This plugin registers shortcodes for the following websites, social service on the left, format for the shortcode on the right:
Service / shortcode version
- Blogger [blogger]
- BookHype [bookhype]
- Colourlovers [colourlovers]
- DeviantArt [deviantart]
- Digg [digg]
- Dribbble [dribbble]
- Etsy [etsy]
- Facebook [facebook]
- Flickr [flickr]
- Flipboard [flipboard]
- GitHub [github]
- Goodreads [goodreads]
- HackerNews [hackernews]
- IMDb [imdb]
- Instagram [instagram]
- Last.FM [lastfm]
- LinkedIn [linkedin]
- Myspace [myspace]
- Patreon [patreon]
- Pinterest [pinterest]
- Reddit [reddit]
- Slideshare [slideshare]
- SpaceHey [spacehey]
- Soundcloud [soundcloud]
- TikTok [tiktok]
- Twitch [twitch]
- Twitter [twitter]
- Vimeo
- X [x]
- Yelp [yelp]
- YouTube
All examples updated for v1.1
Example 1:
[twitter name="JoeSomeone" text="some text you want the link to appear as"]
results in this on your post/page:
<a href="http://www.twitter.com/JoeSomeone" title="JoeSomeone's Twitter profile" class="twitter_smsc">some text you want the link to appear as</a>
Example 2:
[twitter name="JoeSomeone"]
results in this on your post/page.
<a href="http://www.twitter.com/JoeSomeone" title="JoeSomeone's Twitter profile" class="twitter_smsc">JoeSomeone (Twitter)</a>
Example 3:
[twitter name="JoeSomeone" target="_blank"]
results in on your post/page.:
<a href="http://www.twitter.com/JoeSomeone" title="JoeSomeone's Twitter profile" target="_blank" class="twitter_smsc">JoeSomeone (Twitter)</a>
Filters:
function example_add_site( $sites ) {
$sites['somesite'] = array( 'Some Site', 'http://www.somesite.com/user/' );
//Return the $sites array
return $sites;
}
add_filter( 'smsc_shortcodes', 'example_add_site' );
function example_add_classes( $classes ) {
$classes[] = 'someclass';
return $classes;
}
add_filter( 'smsc_classes', 'example_add_classes' );
function example_change_final_link( $output, $shortcode ) {
if ( 'somesite' == $shortcode ) {
$output_new = $output . ' <--Awesome profile!';
}
return $output_new;
}
add_filter( 'smsc_final_link', 'example_change_final_link', 10, 2 );
CVE History
| CVE | Published | CVSS v3 | CVSS v2 |
|---|---|---|---|
| 6.4 MEDIUM | — | ||
The Social Media Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'twitter' shortcode in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | |||