[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f6l1OoC2n9TFk-Y1oGAfj639UHeVoN6BKWlnZs7E_6JQ":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":39,"analysis":128,"fingerprints":274},"wp-social-meta-by-brozzme","Social Meta by Brozzme","1.0","Benoti","https:\u002F\u002Fprofiles.wordpress.org\u002Fbenoti\u002F","\u003Cp>Bored about your description and images when you share your post and pages ?\u003Cbr \u002F>\nSocial Meta by Brozzme automaticaly add OpenGraph, Google+, Twitter metas to your header file without coding.\u003Cbr \u002F>\nMeta tags in the header allow a clean share of your website pages, with good related images and descriptions.\u003C\u002Fp>\n\u003Cp>Options\u003C\u002Fp>\n\u003Col>\n\u003Cli>Choose your social network to activate (Facebook, Google+, Twitter…)\u003C\u002Fli>\n\u003Cli>Set your description, default image.\u003C\u002Fli>\n\u003Cli>Automatic image array.\u003C\u002Fli>\n\u003Cli>Active on index, archives pages, post, page, wooCommerce support for products pages.\u003C\u002Fli>\n\u003C\u002Fol>\n","Add social meta for pages in header without coding.",30,2616,100,3,"2021-10-28T15:45:00.000Z","5.8.13","4.5","",[20,21,22,23,24],"facebook","header","meta","opengraph","social","https:\u002F\u002Fbrozzme.com\u002Fwp-social-meta\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-social-meta-by-brozzme.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":36,"avg_patch_time_days":11,"trust_score":37,"computed_at":38},"benoti",11,10780,88,86,"2026-04-04T04:38:54.765Z",[40,60,76,95,111],{"slug":23,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":47,"downloaded":48,"rating":37,"num_ratings":49,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":18,"tags":53,"homepage":55,"download_link":56,"security_score":57,"vuln_count":58,"unpatched_count":28,"last_vuln_date":59,"fetched_at":30},"Open Graph","2.0.2","Will Norris","https:\u002F\u002Fprofiles.wordpress.org\u002Fwillnorris\u002F","\u003Cp>The \u003Ca href=\"https:\u002F\u002Fogp.me\u002F\" rel=\"nofollow ugc\">Open Graph protocol\u003C\u002Fa> enables any web page to become a rich object in a social graph.  Most notably, this allows for these pages to be used with Facebook’s \u003Ca href=\"https:\u002F\u002Fdevelopers.facebook.com\u002Fdocs\u002Freference\u002Fplugins\u002Flike\" rel=\"nofollow ugc\">Like Button\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fdevelopers.facebook.com\u002Fdocs\u002Freference\u002Fapi\u002F\" rel=\"nofollow ugc\">Graph API\u003C\u002Fa> as well as within Twitter posts.\u003C\u002Fp>\n\u003Cp>The Open Graph plugin inserts the Open Graph metadata into WordPress posts and pages, and provides a simple extension mechanism for other plugins and themes to override this data, or to provide additional Open Graph data.\u003C\u002Fp>\n\u003Cp>This plugin does not directly add social plugins like the Facebook Like Button to your pages (though they’re pretty simple to add).  It will however make your pages look great when shared using those kinds of tools.\u003C\u002Fp>\n","Adds Open Graph metadata to your posts and pages so that they look great when shared on sites like Facebook and Twitter.",10000,218990,13,"2025-12-07T17:38:00.000Z","6.9.4","2.3",[20,54,23,24],"ogp","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fopengraph","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fopengraph.2.0.2.zip",99,1,"2024-06-04 00:00:00",{"slug":54,"name":61,"version":6,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":66,"downloaded":67,"rating":28,"num_ratings":28,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":18,"tags":71,"homepage":74,"download_link":75,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"Open Graph Pro","Martin Lormes","https:\u002F\u002Fprofiles.wordpress.org\u002Ftfnab\u002F","\u003Cp>Automagically adds Open Graph tags to your blog. Control how your posts and pages are presented on Facebook and other social media sites. No configuration needed.