[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fV7ydwkwKc3lubu4vO-cuU4VJJn5EdvDtppgEgXV4Ibo":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":49,"crawl_stats":38,"alternatives":55,"analysis":148,"fingerprints":860},"xhanch-my-twitter","Xhanch – My Twitter","2.7.9","xhanch_studio","https:\u002F\u002Fprofiles.wordpress.org\u002Fxhanch_studio\u002F","\u003Cp>Xhanch – My Twitter (developed by \u003Ca href=\"http:\u002F\u002Fxhanch.com\u002F\" title=\"Xhanch Studio\" rel=\"nofollow ugc\">Xhanch Studio\u003C\u002Fa>) is the best WordPress Twitter plugin to show\u002Fhide or include\u002Fexclude your latest tweets, replies from other members to you, replies from you to other members, retweets, and direct messages from your Twitter account(s).\u003C\u002Fp>\n\u003Cp>You can customize it with our predefined flexible settings\u002Foptions easily and it can be displayed via sidebar, post or page with advanced tweets filtering system.\u003C\u002Fp>\n\u003Cp>You can also post a tweet\u002Fstatus directly from your website and auto tweet your newly published post\u002Fpage.\u003C\u002Fp>\n\u003Cp>An intensive cache system is provided as well that amke this plugin light weight.\u003C\u002Fp>\n\u003Cp>Xhanch My Twitter is going to provide complete integration between your wordpress website and your twitter account. This plugin can connect to and access from multiple Twitter accounts.\u003C\u002Fp>\n\u003Cp>We will keep improving this plugin in order to make this plugin to be the best Twitter plugin for WordPress\u003C\u002Fp>\n\u003Cp>For complete features list, installation and setup, screen shots, FAQs, update logs\u002Fchangelog, and support:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fxhanch.com\u002Fwp-plugin-my-twitter\u002F\" title=\"Xhanch - My Twitter\" rel=\"nofollow ugc\">Plugin details\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fforum.xhanch.com\u002Findex.php\u002Fboard,3.0.html\" title=\"Forum\u002Fcommunity center\" rel=\"nofollow ugc\">Forum\u002Fcommunity center\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fforum.xhanch.com\u002Findex.php\u002Fboard,13.0.html\" title=\"Change\u002Fupdate logs\" rel=\"nofollow ugc\">Change\u002Fupdate logs\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fprofile\u002Fxhanch_studio\" title=\"Click here to see All free plugins from Xhanch Studio\" rel=\"ugc\">Click here to see All free plugins from Xhanch Studio\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fforum.xhanch.com\u002Findex.php\u002Fboard,3.0.html\" title=\"Xhanch - My Twitter\" rel=\"nofollow ugc\">Click here to visit the forum for this plugin\u003C\u002Fa>\u003C\u002Fp>\n","The best plugin to display your latest tweets, replies, direct messages, retweets, auto and manual tweet and lots more. Support multiple accounts",200,1699937,100,4,"2016-09-04T04:36:00.000Z","4.6.30","2.3","",[20,21,22,23,24],"post","sidebar","status","tweet","twitter","http:\u002F\u002Fxhanch.com\u002Fwp-plugin-my-twitter\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fxhanch-my-twitter.zip",84,1,0,"2014-08-01 00:00:00","2026-03-15T15:16:48.613Z",[33],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"CVE-2013-3253","xhanch-my-twitter-cross-site-request-forgery","Xhanch – My Twitter \u003C= 2.7.6 - Cross-Site Request Forgery","Cross-site request forgery (CSRF) vulnerability in admin\u002Fsetting.php in the Xhanch - My Twitter plugin before 2.7.7 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change unspecified settings.",null,"\u003C=2.7.6","2.7.7","high",8.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Cross-Site Request Forgery (CSRF)","2024-01-22 19:56:02",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fd6d394af-67b0-4754-bdec-6ee89b7e8bbd?source=api-prod",3462,{"slug":7,"display_name":7,"profile_url":8,"plugin_count":50,"total_installs":51,"avg_security_score":52,"avg_patch_time_days":48,"trust_score":53,"computed_at":54},3,220,85,69,"2026-04-05T00:42:52.399Z",[56,76,95,115,131],{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":66,"num_ratings":67,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":18,"tags":71,"homepage":74,"download_link":75,"security_score":52,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"twitter-tools","Tools for Twitter","3.2.1","Crowd Favorite","https:\u002F\u002Fprofiles.wordpress.org\u002Fcrowdfavorite\u002F","\u003Cp>Tools for Twitter integrates with Twitter by giving you the following functionality:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Connect multiple Twitter accounts (via Social)\u003C\u002Fli>\n\u003Cli>Archive the tweets from your Twitter accounts (downloaded every 10 minutes)\u003C\u002Fli>\n\u003Cli>Create a blog post from each of your tweets\u003C\u002Fli>\n\u003Cli>Create a tweet on Twitter whenever you post in your blog, with a link to the blog post (via Social)\u003C\u002Fli>\n\u003Cli>Browse your tweets locally by @mention, #hashtag or user account (optionally display these publicly)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Tools for Twitter leverages Social’s connection to Twitter so that you don’t have to create an app and copy keys around. It supports multiple accounts (must be authorized as “global” accounts in Social) with settings on a per-account basis.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Support Level:\u003C\u002Fstrong> Product Support (we want to fix bugs and make the product great, but do not provide individual support).