[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fHRvb9Yp_P3swYozoUUG_l94JpbB8j7EAvYcm21sGCtw":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":36,"analysis":123,"fingerprints":300},"wp-social-share-privacy-plugin","WP-Social-Share-Privacy","1.1.6","Eisregen1986","https:\u002F\u002Fprofiles.wordpress.org\u002Feisregen1986\u002F","\u003Cp>[German-Translation]\u003Cbr \u002F>\nWordpress-Plugin Umsetzung des socialshareprivacy jQuery Plug-In von heise.de\u003Cbr \u002F>\nDas Plugin bietet die Möglichkeit den Facebook-Like, twitter- und Google Plus Button erst durch ein Klick des Besuchers auf die Seite einzubinden um den neuen Datenschutzbestimmungen in Deutschland gerecht zu werden\u003C\u002Fp>\n\u003Cp>Weitere Informationen: http:\u002F\u002Fheise.de\u002F-1333879\u003C\u002Fp>\n\u003Cp>[English-Translation]\u003Cbr \u002F>\nImplementation of the WordPress plugin socialshareprivacy jQuery plug-in from heise.de\u003Cbr \u002F>\nThe plugin offers the possibility of the Facebook-Like, Twitter and Google plus button just by a click of the visitor to the site to meet to incorporate the new data protection legislation in Germany\u003C\u002Fp>\n\u003Cp>For more information: http:\u002F\u002Fheise.de\u002F-1333879\u003C\u002Fp>\n","Wordpress-Plugin Umsetzung des jQuery Plug-In socialshareprivacy von heise.de",10,5256,0,"2012-04-25T18:37:00.000Z","3.2.1","3.0","",[19,20,21,22,23],"bookmark","bookmarking","bookmarks","button","facebook","http:\u002F\u002Ffkblog.de\u002Fwp\u002Fplugins\u002Fwp-social-share-privacy\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-social-share-privacy-plugin.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"eisregen1986",1,30,84,"2026-04-04T14:30:59.575Z",[37,54,70,85,103],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":33,"downloaded":45,"rating":46,"num_ratings":47,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":17,"tags":51,"homepage":52,"download_link":53,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"2-klicks-button-socialshareprivacy-plugin","2-Klicks-Button – Socialshareprivacy Plugin","1.4.0","Smeagol45","https:\u002F\u002Fprofiles.wordpress.org\u002Fsmeagol45\u002F","\u003Cp>Ein WordPress-Plugin. Die Umsetzung des 2-Klick-Button Scripts von heise.de.\u003C\u002Fp>\n\u003Cp>Das Plugin bietet die Möglichkeit den Facebook-Like, twitter- und Google Plus Button erst durch ein Klick des Besuchers auf die Seite einzubinden um den neuen Datenschutzbestimmungen in Deutschland höchstwahrscheinlich gerecht zu werden.\u003C\u002Fp>\n\u003Cp>Dieses Plugin wurde um die Funktionalität erweitert das die 2-Klick-Buttons auch auf WordPress Seiten angezeigt werden. Außerdem wurde ein Ausschluss System von Seiten, Artikeln und Kategorien hinzugefügt.\u003C\u002Fp>\n\u003Cp>Weitere Informationen: \u003Ca href=\"http:\u002F\u002Fsgr.cc\u002F?p=1251\" title=\"2 Klick Button auf smeagol.de\" rel=\"nofollow ugc\">smeagol.de\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Wie das ganze funktioniert, beschreibt der Artikel \u003Ca href=\"http:\u002F\u002Fwww.heise.de\u002Fct\u002Fartikel\u002F2-Klicks-fuer-mehr-Datenschutz-1333879.html\" title=\"heise online\" rel=\"nofollow ugc\">2 Klicks für mehr Datenschutz\u003C\u002Fa>\u003Cbr \u002F>\nauf heise online. Dieses Plugin verwendet das \u003Ca href=\"http:\u002F\u002Fwww.heise.de\u002Fextras\u002Fsocialshareprivacy\u002F\" title=\"jQuery Plug-In socialshareprivacy\" rel=\"nofollow ugc\">heise socialshareprivacy\u003C\u002Fa>-jQuery-Plugin, um diese Funktion in WordPress bereitzustellen.\u003C\u002Fp>\n\u003Cp>Also es gibt jetzt keinerlei Einschränkungen mehr. Diese Version wurde bereits in WordPress 3.3 getestet. Außerdem ist die aktuelle Version 1.3 des Plugins von heise.de in ‘min’ Form enthalten.\u003C\u002Fp>\n\u003Cp>Weiterhin ist hinzugekommen das das Plugin nun auch Mehrfach auf einer Seite verwendet werden kann. Somit kann dieses Plugin auch auf deiner Startseite angezeigt werden, wenn du das möchtest.