\u003C\u002Fp>\n\u003Cp>When someone likes or shares your blog on Facebook, your header image is shown. If someone likes or shares a post, the featured image (post thumbnail) is shown. If you haven’t selected a featured image, then the plugin looks for the first image inside the post. If there aren’t any images in your post, then your blog’s header image is shown.\u003C\u002Fp>\n\u003Cp>For more information on the Open Graph protocol go to http:\u002F\u002Fogp.me\u002F\u003C\u002Fp>\n","Adds Open Graph tags to your blog. Control how your posts and pages are presented on Facebook and other social media sites. No configuration needed.",2000,43865,"2017-11-28T17:07:00.000Z","3.2.1","2.9",[20,72,23,24,73],"open-graph","social-media","http:\u002F\u002Ften-fingers-and-a-brain.com\u002Fwordpress-plugins\u002Fogp\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fogp.1.0.zip",{"slug":77,"name":78,"version":79,"author":80,"author_profile":81,"description":82,"short_description":83,"active_installs":84,"downloaded":85,"rating":13,"num_ratings":86,"last_updated":87,"tested_up_to":51,"requires_at_least":88,"requires_php":89,"tags":90,"homepage":93,"download_link":94,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"schwarttzys-open-graph","Schwarttzy's Open Graph","1.1","Schwarttzy","https:\u002F\u002Fprofiles.wordpress.org\u002Fschwarttzy\u002F","\u003Cp>Schwarttzy’s Open Graph is a lightweight WordPress plugin that automatically adds Open Graph meta tags to your website’s posts, pages, and front page. These tags optimize content sharing on social media platforms like Facebook, LinkedIn, and Twitter by providing rich previews with titles, descriptions, and images.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Automatically adds Open Graph meta tags for posts, pages, and the front page.\u003Cbr \u002F>\n– Uses post\u002Fpage title, featured image, excerpt (or content trimmed to 300 characters), and permalink.\u003Cbr \u002F>\n– Supports a configurable default image URL for when no featured image is set.\u003Cbr \u002F>\n– Simple, lightweight, and easy to use with minimal configuration.\u003Cbr \u002F>\n– Ensure your theme includes \u003Ccode>\u003C?php wp_head(); ?>\u003C\u002Fcode> in its \u003Ccode>header.php\u003C\u002Fcode> file for meta tags to render.\u003Cbr \u002F>\n– Test shared links using tools like the \u003Ca href=\"https:\u002F\u002Fdevelopers.facebook.com\u002Ftools\u002Fdebug\u002F\" rel=\"nofollow ugc\">Facebook Sharing Debugger\u003C\u002Fa>.\u003Cbr \u002F>\n– This plugin focuses on simplicity and does not support archive pages or advanced image uploaders.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>For support, visit the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fschwarttzys-open-graph\u002F\" rel=\"ugc\">WordPress.org support forum\u003C\u002Fa> or contact the author at \u003Ca href=\"https:\u002F\u002Fschwarttzy.com\u002Fcontact-me\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fschwarttzy.com\u002Fcontact-me\u002F\u003C\u002Fa>.\u003C\u002Fp>\n","Adds Open Graph meta tags to WordPress posts, pages, and the front page to enhance social media sharing.",10,301,2,"2025-12-18T15:18:00.000Z","5.2","7.0",[20,91,92,72,73],"linkedin","meta-tags","https:\u002F\u002Fschwarttzy.com\u002Fschwarttzys-open-graph\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fschwarttzys-open-graph.zip",{"slug":96,"name":97,"version":98,"author":99,"author_profile":100,"description":101,"short_description":102,"active_installs":84,"downloaded":103,"rating":13,"num_ratings":58,"last_updated":104,"tested_up_to":105,"requires_at_least":106,"requires_php":18,"tags":107,"homepage":109,"download_link":110,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"simple-open-graph","Simple Open Graph","2.4","PcFrk256","https:\u002F\u002Fprofiles.wordpress.org\u002Fpcfrk256\u002F","\u003Cp>Simple Open Graph adds Open Graph meta data to the header. It’s simple. Activate it and forget about it.\u003C\u002Fp>\n","Simple Open Graph adds Open Graph meta data to the header",6494,"2015-03-06T19:45:00.000Z","4.1.42","3.0",[20,108,54,72,23],"metadata","http:\u002F\u002Fispeakl33t.com\u002Fopengraph","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-open-graph.2.4.zip",{"slug":112,"name":113,"version":114,"author":115,"author_profile":116,"description":117,"short_description":118,"active_installs":84,"downloaded":119,"rating":28,"num_ratings":28,"last_updated":120,"tested_up_to":121,"requires_at_least":122,"requires_php":18,"tags":123,"homepage":126,"download_link":127,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"social-header-meta","Social Header Meta","4.0","landykos","https:\u002F\u002Fprofiles.wordpress.org\u002Flandykos\u002F","\u003Cp>Setup meta tags in the header for Facebook and Twitter.\u003C\u002Fp>\n\u003Ch3>Arbitrary section\u003C\u002Fh3>\n\u003Cp>N\u002FA\u003C\u002Fp>\n\u003Ch3>A brief Markdown Example\u003C\u002Fh3>\n\u003Cp>N\u002FA\u003C\u002Fp>\n","Setup meta tags in the header for Facebook and Twitter.",1720,"2013-09-24T22:30:00.000Z","3.6.1","3.0.1",[124,92,24,125],"facebook-share","twitter-cards","http:\u002F\u002Fwww.landykos.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsocial-header-meta.4.0.zip",{"attackSurface":129,"codeSignals":175,"taintFlows":262,"riskAssessment":263,"analyzedAt":273},{"hooks":130,"ajaxHandlers":171,"restRoutes":172,"shortcodes":173,"cronEvents":174,"entryPointCount":28,"unprotectedCount":28},[131,137,142,146,150,154,159,164,168],{"type":132,"name":133,"callback":134,"file":135,"line":136},"action","admin_init","wp_smb_settings_init","includes\\wpsmb_options.php",9,{"type":132,"name":138,"callback":139,"file":140,"line":141},"admin_menu","wp_smb_add_admin_menu","wp-social-meta-brozzme.php",120,{"type":132,"name":143,"callback":144,"file":140,"line":145},"plugins_loaded","wp_smb_load_textdomain",128,{"type":132,"name":147,"callback":148,"file":140,"line":149},"admin_print_scripts","wpsmb_wpmut_admin_scripts",158,{"type":132,"name":151,"callback":152,"file":140,"line":153},"admin_print_styles","wpsmb_wpmut_admin_styles",159,{"type":155,"name":156,"callback":157,"file":140,"line":158},"filter","language_attributes","wpsmb_add_opengraph_doctype",182,{"type":132,"name":160,"callback":161,"priority":162,"file":140,"line":163},"wp_head","wpsmb_insert_fb_in_head",5,185,{"type":132,"name":165,"callback":166,"file":140,"line":167},"init","wpsmb_clean_head",444,{"type":132,"name":160,"callback":169,"file":140,"line":170},"wpsmb_addPostFeed",460,[],[],[],[],{"dangerousFunctions":176,"sqlUsage":177,"outputEscaping":179,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":261},[],{"prepared":28,"raw":28,"locations":178},[],{"escaped":180,"rawEcho":181,"locations":182},18,39,[183,186,188,190,192,194,196,198,200,202,204,206,208,211,213,214,216,218,220,221,223,225,227,229,231,233,235,237,239,241,243,245,247,249,251,253,255,257,259],{"file":135,"line":184,"context":185},212,"raw