\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Developers:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcrowdfavorite\u002Fwp-twitter-tools\" rel=\"nofollow ugc\">Fork and contribute on GitHub\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Upgrading\u003C\u002Fh3>\n\u003Cp>If you have upgraded from an older version of Tools for Twitter, your data will need to be converted to the new Tools for Twitter format. On the Tools for Twitter Options page you will see a prompt to upgrade if appropriate. Follow the steps to convert your data.\u003C\u002Fp>\n\u003Cp>Tools for Twitter now stores complete Twitter data along with your basic tweet content. Over time, Tools for Twitter will request this data for upgraded tweets. This process make take a few days, as only 10 tweets are requested per hour (to avoid egatively impacting your rate limit).\u003C\u002Fp>\n\u003Ch3>Connecting Accounts\u003C\u002Fh3>\n\u003Cp>Any Twitter accounts connected on the Social settings page are available for Tools for Twitter. You can enable them on a per-account account basis, as well as specifying per-account preferences for creating blog posts, etc. (on the Tools for Twitter options screen).\u003C\u002Fp>\n\u003Ch3>Managing your Tweets\u003C\u002Fh3>\n\u003Cp>You can view, edit and delete (or unpublish) the local copy of your Tweets right in your WordPress admin. Navigate the tweets from the “Tweets” menu item and manage them just as you would any other post type. Tools for Twitter does not know if you’ve deleted a tweet on Twitter, so you’ll need to also delete the copy of the tweet from the admin to remove it from your WordPress site.\u003C\u002Fp>\n\u003Ch3>Displaying your Tweets\u003C\u002Fh3>\n\u003Cp>Tools for Twitter include options to create URLs for your local tweets using the following scheme:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>single tweet: http:\u002F\u002Falexking.org\u002Ftweets\u002F253580615113400321\u003C\u002Fli>\n\u003Cli>account archive: http:\u002F\u002Falexking.org\u002Ftweet-accounts\u002Falexkingorg\u003C\u002Fli>\n\u003Cli>@mention archive: http:\u002F\u002Falexking.org\u002Ftweet-mentions\u002Fsogrady\u003C\u002Fli>\n\u003Cli>#hashtag archive: http:\u002F\u002Falexking.org\u002Ftweet-hashtags\u002Fmonktoberfest\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can enable public URLs for your tweets in your Tools for Twitter settings. If you choose not to enable public URLs for your tweets, you can still vuew and manage them from within the admin screens.\u003C\u002Fp>\n\u003Ch4>Shortcode\u003C\u002Fh4>\n\u003Cp>You can use a shortcode to display a list of tweets.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[aktt_tweets account=\"alexkingorg\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>If you want, you can specify some additional parameters to control how many tweets are displayed:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[aktt_tweets account=\"alexkingorg\" count=\"5\" offset=\"0\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>You can also choose to explicitly include or exclude replies and retweets:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[aktt_tweets account=\"alexkingorg\" include_rts=\"0\" include_replies=\"1\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>If you want to limit the tweets to specific @mentions or #hashtags, you can to that as well:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[aktt_tweets account=\"alexkingorg\" mentions=\"crowdfavorite,twittertools\" hashtags=\"wordpress,plugin,twittertools\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Widget\u003C\u002Fh4>\n\u003Cp>The options for the shortcode are also available for the Tools for Twitter widget via a few settings.\u003C\u002Fp>\n\u003Ch4>Create Blog Posts\u003C\u002Fh4>\n\u003Cp>Tools for Twitter can create a blog post from each of your Tweets. This feature can be enabled on a per-account basis. If there is an image included in the media data of the tweet Tools for Twitter will try to save that image as the featured image for the post and append it to the blog post content.\u003C\u002Fp>\n\u003Cp>Please note that this will take effect for all future tweets, it does not retroactively create posts for older tweets (though you could pretty easily script it to do so if you desired).\u003C\u002Fp>\n\u003Ch3>Customization\u003C\u002Fh3>\n\u003Cp>Tools for Twitter is designed to be customizable via the standard hook\u002Ffilter API. If you find you need additional hooks (or to suggest other bug fixes and enhancements) please create a pull request on GitHub.\u003C\u002Fp>\n\u003Cp>https:\u002F\u002Fgithub.com\u002Fcrowdfavorite\u002Fwp-twitter-tools\u003C\u002Fp>\n\u003Cp>Get creative! Here are some examples of ways to use more of the full Twitter data to create links back into Twitter where appropriate:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>linking to the original tweet on Twitter\u003C\u002Fli>\n\u003Cli>linking to “in reply to” tweets\u003C\u002Fli>\n\u003C\u002Ful>\n","Tools for Twitter is a plugin that creates a complete integration between your WordPress blog and your Twitter account.",1000,1238666,66,6,"2020-03-02T18:22:00.000Z","3.8.41","3.8",[72,73,20,23,24],"integration","notify","http:\u002F\u002Fcrowdfavorite.com\u002Fwordpress\u002Fplugins\u002Ftwitter-tools\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftwitter-tools.3.2.1.zip",{"slug":77,"name":78,"version":79,"author":80,"author_profile":81,"description":82,"short_description":83,"active_installs":84,"downloaded":85,"rating":13,"num_ratings":67,"last_updated":86,"tested_up_to":87,"requires_at_least":88,"requires_php":18,"tags":89,"homepage":93,"download_link":94,"security_score":52,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"twiget","Twiget Twitter Widget","1.1.3","Prasanna SP","https:\u002F\u002Fprofiles.wordpress.org\u002Fprasannasp\u002F","\u003Cp>Twiget Twitter Widget lets you display your latest twitter status updates in any of the widgetized areas. Just add the Twiget Twitter Widget to your sidebar or any of the widget areas and enter your twitter username. It will display your latest tweets along with a \u003Cstrong>follow @username\u003C\u002Fstrong> button to make it easier for people to follow you! You can configure widget title, twitter username, number of tweets to display, link target etc, in the widget configuration.