[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$faxtmNF1JNS7Jww_qmFSp7FBS__lB7YCZeZJObPa3bx0":3,"$fOLJrrRIKIzaMf75tzuHLwmgM_7rREfiCmGWRIOGZzL8":233,"$fS5Aqbr_PaTjlwC3E3E5hux5vAH4NdpI-SaCodsmVw8c":238},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"discovery_status":32,"vulnerabilities":33,"developer":52,"crawl_stats":39,"alternatives":59,"analysis":162,"fingerprints":213},"add-from-server","Add From Server","3.4.5","Dion Hulse","https:\u002F\u002Fprofiles.wordpress.org\u002Fdd32\u002F","\u003Cp>This plugin offers limited support. Please do not expect new features or too many bugfixes. Features may be removed at any time.\u003C\u002Fp>\n\u003Cp>Add From Server is designed to help ease the pain of bad web hosts, allowing you to upload files via FTP or SSH and later import them into WordPress.\u003C\u002Fp>\n\u003Cp>This plugin is NOT designed to..\u003Cbr \u002F>\n * Be used as a replacement for the file uploader\u003Cbr \u002F>\n * Be used for migration of websites\u003Cbr \u002F>\n * Re-import your files after moving webhosting\u003Cbr \u002F>\n * Batch import media\u003C\u002Fp>\n\u003Cp>This plugins IS designed to..\u003Cbr \u002F>\n * Import files which are larger than your hosting allows to be uploaded.\u003Cbr \u002F>\n * Import files which are too large for your internet connections upload speed.\u003C\u002Fp>\n\u003Cp>WordPress does a better job of file uploads than this plugin, so please consider your needs before you use it.\u003C\u002Fp>\n\u003Cp>You may also want to look at using WP-CLI for media import purposes:\u003Cbr \u002F>\nhttps:\u002F\u002Fdeveloper.wordpress.org\u002Fcli\u002Fcommands\u002Fmedia\u002Fimport\u002F\u003C\u002Fp>\n","Add From Server is designed to help ease the pain of bad web hosts, allowing you to upload files via FTP or SSH and later import them into WordPress.",60000,1320732,92,239,"2020-12-11T07:32:00.000Z","5.5.18","5.4","7.0",[20,21,22,23,24],"admin","import","media","post","uploads","https:\u002F\u002Fdd32.id.au\u002Fwordpress-plugins\u002Fadd-from-server\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadd-from-server.3.4.5.zip",84,1,0,"2016-08-08 00:00:00","2026-04-16T10:56:18.058Z","no_bundle",[34],{"id":35,"url_slug":36,"title":37,"description":38,"plugin_slug":4,"theme_slug":39,"affected_versions":40,"patched_in_version":41,"severity":42,"cvss_score":43,"cvss_vector":44,"vuln_type":45,"published_date":30,"updated_date":46,"references":47,"days_to_patch":49,"patch_diff_files":50,"patch_trac_url":39,"research_status":39,"research_verified":51,"research_rounds_completed":29,"research_plan":39,"research_summary":39,"research_vulnerable_code":39,"research_fix_diff":39,"research_exploit_outline":39,"research_model_used":39,"research_started_at":39,"research_completed_at":39,"research_error":39,"poc_status":39,"poc_video_id":39,"poc_summary":39,"poc_steps":39,"poc_tested_at":39,"poc_wp_version":39,"poc_php_version":39,"poc_playwright_script":39,"poc_exploit_code":39,"poc_has_trace":51,"poc_model_used":39,"poc_verification_depth":39},"CVE-2016-10914","add-from-server-cross-site-request-forgery","Add From Server \u003C= 3.3.1 - Cross-Site Request Forgery","The add-from-server plugin before 3.3.2 for WordPress has CSRF for importing a large file.",null,"\u003C3.3.2","3.3.2","high",8.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Cross-Site Request Forgery (CSRF)","2024-01-22 19:56:02",[48],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F6d9a3ad3-90fa-46bc-b42a-7616c02a8b50?source=api-prod",2724,[],false,{"slug":53,"display_name":7,"profile_url":8,"plugin_count":54,"total_installs":55,"avg_security_score":56,"avg_patch_time_days":49,"trust_score":57,"computed_at":58},"dd32",2,100000,85,69,"2026-05-19T14:59:29.641Z",[60,83,104,123,144],{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":68,"downloaded":69,"rating":70,"num_ratings":71,"last_updated":72,"tested_up_to":73,"requires_at_least":74,"requires_php":75,"tags":76,"homepage":79,"download_link":80,"security_score":81,"vuln_count":28,"unpatched_count":29,"last_vuln_date":82,"fetched_at":31},"media-sync","Media Sync","1.4.9","erolsk8","https:\u002F\u002Fprofiles.wordpress.org\u002Ferolsk8\u002F","\u003Cp>This plugin allows you to examine all files within the \u003Ccode>uploads\u003C\u002Fcode> directory to determine which ones are present in the Media Library and which ones are just sitting there unused. You can then choose the files you want to import into the database, thereby including them in the Media Library.\u003C\u002Fp>\n\u003Cp>Moreover, you can utilize FTP to upload files directly to the \u003Ccode>uploads\u003C\u002Fcode> directory and subsequently add these files to the Media Library avoiding any file size limitations.\u003C\u002Fp>\n\u003Ch4>Disclaimers\u003C\u002Fh4>\n\u003Col>\n\u003Cli>\n\u003Cp>“1 file first”\u003Cbr \u002F>\nPlease try to import only one file first – to see if it works as you expected.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>“All at once”\u003Cbr \u002F>\nThis plugin is designed for scanning, selecting, and importing \u003Cstrong>all files at once\u003C\u002Fstrong>. However, based on your server’s configuration, memory, and timeout challenges may arise with extensive file quantities. To mitigate this, a newly revamped \u003Ca href=\"https:\u002F\u002Fmediasyncplugin.com\u002F?utm_source=readme&utm_medium=base_plugin&utm_campaign=aao\" rel=\"nofollow ugc\">pro version\u003C\u002Fa> employs incremental directory scans to effectively tackle these issues.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>“Your setup is unique”\u003Cbr \u002F>\nPlease be aware that every WordPress installation is unique, and there may be instances where this plugin does not function as expected. Should this occur, we recommend enabling the debugging feature in the plugin’s settings to identify the issue. After investigating, kindly provide a detailed description of your findings in the Support section (or \u003Ca href=\"https:\u002F\u002Fusers.freemius.com\u002Fstore\u002F6428\u002Fsupport\" rel=\"nofollow ugc\">here\u003C\u002Fa> if you’re using pro version). The more comprehensive the details, the higher the likelihood of resolving the problem effectively.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Ignored files\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>various hidden files (.DS_Store, .htaccess),\u003C\u002Fli>\n\u003Cli>WP generated thumbnails (files ending with for example -100×100.jpg),\u003C\u002Fli>\n\u003Cli>WP generated scaled images (files ending with -scaled),\u003C\u002Fli>\n\u003Cli>optimized .webp versions of original images (.jpg.webp),\u003C\u002Fli>\n\u003Cli>retina thumbnails (-100×100@2x.jpg).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>These can be modified and enhanced using the new advanced filters available in the \u003Ca href=\"https:\u002F\u002Fmediasyncplugin.com\u002F?utm_source=readme&utm_medium=base_plugin&utm_campaign=df\" rel=\"nofollow ugc\">pro version\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Media Sync Pro features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Revised incremental scan\u003C\u002Fstrong>: Allows scanning and importing unlimited number of files.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Quick single directory rescan\u003C\u002Fstrong>: Easily rescan one directory to find new files or apply a different filter without reloading the whole page.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Advanced filters\u003C\u002Fstrong>: Find any file by customizing all default filters, search for a specific file type (images, videos, etc.), skip by tailor-made rules, or enter any custom pattern.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Schedule automatic imports\u003C\u002Fstrong>: Select a desired interval and let the plugin automatically import any new files it finds.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Import logs\u003C\u002Fstrong>: View the history of manual or scheduled imports.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Limit plugin access\u003C\u002Fstrong>: Limit plugin access to a specific role.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Get \u003Ca href=\"https:\u002F\u002Fmediasyncplugin.com\u002F?utm_source=readme&utm_medium=base_plugin&utm_campaign=pfl\" rel=\"nofollow ugc\">pro version here\u003C\u002Fa>.\u003C\u002Fp>\n","Simple plugin to scan \"uploads\" directory and bring those files into Media Library.",40000,534858,94,82,"2025-11-25T08:11:00.000Z","6.9.4","5.3","7.1",[77,21,22,78,24],"ftp","server","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmedia-sync\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmedia-sync.1.4.9.zip",99,"2026-05-13 18:15:39",{"slug":84,"name":85,"version":86,"author":87,"author_profile":88,"description":89,"short_description":90,"active_installs":68,"downloaded":91,"rating":92,"num_ratings":93,"last_updated":94,"tested_up_to":95,"requires_at_least":96,"requires_php":97,"tags":98,"homepage":102,"download_link":103,"security_score":92,"vuln_count":29,"unpatched_count":29,"last_vuln_date":39,"fetched_at":31},"reveal-ids-for-wp-admin-25","Reveal IDs","1.6.2","wpseek","https:\u002F\u002Fprofiles.wordpress.org\u002Falphawolf\u002F","\u003Cp>With WordPress 2.5 being released, the IDs on all admin pages have been removed as it is. Propably due to the fact that the common user dont need them. However, for advanced WordPress Users\u002F developers those IDs were quite interesting for some plugins or template tags.\u003C\u002Fp>\n\u003Cp>What this plugin does is to reveal most removed entry IDs on admin pages, showing the entry IDs, as it was in versions prior to 2.5\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Sortable columns for WP 3.1 or higher\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fx.com\u002Fwpseek\" title=\"Developer on X\" rel=\"nofollow ugc\">Developer on X\u003C\u002Fa> \u003Ca href=\"https:\u002F\u002Fbsky.app\u002Fprofile\u002Fcyberblitzbirne.bsky.social\" title=\"Developer on Bluesky\" rel=\"nofollow ugc\">Developer on Bluesky\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Included languages:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>English\u003C\u002Fli>\n\u003Cli>German (de_DE) (Thanks to me ;-))\u003C\u002Fli>\n\u003Cli>Brazilian Portuguese (pt_BR) (Thanks for contributing brazilian portuguese language goes to \u003Ca href=\"https:\u002F\u002Fwww.maujor.com\" rel=\"nofollow ugc\">Maurício Samy Silva\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Italian (it_IT) (Thanks for contributing italian language goes to Gianluca Urgese)\u003C\u002Fli>\n\u003Cli>Spanish (es_ES) (Thanks for contributing spanish language goes to \u003Ca href=\"https:\u002F\u002Fwww.es-xchange.com\" rel=\"nofollow ugc\">Karin Sequen\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Russian (ru_RU) (Thanks for contributing russian language goes to \u003Ca href=\"https:\u002F\u002Fgrugl.me\" rel=\"nofollow ugc\">Dimitry German\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Belorussian (by_BY) (Thanks for contributing belorussian language goes to \u003Ca href=\"https:\u002F\u002Fwww.fatcow.com\" rel=\"nofollow ugc\">FatCow\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Dutch (nl_NL) (Thanks for contributing dutch language goes to \u003Ca href=\"https:\u002F\u002Fwpwebshop.com\u002Fpremium-wordpress-plugins\u002F\" rel=\"nofollow ugc\">wpwebshop.com\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>European Portuguese (pt_PT) (Thanks for contributing european portuguese language goes to \u003Ca href=\"https:\u002F\u002Fthepatientcapacitor.com\u002F\" rel=\"nofollow ugc\">PL Monteiro\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Polish (pl_PL) (Thanks for contributing polish language goes to Simivar)\u003C\u002Fli>\n\u003Cli>Romanian (ro_RO) (Thanks for contributing romanian language goes to \u003Ca href=\"https:\u002F\u002Fwww.jibo.ro\" rel=\"nofollow ugc\">Anunturi Jibo\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Georgian (ge_KA) (Thanks for contributing georgian language goes to \u003Ca href=\"https:\u002F\u002Fwww.onlinecasinobluebook.com\u002F\" rel=\"nofollow ugc\">Online Casino Bluebook\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Swedish (sv_SE) (Thanks for contributing swedish language goes to \u003Ca href=\"https:\u002F\u002Ffjellner.com\u002F\" rel=\"nofollow ugc\">Tor-Bjorn Fjellner\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Ukrainian (uk) (Thanks for contributing ukrainian language goes to \u003Ca href=\"https:\u002F\u002Fwww.everycloudtech.com\u002F\" rel=\"nofollow ugc\">Everycloud\u003C\u002Fa>)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Looking for more WordPress plugins? Visit \u003Ca href=\"https:\u002F\u002Fwww.schloebe.de\u002Fportfolio\u002F\" rel=\"nofollow ugc\">www.schloebe.de\u002Fportfolio\u002F\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n","What this plugin does is to reveal most removed IDs on admin pages, as it was in versions prior to 2.5.",1142797,100,61,"2026-02-15T13:44:00.000Z","6.9.99","3.0","",[99,22,100,23,101],"id","page","wp-admin","https:\u002F\u002Fwww.schloebe.de\u002Fwordpress\u002Freveal-ids-for-wp-admin-25-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Freveal-ids-for-wp-admin-25.zip",{"slug":105,"name":106,"version":107,"author":108,"author_profile":109,"description":110,"short_description":111,"active_installs":112,"downloaded":113,"rating":114,"num_ratings":115,"last_updated":116,"tested_up_to":18,"requires_at_least":117,"requires_php":118,"tags":119,"homepage":121,"download_link":122,"security_score":92,"vuln_count":29,"unpatched_count":29,"last_vuln_date":39,"fetched_at":31},"bulk-media-register","Bulk Media Register","1.41","Katsushi Kawamori","https:\u002F\u002Fprofiles.wordpress.org\u002Fkatsushi-kawamori\u002F","\u003Cp>Bulk register files on the server to the Media Library.\u003C\u002Fp>\n\u003Ch4>Register to media library\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Maintain folder structure.\u003C\u002Fli>\n\u003Cli>This create a thumbnail of the image file.\u003C\u002Fli>\n\u003Cli>This create a metadata(Images, Videos, Audios).\u003C\u002Fli>\n\u003Cli>Change the date\u002Ftime.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Sibling plugin\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmoving-media-library\u002F\" rel=\"ugc\">Moving Media Library\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmedia-from-ftp\u002F\" rel=\"ugc\">Media from FTP\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmedia-from-zip\u002F\" rel=\"ugc\">Media from ZIP\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Note\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>If you want to use a multi-byte file name, use UTF-8. The file name is used as the title during registration, but is sanitized and changed to a different file name.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>How it works\u003C\u002Fh4>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FVa92SMlFDxk?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n","Bulk register files on the server to the Media Library.",8000,128153,90,22,"2026-03-29T21:31:00.000Z","4.6","8.0",[120,77,21,22,24],"files","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbulk-media-register\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbulk-media-register.1.41.zip",{"slug":124,"name":125,"version":126,"author":127,"author_profile":128,"description":129,"short_description":130,"active_installs":131,"downloaded":132,"rating":92,"num_ratings":133,"last_updated":134,"tested_up_to":73,"requires_at_least":135,"requires_php":136,"tags":137,"homepage":142,"download_link":143,"security_score":92,"vuln_count":29,"unpatched_count":29,"last_vuln_date":39,"fetched_at":31},"post-export-import-with-media","Post Export Import with Media","1.4.1","wpazleen","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpazleen\u002F","\u003Cp>\u003Cstrong>Post Export Import with Media\u003C\u002Fstrong> is a simple yet powerful WordPress plugin that helps you securely transfer posts, pages, media, widgets, menus, themes, plugins & settings along with their media files between WordPress sites. Unlike the default exporter, this plugin ensures that images and attachments are included, so you don’t end up with broken links or missing media.\u003C\u002Fp>\n\u003Cp>Whether you’re moving to a new host, creating staging sites, or backing up your content, this plugin handles everything with professional-grade reliability, user-friendly interface and powerful built-in Batch Processing for high-performance transfers all designed for simplicity and control.\u003C\u002Fp>\n\u003Ch3>✨ Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Export and import posts with all attached media files, metadata, categories, tags, and custom fields  \u003C\u002Fli>\n\u003Cli>Automatic media file detection and download during import\u003C\u002Fli>\n\u003Cli>Real-time progress tracking for smooth migration  \u003C\u002Fli>\n\u003Cli>Smart image handling – reuses existing media, downloads missing files\u003C\u002Fli>\n\u003Cli>Support for featured images and inline content images\u003C\u002Fli>\n\u003Cli>Selective Export & Import\n\u003Cul>\n\u003Cli>Export specific posts or pages instead of entire content\u003C\u002Fli>\n\u003Cli>Preview and choose content before importing\u003C\u002Fli>\n\u003Cli>Set status before import (Public, Private, Draft)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Bulk delete functionality with confirmation dialogs\u003C\u002Fli>\n\u003Cli>Secure data handling to prevent errors or data loss  \u003C\u002Fli>\n\u003Cli>Lightweight and beginner-friendly interface  \u003C\u002Fli>\n\u003Cli>Works for bloggers, developers, and site administrators  \u003C\u002Fli>\n\u003Cli>Batch Processing Settings (Optimized for large-scale websites)\u003C\u002Fli>\n\u003Cli>Scheduled Exports (Automated Backups)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>\u003Cstrong>Pages Export\u002FImport\u003C\u002Fstrong>\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Complete page hierarchy