output",{"file":135,"line":187,"context":185},218,{"file":135,"line":189,"context":185},264,{"file":135,"line":191,"context":185},271,{"file":135,"line":193,"context":185},292,{"file":135,"line":195,"context":185},302,{"file":135,"line":197,"context":185},334,{"file":135,"line":199,"context":185},363,{"file":135,"line":201,"context":185},383,{"file":135,"line":203,"context":185},389,{"file":135,"line":205,"context":185},395,{"file":135,"line":207,"context":185},400,{"file":209,"line":210,"context":185},"includes\\wp_smb_functions.php",196,{"file":209,"line":212,"context":185},216,{"file":209,"line":212,"context":185},{"file":140,"line":215,"context":185},265,{"file":140,"line":217,"context":185},267,{"file":140,"line":219,"context":185},269,{"file":140,"line":191,"context":185},{"file":140,"line":222,"context":185},273,{"file":140,"line":224,"context":185},275,{"file":140,"line":226,"context":185},282,{"file":140,"line":228,"context":185},286,{"file":140,"line":230,"context":185},307,{"file":140,"line":232,"context":185},309,{"file":140,"line":234,"context":185},317,{"file":140,"line":236,"context":185},343,{"file":140,"line":238,"context":185},354,{"file":140,"line":240,"context":185},362,{"file":140,"line":242,"context":185},366,{"file":140,"line":244,"context":185},368,{"file":140,"line":246,"context":185},372,{"file":140,"line":248,"context":185},384,{"file":140,"line":250,"context":185},406,{"file":140,"line":252,"context":185},410,{"file":140,"line":254,"context":185},416,{"file":140,"line":256,"context":185},418,{"file":140,"line":258,"context":185},420,{"file":140,"line":260,"context":185},464,[],[],{"summary":264,"deductions":265},"The \"wp-social-meta-by-brozzme\" v1.0 plugin exhibits a mixed security posture.  On one hand, the static analysis reveals a remarkably clean attack surface with no apparent AJAX handlers, REST API routes, shortcodes, or cron events directly exposed or unprotected. Furthermore, the plugin demonstrates good practice by using prepared statements for all its SQL queries and reports no file operations or external HTTP requests, which are common vectors for vulnerabilities.\n\nHowever, a significant concern arises from the output escaping. With only 32% of outputs properly escaped out of 57 total, there is a high probability of Cross-Site Scripting (XSS) vulnerabilities. The lack of capability checks and nonce checks also suggests that any potential vulnerabilities discovered could be exploited without proper authorization or validation, especially if there were entry points. The absence of any recorded vulnerabilities in its history, while positive, could also indicate a lack of rigorous security testing or that the plugin hasn't been targeted historically, rather than an inherent security strength.\n\nIn conclusion, while the plugin avoids common pitfalls like raw SQL and a large attack surface, the widespread issue with output escaping presents a substantial risk for XSS. The absence of robust authorization checks further exacerbates this potential risk. Without addressing the output escaping, the plugin remains vulnerable.",[266,269,271],{"reason":267,"points":268},"Low percentage of properly escaped output",15,{"reason":270,"points":162},"Missing capability checks",{"reason":272,"points":162},"Missing nonce checks","2026-03-16T22:26:15.293Z",{"wat":275,"direct":282},{"assetPaths":276,"generatorPatterns":278,"scriptPaths":279,"versionParams":280},[277],"\u002Fwp-content\u002Fplugins\u002Fwp-social-meta-by-brozzme\u002Fjs\u002Fwpsmb-media_upload.js",[],[277],[281],"wp-social-meta-by-brozzme\u002Fjs\u002Fwpsmb-media_upload.js?ver=",{"cssClasses":283,"htmlComments":284,"htmlAttributes":285,"restEndpoints":286,"jsGlobals":287,"shortcodeOutput":288},[],[],[],[],[],[]]