\u003C\u002Fp>\n\u003Cp>Features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Twitter API 1.1 support\u003C\u002Fli>\n\u003Cli>Twitter requests caching with auto-optimised duration for performance\u003C\u002Fli>\n\u003Cli>AJAX-based so your site’s load time is not affected by Twitter’s server\u003C\u002Fli>\n\u003Cli>Multiple instances of widget\u003C\u002Fli>\n\u003Cli>Option to change widget title\u003C\u002Fli>\n\u003Cli>Option to change number of tweets to display\u003C\u002Fli>\n\u003Cli>Option to show followers count, profile picture, and Twitter bio\u003C\u002Fli>\n\u003Cli>Option to show twitter client used. Eg: via Twitter for Android\u003C\u002Fli>\n\u003Cli>Option to open links in a new window\u003C\u002Fli>\n\u003Cli>Option to hide @replies\u003C\u002Fli>\n\u003Cli>Linkified @usernames and #hashtags\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Twiget is developed by \u003Ca href=\"http:\u002F\u002Fwww.khairul-syahir.com\u002F\" rel=\"nofollow ugc\">Syahir Hakim\u003C\u002Fa> of \u003Ca href=\"http:\u002F\u002Fwww.graphene-theme.com\u002F\" rel=\"nofollow ugc\">Graphene Theme\u003C\u002Fa> and \u003Ca href=\"http:\u002F\u002Fwww.prasannasp.net\u002F\" rel=\"nofollow ugc\">Prasanna SP\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Translation\u003C\u002Fstrong>: If you want to translate this plugin to your language, please find the twiget.pot file in \u002Flanguages\u002F folder.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Demo\u003C\u002Fstrong>: See demo of this plugin \u003Ca href=\"http:\u002F\u002Fdemo.prasannasp.net\u002F\" rel=\"nofollow ugc\">here\u003C\u002Fa>. It is the second item in the sidebar.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Support\u003C\u002Fstrong>: Please post your support questions at Twiget Twitter Widget plugin \u003Ca href=\"http:\u002F\u002Fforum.prasannasp.net\u002Fforum\u002Fplugin-support\u002Ftwiget\u002F\" rel=\"nofollow ugc\">support forum\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Visit \u003Ca href=\"http:\u002F\u002Fwww.prasannasp.net\u002Fwordpress-plugins\u002F\" rel=\"nofollow ugc\">this page\u003C\u002Fa> for more \u003Cstrong>WordPress Plugins\u003C\u002Fstrong> by the developer.\u003C\u002Fp>\n\u003Cp>This plugin uses Abraham’s [twitteroauth library] (https:\u002F\u002Fgithub.com\u002Fabraham\u002Ftwitteroauth‎\u002F).\u003C\u002Fp>\n","A widget to display the latest Twitter status updates.",500,55095,"2017-11-28T18:54:00.000Z","3.7.41","2.5",[21,90,24,91,92],"tweets","twitter-widget","widget","http:\u002F\u002Fwww.prasannasp.net\u002Fwordpress-plugins\u002Ftwiget\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftwiget.1.1.3.zip",{"slug":96,"name":97,"version":98,"author":99,"author_profile":100,"description":101,"short_description":102,"active_installs":13,"downloaded":103,"rating":13,"num_ratings":104,"last_updated":105,"tested_up_to":106,"requires_at_least":107,"requires_php":18,"tags":108,"homepage":113,"download_link":114,"security_score":52,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"import-tweets-as-posts","Import Tweets as Posts","3.0","Chandan Kumar","https:\u002F\u002Fprofiles.wordpress.org\u002Fchandanonline4u\u002F","\u003Cp>“Import Tweets as Posts” plugin allows to easily import tweets from user’s timeline or search query. It has also flexibility to import tweets as custom post type “tweet”. Other settings that user can specify are tweet import interval time, number of tweets to import, Category,  Text before tweet post title. There is also options to exclude retweets and replies from user’s twitter timeline.\u003C\u002Fp>\n\u003Cp>Released under the terms of the GNU GPL, version 2.\u003Cbr \u002F>\nhttp:\u002F\u002Fwww.fsf.org\u002Flicensing\u002Flicenses\u002Fgpl.html\u003C\u002Fp>\n\u003Cp>NO WARRANTY.\u003Cbr \u002F>\nCopyright (c) 2015 Chandan Kumar\u003C\u002Fp>\n","\"Import Tweets as Posts\" plugin allows to easily import tweets from user's timeline or search query. It has also flexibility to import  &hellip;",12269,8,"2015-11-25T09:14:00.000Z","4.3.34","2.8.6",[109,96,110,111,112],"import-tweets","posts","tweets-to-posts","twitter-feeds","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fimport-tweets-as-posts","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fimport-tweets-as-posts.zip",{"slug":116,"name":117,"version":118,"author":119,"author_profile":120,"description":121,"short_description":122,"active_installs":13,"downloaded":123,"rating":124,"num_ratings":14,"last_updated":18,"tested_up_to":87,"requires_at_least":125,"requires_php":18,"tags":126,"homepage":128,"download_link":129,"security_score":13,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":130},"twitter-digest","Twitter Digest","2.9","tbeck","https:\u002F\u002Fprofiles.wordpress.org\u002Ftbeck\u002F","\u003Cp>This plugin uses the pseudo-cron facility available in WordPress to publish a\u003Cbr \u002F>\ndaily or weekly post of tweets from the previous day.