[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fOLt8K_zSObhGMMx23bjvfS56CyeLeEWJq-kGxAC8nak":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":36,"analysis":37,"fingerprints":140},"wp-social-link","WP Social-link","1.0","Sohelwpexpert","https:\u002F\u002Fprofiles.wordpress.org\u002Fsohelwpexpert\u002F","\u003Cp>Wp Social-link plugin makes the Social-link of a page easier. It appends an icon at bottom of the page which attracts user attention. Wp Social-link plugin offers  custom settings which no other plugin have.\u003C\u002Fp>\n\u003Cp>We are offering primiam service. I can install this plugin in $5 place send order fiverr. I will responsive whithen in 20 minete\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Pre-Designed Social-link.\u003C\u002Fli>\n\u003Cli>Fluid\u002Fresponsive Social-link.\u003C\u002Fli>\n\u003Cli>Compatible with all WordPress themes.\u003C\u002Fli>\n\u003Cli>It is user friendly and very easy to install.\u003C\u002Fli>\n\u003Cli>Zero coding skills required to set up this plugin.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cul>\n\u003Cli>Customizable options via the admin panel\u003C\u002Fli>\n\u003Cli>You can change background color.\u003C\u002Fli>\n\u003Cli>You can add custom text.\u003C\u002Fli>\n\u003Cli>You can change text color.\u003C\u002Fli>\n\u003Cli>It is user friendly and very easy to install.\u003C\u002Fli>\n\u003Cli>Zero coding skills required to set up this plugin.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For Live Demo :\u003Ca href=\"http:\u002F\u002F\" rel=\"nofollow ugc\">Click Here\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Get Premium Support : \u003Ca href=\"mailto:sohelwpexpert@gmail.com\" rel=\"nofollow ugc\">Email us\u003C\u002Fa>\u003C\u002Fp>\n","WP Social-link is beautifully designed and elegant plugin.Very easy to use and perfect functionality. WP Social-link is best Social-link plugin in Wor &hellip;",10,1152,0,"2016-12-12T16:23:00.000Z","4.0.38","3.0.1","",[19,20,21,22],"awesome-social-link","bootstrap-social-link","link-social-link","share-social-link","http:\u002F\u002Fprowpexpert.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-social-link.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":11,"total_installs":31,"avg_security_score":32,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"sohelwpexpert",190,86,50,78,"2026-04-04T15:15:00.524Z",[],{"attackSurface":38,"codeSignals":79,"taintFlows":129,"riskAssessment":130,"analyzedAt":139},{"hooks":39,"ajaxHandlers":70,"restRoutes":71,"shortcodes":72,"cronEvents":77,"entryPointCount":78,"unprotectedCount":13},[40,46,49,53,57,61,65],{"type":41,"name":42,"callback":43,"file":44,"line":45},"action","init","wp_social_link_jquery","main-functions.php",17,{"type":41,"name":42,"callback":47,"file":44,"line":48},"plugin_function_jeba_social_link",28,{"type":41,"name":50,"callback":51,"file":44,"line":52},"admin_menu","add_wp_social_link_options_framwrork",80,{"type":41,"name":54,"callback":55,"file":44,"line":56},"admin_enqueue_scripts","social_linkwptuts_add_color_picker",83,{"type":41,"name":58,"callback":59,"file":44,"line":60},"admin_init","wp_social_link_register_settings",109,{"type":41,"name":62,"callback":63,"file":44,"line":64},"wp_head","social_linkget_data_form_plugin",302,{"type":66,"name":67,"callback":68,"file":44,"line":69},"filter","widget_text","do_shortcode",305,[],[],[73],{"tag":74,"callback":75,"file":44,"line":76},"social_link","jeba_social_link_shortcode_d",73,[],1,{"dangerousFunctions":80,"sqlUsage":81,"outputEscaping":83,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":128},[],{"prepared":13,"raw":13,"locations":82},[],{"escaped":13,"rawEcho":84,"locations":85},21,[86,89,90,92,94,96,98,100,102,104,106,108,110,112,114,116,118,120,122,124,126],{"file":44,"line":87,"context":88},46,"raw output",{"file":44,"line":87,"context":88},{"file":44,"line":91,"context":88},48,{"file":44,"line":93,"context":88},54,{"file":44,"line":95,"context":88},56,{"file":44,"line":97,"context":88},58,{"file":44,"line":99,"context":88},60,{"file":44,"line":101,"context":88},62,{"file":44,"line":103,"context":88},159,{"file":44,"line":105,"context":88},166,{"file":44,"line":107,"context":88},174,{"file":44,"line":109,"context":88},182,{"file":44,"line":111,"context":88},188,{"file":44,"line":113,"context":88},195,{"file":44,"line":115,"context":88},202,{"file":44,"line":117,"context":88},209,{"file":44,"line":119,"context":88},216,{"file":44,"line":121,"context":88},223,{"file":44,"line":123,"context":88},277,{"file":44,"line":125,"context":88},278,{"file":44,"line":127,"context":88},287,[],[],{"summary":131,"deductions":132},"The \"wp-social-link\" v1.0 plugin presents a mixed security posture. On the positive side, the plugin has no recorded vulnerabilities (CVEs) and utilizes prepared statements for all SQL queries, which is a strong practice against SQL injection. There are no dangerous functions, file operations, external HTTP requests, or bundled libraries to indicate known risks in those areas. The taint analysis also shows no critical or high-severity flows, suggesting a lack of obvious data manipulation vulnerabilities.\n\nHowever, there are significant concerns. The plugin exhibits a complete lack of output escaping for all 21 detected output points. This is a critical weakness that opens the door to Cross-Site Scripting (XSS) vulnerabilities, allowing attackers to inject malicious scripts into the site's pages. Furthermore, the absence of nonce and capability checks on its single shortcode, which is an entry point, means that any user, regardless of their role or privilege, could potentially trigger unintended actions if the shortcode has any underlying functionality that modifies data or performs actions. This combination of unescaped output and insufficient authorization checks represents a notable security risk.\n\nWhile the plugin's vulnerability history is clean, this could be due to its limited version or lack of extensive security auditing. The current static analysis reveals critical oversights in output escaping and authorization that need immediate attention. It is crucial to address the XSS and potential authorization bypass vulnerabilities stemming from the unescaped outputs and the unprotected shortcode to secure the plugin effectively.",[133,136],{"reason":134,"points":135},"All outputs are unescaped",15,{"reason":137,"points":138},"Shortcode lacks nonce\u002Fcapability checks",8,"2026-03-17T01:05:45.491Z",{"wat":141,"direct":150},{"assetPaths":142,"generatorPatterns":146,"scriptPaths":147,"versionParams":149},[143,144,145],"\u002Fwp-content\u002Fplugins\u002Fwp-social-link\u002Fcss\u002Fbootstrap.css","\u002Fwp-content\u002Fplugins\u002Fwp-social-link\u002Fcss\u002Ffonts.css","\u002Fwp-content\u002Fplugins\u002Fwp-social-link\u002Fstyle.css",[],[148],"\u002Fwp-content\u002Fplugins\u002Fwp-social-link\u002Fjs\u002Fbootstrap.js",[],{"cssClasses":151,"htmlComments":155,"htmlAttributes":156,"restEndpoints":158,"jsGlobals":159,"shortcodeOutput":161},[152,153,154],"social-info","social","social-info pull-right",[],[157],"data-cfemail",[],[160],"wp_social_link_options",[162,163,164],"\u003Cheader id=\"header\">","\u003Cdiv class=\"social-info pull-right \">","\u003Cul class=\"social textcolor list-unstyled\">"]