145,"line":184,"context":175},33,{"file":145,"line":184,"context":175},{"file":145,"line":187,"context":175},41,{"file":145,"line":187,"context":175},{"file":145,"line":190,"context":175},46,{"file":145,"line":192,"context":175},60,{"file":145,"line":194,"context":175},61,{"file":145,"line":194,"context":175},{"file":150,"line":197,"context":175},72,{"file":150,"line":47,"context":175},{"file":150,"line":200,"context":175},97,{"file":150,"line":202,"context":175},106,{"file":150,"line":204,"context":175},115,[],[207,226],{"entryPoint":208,"graph":209,"unsanitizedCount":13,"severity":225},"mdb_social_invites_callback_function (wp-social-invites.php:26)",{"nodes":210,"edges":222},[211,216],{"id":212,"type":213,"label":214,"file":150,"line":215},"n0","source","$_REQUEST (x5)",37,{"id":217,"type":218,"label":219,"file":150,"line":220,"wp_function":221},"n1","sink","update_option() [Settings Manipulation]",44,"update_option",[223],{"from":212,"to":217,"sanitized":224},true,"low",{"entryPoint":227,"graph":228,"unsanitizedCount":13,"severity":225},"\u003Cwp-social-invites> (wp-social-invites.php:0)",{"nodes":229,"edges":232},[230,231],{"id":212,"type":213,"label":214,"file":150,"line":215},{"id":217,"type":218,"label":219,"file":150,"line":220,"wp_function":221},[233],{"from":212,"to":217,"sanitized":224},{"summary":235,"deductions":236},"The wp-social-invites v1.0.0 plugin exhibits a generally good security posture based on the provided static analysis. The absence of known CVEs and the plugin's adherence to secure coding practices like using prepared statements for SQL queries and having capability checks are positive indicators. The limited attack surface, with only one shortcode and no unprotected entry points, further contributes to its security. However, a significant concern lies in the output escaping, where only 65% of outputs are properly escaped. This leaves a substantial portion of user-generated content or data potentially vulnerable to cross-site scripting (XSS) attacks if not handled carefully by WordPress itself.\n\nThe lack of critical or high severity taint flows is encouraging, suggesting that data manipulation through the analyzed paths is not immediately exploitable. The absence of dangerous functions, file operations, and external HTTP requests further minimizes common attack vectors. While the plugin demonstrates good practices in many areas, the identified weakness in output escaping is the primary area of concern. This, coupled with the absence of nonce checks on its single entry point (the shortcode), could potentially be exploited if the shortcode's output is not inherently sanitized by WordPress core or other themes\u002Fplugins.\n\nIn conclusion, wp-social-invites v1.0.0 is relatively secure due to its low attack surface and avoidance of known vulnerabilities. The use of prepared statements and capability checks are strong security practices. The main risk revolves around the insufficient output escaping, which requires careful monitoring and potentially manual sanitization for any dynamic content rendered by the plugin. The vulnerability history being clear suggests a history of good maintenance, but the current code analysis highlights an area that needs attention to achieve a robust security profile.",[237,240],{"reason":238,"points":239},"Unescaped output detected",7,{"reason":241,"points":242},"No nonce checks on shortcode",5,"2026-03-16T23:48:14.191Z",{"wat":245,"direct":254},{"assetPaths":246,"generatorPatterns":249,"scriptPaths":250,"versionParams":252},[247,248],"\u002Fwp-content\u002Fplugins\u002Fwp-social-invites\u002Fimage\u002Fwebtaner-logo.png","\u002Fwp-content\u002Fplugins\u002Fwp-social-invites\u002Fimage\u002Ffacebook-invite-button.png",[],[251],"\u002Fwp-content\u002Fplugins\u002Fwp-social-invites\u002Fjs\u002Fwp-social-invites.js",[253],"wp-social-invites\u002Fjs\u002Fwp-social-invites.js?ver=1.0.0",{"cssClasses":255,"htmlComments":259,"htmlAttributes":260,"restEndpoints":267,"jsGlobals":268,"shortcodeOutput":270},[256,257,258],"mdb-shortcode-box","facebook-invite","facebook-invite-friends",[],[261,262,263,264,265,266],"name=\"mdb_facebookappid\"","name=\"mdb_link\"","name=\"mdb_redirect_url\"","name=\"mdb_recipients\"","name=\"mdb_display_type\"","name=\"wp_social_invites_option\"",[],[269],"window.open(\"http:\u002F\u002Fwww.facebook.com\u002Fdialog\u002Fsend?app_id=",[271],"[WP-SOCIAL-INVITES]",{"error":224,"url":273,"statusCode":274,"statusMessage":275,"message":275},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fwp-social-invites\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":32,"versions":277},[278],{"version":6,"download_url":279,"svn_tag_url":280,"released_at":27,"has_diff":281,"diff_files_changed":282,"diff_lines":27,"trac_diff_url":27,"vulnerabilities":283,"is_current":224},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-social-invites.1.0.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwp-social-invites\u002Ftags\u002F1.0.0\u002F",false,[],[]]