\u003C\u002Fp>\n\u003Cp>Notes:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Versions >= 2.0 have contributions from Paul Wlodarczyk\u003Cbr \u002F>\n(http:\u002F\u002Fthecontentguy.net\u002F). Much thanks goes out to him.\u003C\u002Fli>\n\u003Cli>This plugin has not been tested on anything other than WordPress 2.7 and\u003Cbr \u002F>\nabove  (If anyone wants to try an old version, let me know.)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Configuration\u003C\u002Fh3>\n\u003Cp>There are a number of configuration options for Twitter Digest. You can find these in Options > Twitter Digest.\u003C\u002Fp>\n\u003Ch3>Contact\u003C\u002Fh3>\n\u003Cp>If you have questions or comments, please visit http:\u002F\u002Fwhalespine.org.\u003C\u002Fp>\n\u003Cp>Thanks\u003Cbr \u002F>\nTim Beck\u003C\u002Fp>\n","Creates a daily or weekly post containing tweets from a twitter account.",14229,90,"2.7",[127,23,24],"post-digest","http:\u002F\u002Fwhalespine.org\u002Fprojects\u002Fwordpress\u002Ftwitter-digest","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftwitter-digest.2.9.zip","2026-03-15T10:48:56.248Z",{"slug":132,"name":133,"version":134,"author":135,"author_profile":136,"description":137,"short_description":138,"active_installs":139,"downloaded":140,"rating":29,"num_ratings":29,"last_updated":141,"tested_up_to":142,"requires_at_least":143,"requires_php":18,"tags":144,"homepage":146,"download_link":147,"security_score":52,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"easy-retweet","Easy Retweet","3.1.1","Sudar Muthu","https:\u002F\u002Fprofiles.wordpress.org\u002Fsudar\u002F","\u003Cp>Easy ReTweet is a WordPress Plugin, which let’s you add Tweet this buttons for your WordPress posts.\u003C\u002Fp>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cp>There are three ways you can add the retweet button. Automatic way, manual way and using shortcodes\u003C\u002Fp>\n\u003Ch4>Automatic way\u003C\u002Fh4>\n\u003Cp>Install the Plugin and choose the type and position of the button from the Plugin’s settings page. You can also specifically enable\u002Fdisable the button for each post or page from the write post\u002Fpage screen.\u003C\u002Fp>\n\u003Ch4>Manual way\u003C\u002Fh4>\n\u003Cp>If you want more control over the way the button should be positioned, then you can manually call the button using the following code.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>if (function_exists('easy_retweet_button')) echo easy_retweet_button();\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Using shortcodes\u003C\u002Fh4>\n\u003Cp>You can also place the shortcode [easy-retweet] anywhere in your post. This shortcode will be replaced by the button when the post is rendered.\u003C\u002Fp>\n\u003Ch3>Development\u003C\u002Fh3>\n\u003Cp>The development of the Plugin happens over at \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsudar\u002Feasy-retweet\" rel=\"nofollow ugc\">github\u003C\u002Fa>. If you want to contribute to the Plugin, fork the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsudar\u002Feasy-retweet\" rel=\"nofollow ugc\">project at github\u003C\u002Fa> and send me a pull request.\u003C\u002Fp>\n\u003Cp>If you are not familiar with either git or Github then refer to this \u003Ca href=\"http:\u002F\u002Fsudarmuthu.com\u002Fblog\u002Fcontributing-to-project-hosted-in-github\" rel=\"nofollow ugc\">guide to see how fork and send pull request\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>If you are looking for ideas, then you can start with one of the following TODO items 🙂\u003C\u002Fp>\n\u003Ch3>TODO\u003C\u002Fh3>\n\u003Cp>The following are the features that I am thinking of adding to the Plugin, when I get some free time. If you have any feature request or want to increase the priority of a particular feature, then let me know.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Add Google Analytics tracking to shortcodes and template function\u003C\u002Fli>\n\u003Cli>Add tracking of tweet button clicks\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>If you have found a bug\u002Fissue or have a feature request, then post them in \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsudar\u002Feasy-retweet\u002Fissues\" rel=\"nofollow ugc\">github issues\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>If you have a question about usage or need help to troubleshoot, then post in WordPress forums or leave a comment in \u003Ca href=\"http:\u002F\u002Fsudarmuthu.com\u002Fwordpress\u002Feasy-retweet\" rel=\"nofollow ugc\">Plugins’s home page\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>If you like the Plugin, then kindly leave a review\u002Ffeedback at \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Feasy-retweet\u002F\" rel=\"ugc\">WordPress repo page\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>If you find this Plugin useful or and wanted to say thank you, then there are ways to \u003Ca href=\"http:\u002F\u002Fsudarmuthu.com\u002Fif-you-wanna-thank-me\" rel=\"nofollow ugc\">make me happy\u003C\u002Fa> 🙂 and I would really appreciate if you can do one of those.\u003C\u002Fli>\n\u003Cli>Checkout other \u003Ca href=\"http:\u002F\u002Fsudarmuthu.com\u002Fwordpress\" rel=\"nofollow ugc\">WordPress Plugins\u003C\u002Fa> that I have written\u003C\u002Fli>\n\u003Cli>If anything else, then contact me in \u003Ca href=\"http:\u002F\u002Ftwitter.com\u002Fsudarmuthu\" rel=\"nofollow ugc\">twitter\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Translation\u003C\u002Fh3>\n\u003Cp>The Plugin currently has translations for the following languages.