\u003C\u002Fp>\n","Wordpress-Plugin Umsetzung des 2-Klick-Button Scripts von heise.de Datenschutz freundliche Social-Media-Einbindung von Facebook, Twitter und Google+.",8160,50,2,"2012-01-05T09:16:00.000Z","3.3.2","2.0.0",[19,20,21,22,23],"http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002F2-klicks-button-socialshareprivacy-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002F2-klicks-button-socialshareprivacy-plugin.1.4.0.zip",{"slug":55,"name":56,"version":57,"author":58,"author_profile":59,"description":60,"short_description":61,"active_installs":62,"downloaded":63,"rating":62,"num_ratings":32,"last_updated":64,"tested_up_to":15,"requires_at_least":65,"requires_php":17,"tags":66,"homepage":68,"download_link":69,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"simple-social-sharing-widgets-icons-updated","Simple Social – Sharing Widgets & Icons Updated","0.3.6","fabiancz","https:\u002F\u002Fprofiles.wordpress.org\u002Ffabiancz\u002F","\u003Cp>This plugin adds a set of cool icons and widgets at the end of your post for your readers to share. Widgets are Twitter, Facebook and Google +1. It supports large icons and small icons.\u003C\u002Fp>\n\u003Cp>This plugin is copy of “simple-social-sharing-widgets-icons”, because it’s not updated;\u003C\u002Fp>\n","Adds a set of cool icons and widgets at the end of your post for your readers to share.",100,22222,"2011-08-25T19:01:00.000Z","1",[19,20,21,22,67],"buzz","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fsimple-social-sharing-widgets-icons-updated-updated\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-social-sharing-widgets-icons-updated.0.3.6.zip",{"slug":71,"name":72,"version":73,"author":74,"author_profile":75,"description":76,"short_description":77,"active_installs":11,"downloaded":78,"rating":13,"num_ratings":13,"last_updated":79,"tested_up_to":80,"requires_at_least":81,"requires_php":17,"tags":82,"homepage":83,"download_link":84,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"el-club-de-la-noticia","El club de la Noticia","0.3","Ejner Galaz","https:\u002F\u002Fprofiles.wordpress.org\u002Fejner69\u002F","\u003Ch4>English\u003C\u002Fh4>\n\u003Cp>This plugin adds an icon to share elclubdelanoticia.cl news and social networking icons at the end of a post so that readers can share arts. compatible with small and large icons.\u003C\u002Fp>\n\u003Ch4>Spanish\u003C\u002Fh4>\n\u003Cp>Este Plugin agrega un ícono para compartir noticias a elclubdelanoticia.cl  e iconos de redes sociales al final de un post para que los lectores puedan compartir los artículos. Es compatible con iconos grandes y pequeños.\u003C\u002Fp>\n","English",4357,"2010-11-27T22:59:00.000Z","3.0.5","2.0",[19,20,21,22,67],"http:\u002F\u002Fwww.elclubdelanoticia.cl\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fel-club-de-la-noticia.zip",{"slug":86,"name":87,"version":88,"author":89,"author_profile":90,"description":91,"short_description":92,"active_installs":11,"downloaded":93,"rating":94,"num_ratings":32,"last_updated":95,"tested_up_to":49,"requires_at_least":96,"requires_php":17,"tags":97,"homepage":101,"download_link":102,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"wp-socialshareprivacy","WP socialshareprivacy","0.6.2","boxi","https:\u002F\u002Fprofiles.wordpress.org\u002Fboxi\u002F","\u003Cp>Fügt Facebook-, Twitter- und Google+-Buttons hinzu, mit denen man Artikel komfortabel seinen Freunden empfehlen kann.\u003Cbr \u002F>\nDabei werden keine Daten der Leser ohne deren Zustimmung an die Betreiber der Netzwerk-Plattformen gesendet.\u003C\u002Fp>\n\u003Cp>Wie das ganze funktioniert, beschreibt der Artikel \u003Ca href=\"http:\u002F\u002Fwww.heise.de\u002Fct\u002Fartikel\u002F2-Klicks-fuer-mehr-Datenschutz-1333879.html\" title=\"heise online\" rel=\"nofollow ugc\">2 Klicks für mehr Datenschutz\u003C\u002Fa>\u003Cbr \u002F>\nauf heise online. Dieses Plugin verwendet das \u003Ca href=\"http:\u002F\u002Fwww.heise.de\u002Fextras\u002Fsocialshareprivacy\u002F\" title=\"jQuery Plug-In socialshareprivacy\" rel=\"nofollow ugc\">heise socialshareprivacy\u003C\u002Fa>-jQuery-Plugin,\u003Cbr \u002F>\num diese Funktion in WordPress bereitzustellen.