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Belorussian (Thanks FatCow)\u003C\u002Fli>\n\u003Cli>Spanish (Thanks Carlos Varela)\u003C\u002Fli>\n\u003Cli>Brazilian Portuguese (Thanks Marcelo)\u003C\u002Fli>\n\u003Cli>German (Thanks Jenny Beelens)\u003C\u002Fli>\n\u003Cli>Bulgarian (Thanks Dimitar Kolevski)\u003C\u002Fli>\n\u003Cli>Lithuanian (Thanks Nata)\u003C\u002Fli>\n\u003Cli>French (Thanks Brian Flores)\u003C\u002Fli>\n\u003Cli>Romanian (Thanks Alexander Ovsov)\u003C\u002Fli>\n\u003Cli>Hindi (Thanks Love Chandel)\u003C\u002Fli>\n\u003Cli>Irish (Thanks Vikas Arora)\u003C\u002Fli>\n\u003Cli>Danish (Thanks Jorgen)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The pot file is available with the Plugin. If you are willing to do translation for the Plugin, use the pot file to create the .po files for your language and let me know. I will add it to the Plugin after giving credit to you.\u003C\u002Fp>\n\u003Ch3>Readme Generator\u003C\u002Fh3>\n\u003Cp>This Readme file was generated using \u003Ca href='http:\u002F\u002Fsudarmuthu.com\u002Fwordpress\u002Fwp-readme' rel=\"nofollow ugc\">wp-readme\u003C\u002Fa>, which generates readme files for WordPress Plugins.\u003C\u002Fp>\n","Adds a Tweet button to your WordPress posts",60,35419,"2016-12-10T05:34:00.000Z","4.7.32","4.4",[110,145,23,24],"retweet","http:\u002F\u002Fsudarmuthu.com\u002Fwordpress\u002Feasy-retweet","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feasy-retweet.3.1.1.zip",{"attackSurface":149,"codeSignals":199,"taintFlows":764,"riskAssessment":845,"analyzedAt":859},{"hooks":150,"ajaxHandlers":191,"restRoutes":192,"shortcodes":193,"cronEvents":198,"entryPointCount":28,"unprotectedCount":29},[151,157,160,165,169,173,176,179,183,187],{"type":152,"name":153,"callback":154,"file":155,"line":156},"action","wp_enqueue_scripts","xmt_thm_scl_enq_scr","theme\\scrolling\\conf.php",10,{"type":152,"name":153,"callback":158,"file":159,"line":156},"xmt_thm_sld_enq_scr","theme\\slide\\conf.php",{"type":152,"name":161,"callback":162,"file":163,"line":164},"admin_notices","xmt_itl_wrn","xhanch-my-twitter.php",119,{"type":152,"name":166,"callback":167,"file":163,"line":168},"wp_print_styles","xmt_css",184,{"type":152,"name":170,"callback":171,"file":163,"line":172},"new_to_publish","xmt_tweet_post",306,{"type":152,"name":174,"callback":171,"file":163,"line":175},"draft_to_publish",307,{"type":152,"name":177,"callback":171,"file":163,"line":178},"pending_to_publish",308,{"type":152,"name":180,"callback":181,"file":163,"line":182},"publish_to_publish","xmt_tweet_updated_post",337,{"type":152,"name":184,"callback":185,"file":163,"line":186},"admin_menu","xmt_admin_menu",361,{"type":152,"name":188,"callback":189,"file":163,"line":190},"widgets_init","anonymous",421,[],[],[194],{"tag":195,"callback":196,"file":163,"line":197},"xmt","xmt_short_code",215,[],{"dangerousFunctions":200,"sqlUsage":212,"outputEscaping":215,"fileOperations":761,"externalRequests":762,"nonceChecks":50,"capabilityChecks":28,"bundledLibraries":763},[201,206,209],{"fn":202,"file":203,"line":204,"context":205},"unserialize","admin\\setting.php",287,"$xmt_dat = unserialize(base64_decode(file_get_contents($xmt_fle_nme)));",{"fn":202,"file":163,"line":207,"context":208},137,"'cfg' => unserialize($row['cfg']),",{"fn":210,"file":163,"line":190,"context":211},"create_function","add_action('widgets_init', create_function('', 'return register_widget(\"xmt_wgt\");'));",{"prepared":213,"raw":29,"locations":214},46,[],{"escaped":216,"rawEcho":217,"locations":218},58,295,[219,222,224,226,228,230,232,234,236,238,240,242,244,246,248,250,252,253,255,257,259,261,262,264,266,268,270,272,274,276,278,280,282,284,286,288,290,291,292,294,296,298,300,302,304,306,308,310,312,313,315,317,318,320,322,323,325,327,329,331,333,335,337,339,341,343,345,347,349,350,352,354,356,358,360,362,364,365,367,369,371,373,375,376,377,379,381,382,384,386,388,390,392,394,396,398,400,402,404,406,408,410,412,414,416,418,420,422,424,426,428,430,432,434,436,438,440,442,444,446,448,450,452,454,456,458,460,462,464,466,468,470,472,474,476,478,480,481,483,485,487,488,490,492,494,495,497,499,501,502,504,506,508,510,512,514,516,518,519,521,523,525,527,529,531,533,535,537,539,541,543,545,547,549,551,553,555,557,559,561,563,565,566,568,570,572,574,576,578,580,582,584,586,588,590,592,594,596,598,600,602,604,606,608,610,612,614,616,618,621,624,625,627,630,632,634,636,638,640,642,644,647,650,652,654,656,658,660,662,664,665,667,669,671,673,675,676,678,680,682,684,685,686,687,688,689,690,691,692,694,695,696,697,698,699,700,701,702,703,704,706,707,709,711,713,715,717,719,721,724,725,727,728,729,730,731,732,733,734,735,736,737,739,741,743,744,746,748,750,751,753,755,757,758,759],{"file":203,"line":220,"context":221},80,"raw output",{"file":203,"line":223,"context":221},94,{"file":203,"line":225,"context":221},96,{"file":203,"line":227,"context":221},98,{"file":203,"line":229,"context":221},105,{"file":203,"line":231,"context":221},112,{"file":203,"line":233,"context":221},115,{"file":203,"line":235,"context":221},121,{"file":203,"line":237,"context":221},131,{"file":203,"line":239,"context":221},143,{"file":203,"line":241,"context":221},147,{"file":203,"line":243,"context":221},235,{"file":203,"line":245,"context":221},238,{"file":203,"line":247,"context":221},284,{"file":203,"line":249,"context":221},289,{"file":203,"line":251,"context":221},293,{"file":203,"line":182,"context":221},{"file":203,"line":254,"context":221},350,{"file":203,"line":256,"context":221},358,{"file":203,"line":258,"context":221},362,{"file":203,"line":260,"context":221},374,{"file":203,"line":260,"context":221},{"file":203,"line":263,"context":221},400,{"file":203,"line":265,"context":221},403,{"file":203,"line":267,"context":221},405,{"file":203,"line":269,"context":221},407,{"file":203,"line":271,"context":221},412,{"file":203,"line":273,"context":221},424,{"file":203,"line":275,"context":221},425,{"file":203,"line":277,"context":221},427,{"file":203,"line":279,"context":221},428,{"file":203,"line":281,"context":221},435,{"file":203,"line":283,"context":221},436,{"file":203,"line":285,"context":221},438,{"file":203,"line":287,"context":221},439,{"file":203,"line":289,"context":221},445,{"file":203,"line":289,"context":221},{"file":203,"line":289,"context":221},{"file":203,"line":293,"context":221},446,{"file":203,"line":295,"context":221},448,{"file":203,"line":297,"context":221},449,{"file":203,"line":299,"context":221},454,{"file":203,"line":301,"context":221},458,{"file":203,"line":303,"context":221},459,{"file":203,"line":305,"context":221},461,{"file":203,"line":307,"context":221},462,{"file":203,"line":309,"context":221},465,{"file":203,"line":311,"context":221},469,{"file":203,"line":311,"context":221},{"file":203,"line":314,"context":221},474,{"file":203,"line":316,"context":221},479,{"file":203,"line":316,"context":221},{"file":203,"line":319,"context":221},480,{"file":203,"line":321,"context":221},483,{"file":203,"line":321,"context":221},{"file":203,"line":324,"context":221},484,{"file":203,"line":326,"context":221},488,{"file":203,"line":328,"context":221},490,{"file":203,"line":330,"context":221},491,{"file":203,"line":332,"context":221},492,{"file":203,"line":334,"context":221},493,{"file":203,"line":336,"context":221},494,{"file":203,"line":338,"context":221},495,{"file":203,"line":340,"context":221},496,{"file":203,"line":342,"context":221},504,{"file":203,"line":344,"context":221},508,{"file":203,"line":346,"context":221},515,{"file":203,"line":348,"context":221},519,{"file":203,"line":348,"context":221},{"file":203,"line":351,"context":221},524,{"file":203,"line":353,"context":221},525,{"file":203,"line":355,"context":221},528,{"file":203,"line":357,"context":221},531,{"file":203,"line":359,"context":221},535,{"file":203,"line":361,"context":221},538,{"file":203,"line":363,"context":221},542,{"file":203,"line":363,"context":221},{"file":203,"line":366,"context":221},543,{"file":203,"line":368,"context":221},545,{"file":203,"line":370,"context":221},546,{"file":203,"line":372,"context":221},550,{"file":203,"line":374,"context":221},553,{"file":203,"line":374,"context":221},{"file":203,"line":374,"context":221},{"file":203,"line":378,"context":221},555,{"file":203,"line":380,"context":221},561,{"file":203,"line":380,"context":221},{"file":203,"line":383,"context":221},562,{"file":203,"line":385,"context":221},564,{"file":203,"line":387,"context":221},566,{"file":203,"line":389,"context":221},567,{"file":203,"line":391,"context":221},568,{"file":203,"line":393,"context":221},569,{"file":203,"line":395,"context":221},570,{"file":203,"line":397,"context":221},571,{"file":203,"line":399,"context":221},572,{"file":203,"line":401,"context":221},573,{"file":203,"line":403,"context":221},574,{"file":203,"line":405,"context":221},575,{"file":203,"line":407,"context":221},576,{"file":203,"line":409,"context":221},577,{"file":203,"line":411,"context":221},584,{"file":203,"line":413,"context":221},587,{"file":203,"line":415,"context":221},588,{"file":203,"line":417,"context":221},591,{"file":203,"line":419,"context":221},594,{"file":203,"line":421,"context":221},598,{"file":203,"line":423,"context":221},605,{"file":203,"line":425,"context":221},612,{"file":203,"line":427,"context":221},615,{"file":203,"line":429,"context":221},617,{"file":203,"line":431,"context":221},618,{"file":203,"line":433,"context":221},622,{"file":203,"line":435,"context":221},625,{"file":203,"line":437,"context":221},626,{"file":203,"line":439,"context":221},629,{"file":203,"line":441,"context":221},630,{"file":203,"line":443,"context":221},633,{"file":203,"line":445,"context":221},634,{"file":203,"line":447,"context":221},636,{"file":203,"line":449,"context":221},637,{"file":203,"line":451,"context":221},641,{"file":203,"line":453,"context":221},642,{"file":203,"line":455,"context":221},648,{"file":203,"line":457,"context":221},649,{"file":203,"line":459,"context":221},655,{"file":203,"line":461,"context":221},656,{"file":203,"line":463,"context":221},662,{"file":203,"line":465,"context":221},663,{"file":203,"line":467,"context":221},669,{"file":203,"line":469,"context":221},670,{"file":203,"line":471,"context":221},677,{"file":203,"line":473,"context":221},681,{"file":203,"line":475,"context":221},684,{"file":203,"line":477,"context":221},687,{"file":203,"line":479,"context":221},691,{"file":203,"line":479,"context":221},{"file":203,"line":482,"context":221},692,{"file":203,"line":484,"context":221},696,{"file":203,"line":486,"context":221},700,{"file":203,"line":486,"context":221},{"file":203,"line":489,"context":221},701,{"file":203,"line":491,"context":221},705,{"file":203,"line":493,"context":221},709,{"file":203,"line":493,"context":221},{"file":203,"line":496,"context":221},710,{"file":203,"line":498,"context":221},714,{"file":203,"line":500,"context":221},718,{"file":203,"line":500,"context":221},{"file":203,"line":503,"context":221},719,{"file":203,"line":505,"context":221},721,{"file":203,"line":507,"context":221},723,{"file":203,"line":509,"context":221},724,{"file":203,"line":511,"context":221},725,{"file":203,"line":513,"context":221},740,{"file