\u003C\u002Fp>\n","Datenschutzfreundliche Social-Media-Einbindung (Facebook, Twitter und Google+)",5095,60,"2012-03-11T13:50:00.000Z","3.0.1",[22,23,98,99,100],"googleplus","social-bookmarks","twitter","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fwp-socialshareprivacy\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-socialshareprivacy.0.6.2.zip",{"slug":104,"name":105,"version":106,"author":107,"author_profile":108,"description":109,"short_description":110,"active_installs":111,"downloaded":112,"rating":113,"num_ratings":114,"last_updated":115,"tested_up_to":116,"requires_at_least":117,"requires_php":17,"tags":118,"homepage":121,"download_link":122,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"wp-ya-share","WP Ya Share","1.6.1","andreyk","https:\u002F\u002Fprofiles.wordpress.org\u002Fandreyk\u002F","\u003Cp>The WP Ya.Share plugin adds to your blog a set of buttons to save URLs of your pages\u002Fposts in popular social networks (twitter, facebook, livejournal, vkontakte etc.).\u003C\u002Fp>\n\u003Cp>Добавляет блок ‘Поделиться’ (Ya.Share, разработанный в yandex) для сохранения ссылки просматриваемой страницы вашего блога в популярных ‘социальных сервисах’ (вконтакте, жж, твиттер и т. д.).\u003C\u002Fp>\n\u003Cp>It uses the Yandex Ya.share API; I shaped it into wordpress plugin with some options only.\u003C\u002Fp>\n\u003Cp>The following options are available:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>locate “ya.share” block either in the content of a page\u002Fsingle post or in the sidebar (as a new widget);\u003C\u002Fli>\n\u003Cli>select a list of preferable social networks;\u003C\u002Fli>\n\u003Cli>button\u002Flink\u002Ficon for expanded social networks list, or nothing;\u003C\u002Fli>\n\u003Cli>left, right or centered location;\u003C\u002Fli>\n\u003Cli>above or under the content;\u003C\u002Fli>\n\u003Cli>inscription language.\u003Cbr \u002F>\nPlease feel free to contact me with your questions or suggestions.\u003C\u002Fli>\n\u003C\u002Ful>\n","Adds the Yandex 'Share in social networks' block into posts or widget to simplify saving URLs of your blog pages into social networks.",200,25272,80,4,"2014-12-14T14:52:00.000Z","4.0.38","2.8.6",[21,23,119,120,100],"share","social","http:\u002F\u002Fandrey.eto-ya.com\u002Fwordpress\u002Fmy-plugins\u002Fwp-ya-share","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-ya-share.zip",{"attackSurface":124,"codeSignals":162,"taintFlows":289,"riskAssessment":290,"analyzedAt":299},{"hooks":125,"ajaxHandlers":158,"restRoutes":159,"shortcodes":160,"cronEvents":161,"entryPointCount":13,"unprotectedCount":13},[126,132,136,140,144,148,152,155],{"type":127,"name":128,"callback":129,"file":130,"line":131},"action","admin_init","register_ssp_settings","wp-social-share-privacy.php",27,{"type":127,"name":133,"callback":134,"file":130,"line":135},"admin_menu","ssp_create_submenu",29,{"type":127,"name":137,"callback":138,"file":130,"line":139},"wp_head","socialshareprivacy_scripttag",597,{"type":127,"name":141,"callback":142,"file":130,"line":143},"admin_head","ssp_admin_header",627,{"type":127,"name":145,"callback":146,"file":130,"line":147},"wp_print_scripts","spp_scripts",633,{"type":127,"name":149,"callback":150,"file":130,"line":151},"wp_print_styles","spp_styles",634,{"type":127,"name":145,"callback":153,"file":130,"line":154},"spp_admin_scripts",636,{"type":127,"name":141,"callback":156,"file":130,"line":157},"spp_admin_style",637,[],[],[],[],{"dangerousFunctions":163,"sqlUsage":164,"outputEscaping":166,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":32,"bundledLibraries":288},[],{"prepared":13,"raw":13,"locations":165},[],{"escaped":13,"rawEcho":167,"locations":168},59,[169,172,174,176,178,180,182,184,186,188,190,192,194,196,198,200,202,204,206,208,210,212,214,216,218,220,222,224,226,228,230,232,234,236,238,240,242,244,246,248,250,252,254,256,258,260,262,264,266,268,270,272,274,276,278,280,282,284,286],{"file":130,"line":170,"context":171},78,"raw output",{"file":130,"line":173,"context":171},151,{"file":130,"line":175,"context":171},183,{"file":130,"line":177,"context":171},191,{"file":130,"line":179,"context":171},208,{"file":130,"line":181,"context":171},216,{"file":130,"line":183,"context":171},224,{"file":130,"line":185,"context":171},250,{"file":130,"line":187,"context":171},258,{"file":130,"line":189,"context":171},266,{"file":130,"line":191,"context":171},274,{"file":130,"line":193,"context":171},291,{"file":130,"line":195,"context":171},299,{"file":130,"line":197,"context":171},307,{"file":130,"line":199,"context":171},339,{"file":130,"line":201,"context":171},347,{"file":130,"line":203,"context":171},355,{"file":130,"line":205,"context":171},363,{"file":130,"line":207,"context":171},380,{"file":130,"line":209,"context":171},388,{"file":130,"line":211,"context":171},396,{"file":130,"line":213,"context":171},419,{"file":130,"line":215,"context":171},427,{"file":130,"line":217,"context":171},435,{"file":130,"line":219,"context":171},443,{"file":130,"line":221,"context":171},460,{"file":130,"line":223,"context":171},468,{"file":130,"line":225,"context":171},476,{"file":130,"line":227,"context":171},537,{"file":130,"line":229,"context":171},538,{"file":130,"line":231,"context":171},539,{"file":130,"line":233,"context":171},540,{"file":130,"line":235,"context":171},541,{"file":130,"line":237,"context":171},542,{"file":130,"line":239,"context":171},543,{"file":130,"line":241,"context":171},544,{"file":130,"line":243,"context":171},545,{"file":130,"line":245,"context":171},555,{"file":130,"line":247,"context":171},556,{"file":130,"line":249,"context":171},557,{"file":130,"line":251,"context":171},558,{"file":130,"line":253,"context":171},559,{"file":130,"line":255,"context":171},560,{"file":130,"line":257,"context":171},561,{"file":130,"line":259,"context":171},562,{"file":130,"line":261,"context":171},572,{"file":130,"line":263,"context":171},573,{"file":130,"line":265,"context":171},574,{"file":130,"line":267,"context":171},575,{"file":130,"line":269,"context":171},576,{"file":130,"line":271,"context":171},577,{"file":130,"line":273,"context":171},578,{"file":130,"line":275,"context":171},579,{"file":130,"line":277,"context":171},587,{"file":130,"line":279,"context":171},588,{"file":130,"line":281,"context":171},589,{"file":130,"line":283,"context":171},590,{"file":130,"line":285,"context":171},591,{"file":130,"line":287,"context":171},592,[],[],{"summary":291,"deductions":292},"The plugin 'wp-social-share-privacy-plugin' version 1.1.6 exhibits a mixed security posture.  On the positive side, there are no reported CVEs, indicating a history of stability or lack of significant public vulnerabilities. The static analysis also shows no dangerous functions, no raw SQL queries, no file operations, no external HTTP requests, and no taint flows, all of which are strong indicators of good security practices. The absence of AJAX handlers, REST API routes, and shortcodes also means a very limited attack surface.\n\nHowever, a significant concern arises from the output escaping.  With 59 total outputs and 0% properly escaped, this presents a critical risk. This means that any user-supplied data that is outputted by the plugin is highly susceptible to cross-site scripting (XSS) attacks. While there are capability checks present, the lack of proper output escaping leaves the door wide open for attackers to inject malicious scripts, potentially compromising user sessions or defacing the website. The absence of nonce checks, while not directly tied to an attack surface, further compounds the risk by not implementing a standard security measure for form submissions or actions.\n\nIn conclusion, despite a clean vulnerability history and a small attack surface, the complete lack of output escaping is a severe flaw that significantly undermines the plugin's security. This makes it a high-risk plugin for deployment in any environment where user input is handled or displayed. The plugin demonstrates strengths in areas like SQL handling and a limited attack surface but critically fails in output sanitization.",[293,296],{"reason":294,"points":295},"Output is not properly escaped",15,{"reason":297,"points":298},"No nonce checks",5,"2026-03-17T00:06:36.168Z",{"wat":301,"direct":312},{"assetPaths":302,"generatorPatterns":306,"scriptPaths":307,"versionParams":308},[303,304,305],"\u002Fwp-content\u002Fplugins\u002Fwp-social-share-privacy-plugin\u002Fjs\u002Fsocialshareprivacy.min.js","\u002Fwp-content\u002Fplugins\u002Fwp-social-share-privacy-plugin\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fwp-social-share-privacy-plugin\u002Fcss\u002Fsocialshareprivacy.css",[],[303],[309,310,311],"wp-social-share-privacy-plugin\u002Fjs\u002Fsocialshareprivacy.min.js?ver=","wp-social-share-privacy-plugin\u002Fcss\u002Fstyle.css?ver=","wp-social-share-privacy-plugin\u002Fcss\u002Fsocialshareprivacy.css?ver=",{"cssClasses":313,"htmlComments":315,"htmlAttributes":316,"restEndpoints":317,"jsGlobals":318,"shortcodeOutput":320},[314],"socialshareprivacy_box",[],[],[],[319],"socialSharePrivacy",[]]