":203,"line":515,"context":221},744,{"file":203,"line":517,"context":221},754,{"file":203,"line":517,"context":221},{"file":203,"line":520,"context":221},773,{"file":203,"line":522,"context":221},789,{"file":203,"line":524,"context":221},794,{"file":203,"line":526,"context":221},796,{"file":203,"line":528,"context":221},797,{"file":203,"line":530,"context":221},803,{"file":203,"line":532,"context":221},807,{"file":203,"line":534,"context":221},810,{"file":203,"line":536,"context":221},815,{"file":203,"line":538,"context":221},820,{"file":203,"line":540,"context":221},821,{"file":203,"line":542,"context":221},824,{"file":203,"line":544,"context":221},826,{"file":203,"line":546,"context":221},834,{"file":203,"line":548,"context":221},836,{"file":203,"line":550,"context":221},838,{"file":203,"line":552,"context":221},845,{"file":203,"line":554,"context":221},849,{"file":203,"line":556,"context":221},850,{"file":203,"line":558,"context":221},852,{"file":203,"line":560,"context":221},854,{"file":203,"line":562,"context":221},855,{"file":203,"line":564,"context":221},856,{"file":203,"line":564,"context":221},{"file":203,"line":567,"context":221},857,{"file":203,"line":569,"context":221},865,{"file":203,"line":571,"context":221},871,{"file":203,"line":573,"context":221},879,{"file":203,"line":575,"context":221},882,{"file":203,"line":577,"context":221},884,{"file":203,"line":579,"context":221},888,{"file":203,"line":581,"context":221},892,{"file":203,"line":583,"context":221},893,{"file":203,"line":585,"context":221},894,{"file":203,"line":587,"context":221},900,{"file":203,"line":589,"context":221},902,{"file":203,"line":591,"context":221},904,{"file":203,"line":593,"context":221},910,{"file":203,"line":595,"context":221},914,{"file":203,"line":597,"context":221},915,{"file":203,"line":599,"context":221},918,{"file":203,"line":601,"context":221},924,{"file":203,"line":603,"context":221},928,{"file":203,"line":605,"context":221},936,{"file":203,"line":607,"context":221},938,{"file":203,"line":609,"context":221},939,{"file":203,"line":611,"context":221},941,{"file":203,"line":613,"context":221},942,{"file":203,"line":615,"context":221},946,{"file":203,"line":617,"context":221},949,{"file":619,"line":620,"context":221},"css\\css.php",17,{"file":622,"line":623,"context":221},"inc\\common.php",30,{"file":622,"line":139,"context":221},{"file":622,"line":626,"context":221},62,{"file":628,"line":629,"context":221},"inc\\header-style.php",19,{"file":628,"line":631,"context":221},22,{"file":628,"line":633,"context":221},25,{"file":628,"line":635,"context":221},28,{"file":628,"line":637,"context":221},31,{"file":628,"line":639,"context":221},36,{"file":628,"line":641,"context":221},38,{"file":628,"line":643,"context":221},42,{"file":645,"line":646,"context":221},"misc\\profile-export.php",34,{"file":648,"line":649,"context":221},"theme\\default\\widget.php",9,{"file":648,"line":651,"context":221},12,{"file":648,"line":653,"context":221},15,{"file":648,"line":655,"context":221},16,{"file":648,"line":657,"context":221},20,{"file":648,"line":659,"context":221},23,{"file":648,"line":661,"context":221},26,{"file":648,"line":663,"context":221},29,{"file":648,"line":637,"context":221},{"file":648,"line":666,"context":221},33,{"file":648,"line":668,"context":221},35,{"file":648,"line":670,"context":221},50,{"file":648,"line":672,"context":221},70,{"file":648,"line":674,"context":221},73,{"file":648,"line":220,"context":221},{"file":648,"line":677,"context":221},83,{"file":648,"line":679,"context":221},87,{"file":681,"line":651,"context":221},"theme\\scrolling\\conf-frm.php",{"file":681,"line":683,"context":221},13,{"file":681,"line":653,"context":221},{"file":681,"line":629,"context":221},{"file":681,"line":657,"context":221},{"file":681,"line":631,"context":221},{"file":681,"line":659,"context":221},{"file":681,"line":661,"context":221},{"file":681,"line":623,"context":221},{"file":681,"line":623,"context":221},{"file":693,"line":649,"context":221},"theme\\scrolling\\widget.php",{"file":693,"line":651,"context":221},{"file":693,"line":653,"context":221},{"file":693,"line":655,"context":221},{"file":693,"line":657,"context":221},{"file":693,"line":659,"context":221},{"file":693,"line":661,"context":221},{"file":693,"line":663,"context":221},{"file":693,"line":637,"context":221},{"file":693,"line":666,"context":221},{"file":693,"line":668,"context":221},{"file":693,"line":705,"context":221},40,{"file":693,"line":643,"context":221},{"file":693,"line":708,"context":221},55,{"file":693,"line":710,"context":221},75,{"file":693,"line":712,"context":221},78,{"file":693,"line":714,"context":221},93,{"file":693,"line":716,"context":221},110,{"file":693,"line":718,"context":221},113,{"file":693,"line":720,"context":221},117,{"file":722,"line":723,"context":221},"theme\\slide\\conf-frm.php",7,{"file":722,"line":104,"context":221},{"file":726,"line":649,"context":221},"theme\\slide\\widget.php",{"file":726,"line":651,"context":221},{"file":726,"line":653,"context":221},{"file":726,"line":655,"context":221},{"file":726,"line":657,"context":221},{"file":726,"line":659,"context":221},{"file":726,"line":661,"context":221},{"file":726,"line":663,"context":221},{"file":726,"line":637,"context":221},{"file":726,"line":666,"context":221},{"file":726,"line":668,"context":221},{"file":726,"line":738,"context":221},39,{"file":726,"line":740,"context":221},47,{"file":726,"line":742,"context":221},67,{"file":726,"line":672,"context":221},{"file":726,"line":745,"context":221},76,{"file":726,"line":747,"context":221},79,{"file":726,"line":749,"context":221},82,{"file":726,"line":227,"context":221},{"file":163,"line":752,"context":221},157,{"file":163,"line":754,"context":221},181,{"file":163,"line":756,"context":221},411,{"file":163,"line":756,"context":221},{"file":163,"line":756,"context":221},{"file":163,"line":760,"context":221},414,11,2,[],[765,821],{"entryPoint":766,"graph":767,"unsanitizedCount":762,"severity":41},"xmt_setting (admin\\setting.php:5)",{"nodes":768,"edges":811},[769,774,778,780,784,786,790,793,797,803,806,809],{"id":770,"type":771,"label":772,"file":203,"line":773},"n0","source","$_FILES",286,{"id":775,"type":776,"label":777,"file":203,"line":204,"wp_function":202},"n1","sink","unserialize() [Object Injection]",{"id":779,"type":771,"label":772,"file":203,"line":773},"n2",{"id":781,"type":776,"label":782,"file":203,"line":204,"wp_function":783},"n3","file_get_contents() [SSRF\u002FLFI]","file_get_contents",{"id":785,"type":771,"label":772,"file":203,"line":773},"n4",{"id":787,"type":776,"label":788,"file":203,"line":251,"wp_function":789},"n5","echo() [XSS]","echo",{"id":791,"type":771,"label":772,"file":203,"line":792},"n6",291,{"id":794,"type":795,"label":796,"file":203,"line":792},"n7","transform","→ xmt_acc_del()",{"id":798,"type":776,"label":799,"file":800,"line":801,"wp_function":802},"n8","query() [SQLi]","inc\\account.php",44,"query",{"id":804,"type":771,"label":772,"file":203,"line":805},"n9",292,{"id":807,"type":795,"label":808,"file":203,"line":805},"n10","→ xmt_acc_add()",{"id":810,"type":776,"label":799,"file":800,"line":657,"wp_function":802},"n11",[812,814,815,816,818,819,820],{"from":770,"to":775,"sanitized":813},true,{"from":779,"to":781,"sanitized":813},{"from":785,"to":787,"sanitized":813},{"from":791,"to":794,"sanitized":817},false,{"from":794,"to":798,"sanitized":817},{"from":804,"to":807,"sanitized":817},{"from":807,"to":810,"sanitized":817},{"entryPoint":822,"graph":823,"unsanitizedCount":762,"severity":41},"\u003Csetting> (admin\\setting.php:0)",{"nodes":824,"edges":837},[825,826,827,828,829,830,831,832,833,834,835,836],{"id":770,"type":771,"label":772,"file":203,"line":773},{"id":775,"type":776,"label":777,"file":203,"line":204,"wp_function":202},{"id":779,"type":771,"label":772,"file":203,"line":773},{"id":781,"type":776,"label":782,"file":203,"line":204,"wp_function":783},{"id":785,"type":771,"label":772,"file":203,"line":773},{"id":787,"type":776,"label":788,"file":203,"line":251,"wp_function":789},{"id":791,"type":771,"label":772,"file":203,"line":792},{"id":794,"type":795,"label":796,"file":203,"line":792},{"id":798,"type":776,"label":799,"file":800,"line":801,"wp_function":802},{"id":804,"type":771,"label":772,"file":203,"line":805},{"id":807,"type":795,"label":808,"file":203,"line":805},{"id":810,"type":776,"label":799,"file":800,"line":657,"wp_function":802},[838,839,840,841,842,843,844],{"from":770,"to":775,"sanitized":813},{"from":779,"to":781,"sanitized":813},{"from":785,"to":787,"sanitized":813},{"from":791,"to":794,"sanitized":817},{"from":794,"to":798,"sanitized":817},{"from":804,"to":807,"sanitized":817},{"from":807,"to":810,"sanitized":817},{"summary":846,"deductions":847},"The \"xhanch-my-twitter\" plugin v2.7.9 exhibits a mixed security posture. While it demonstrates good practices in SQL query handling, utilizing prepared statements exclusively, and includes some nonce and capability checks, several concerning areas require attention. The presence of dangerous functions like `unserialize` and `create_function` is a significant red flag, especially when combined with taint analysis revealing two flows with unsanitized paths, classified as high severity. These could potentially lead to remote code execution or other serious vulnerabilities if exploited.\n\nThe plugin's vulnerability history shows one previously disclosed high-severity vulnerability, historically of the Cross-Site Request Forgery (CSRF) type. Although currently unpatched CVEs are zero, the past occurrence of a high-severity issue, coupled with the static analysis findings, suggests a pattern of potential weaknesses. The limited attack surface (one shortcode) and lack of unprotected entry points are positive aspects, but the identified code signals and taint issues outweigh these strengths.\n\nIn conclusion, while the plugin shows some security awareness, the presence of dangerous functions, high-severity unsanitized taint flows, and a history of high-severity vulnerabilities necessitate caution. Further investigation and code review are recommended to mitigate these risks, particularly around the usage of `unserialize` and `create_function` and the identified unsanitized paths.",[848,850,852,854,857],{"reason":849,"points":651},"High severity taint flows with unsanitized paths",{"reason":851,"points":104},"Use of dangerous function: unserialize",{"reason":853,"points":104},"Use of dangerous function: create_function",{"reason":855,"points":856},"16% of outputs properly escaped (low escaping)",5,{"reason":858,"points":653},"Previous High severity CVE","2026-03-16T20:29:50.517Z",{"wat":861,"direct":867},{"assetPaths":862,"generatorPatterns":864,"scriptPaths":865,"versionParams":866},[863],"\u002Fwp-content\u002Fplugins\u002Fxhanch-my-twitter\u002Fcss\u002Fcss.php",[],[],[],{"cssClasses":868,"htmlComments":871,"htmlAttributes":876,"restEndpoints":881,"jsGlobals":882,"shortcodeOutput":884},[195,869,870],"tweet_avatar","tweet_list",[872,873,874,875],"\u003C![CDATA[","]]>","Starting to generate output","Finished",[877,878,879,880],"data-id","data-tweet-id","data-account","data-tweet-url",[],[883],"window.xmt_base_url",[885],"[xmt"]