preservation\u003C\u002Fli>\n\u003Cli>Template assignments and page metadata\u003C\u002Fli>\n\u003Cli>Featured images and content images handling\u003C\u002Fli>\n\u003Cli>Parent-child page relationships maintained\u003C\u002Fli>\n\u003Cli>Supports selective export\u002Fimport for pages\u003C\u002Fli>\n\u003Cli>Custom page attributes and settings\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>\u003Cstrong>WordPress Settings Backup\u003C\u002Fstrong>\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>7 settings categories: General, Writing, Reading, Discussion, Media, Permalinks, Privacy\u003C\u002Fli>\n\u003Cli>Site icon export\u002Fimport with URL information\u003C\u002Fli>\n\u003Cli>Selective import – choose which settings to import\u003C\u002Fli>\n\u003Cli>Detailed import logs showing success\u002Ffailure for each setting\u003C\u002Fli>\n\u003Cli>Handles deprecated WordPress options automatically\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>\u003Cstrong>Widgets & Navigation Menus\u003C\u002Fstrong>\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Complete widget configuration export\u002Fimport\u003C\u002Fli>\n\u003Cli>Widget positions and sidebar assignments\u003C\u002Fli>\n\u003Cli>Navigation menu structure with all items\u003C\u002Fli>\n\u003Cli>Menu locations and theme assignments\u003C\u002Fli>\n\u003Cli>Menu item hierarchy and custom properties\u003C\u002Fli>\n\u003Cli>Support for all widget types including custom HTML, media widgets\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>\u003Cstrong>Themes & Plugins Backup\u003C\u002Fstrong>\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Export active theme, all themes, or selected themes\u003C\u002Fli>\n\u003Cli>Export active plugins, all plugins, or selected plugins\u003C\u002Fli>\n\u003Cli>ZIP file creation with proper directory structure\u003C\u002Fli>\n\u003Cli>Import with replace existing or keep both options\u003C\u002Fli>\n\u003Cli>Automatic theme\u002Fplugin activation after import\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>\u003Cstrong>Advanced Admin Features\u003C\u002Fstrong>\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Admin Download Buttons\u003C\u002Fstrong> – Add download buttons to WordPress themes.php and plugins.php pages\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Media Statistics\u003C\u002Fstrong> – Comprehensive media library analysis with file types, sizes, and usage\u003C\u002Fli>\n\u003Cli>\u003Cstrong>System Configuration Test\u003C\u002Fstrong> – Check server capabilities and requirements\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Plugin Recommendations\u003C\u002Fstrong> – Curated list of useful WordPress plugins\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🎯 \u003Cstrong>Perfect For\u003C\u002Fstrong>\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Web Developers\u003C\u002Fstrong> – Quickly clone sites for development and testing\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Site Migrations\u003C\u002Fstrong> – Move WordPress sites between hosts seamlessly  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Backup Solutions\u003C\u002Fstrong> – Create complete site backups including media\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Staging Sites\u003C\u002Fstrong> – Duplicate production sites for safe testing\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Client Handoffs\u003C\u002Fstrong> – Package complete sites for client delivery\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multi-site Management\u003C\u002Fstrong> – Sync content between multiple WordPress installations\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🔧 \u003Cstrong>Technical Excellence\u003C\u002Fstrong>\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Security First\u003C\u002Fstrong> – All operations use WordPress nonces and capability checks\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Memory Efficient\u003C\u002Fstrong> – Handles large sites without memory issues\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Cross-Platform\u003C\u002Fstrong> – Works on Windows, Linux, and macOS servers\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Error Recovery\u003C\u002Fstrong> – Comprehensive error handling and user feedback\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Progress Tracking\u003C\u002Fstrong> – Real-time updates during long operations\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Clean Code\u003C\u002Fstrong> – Well-documented, maintainable codebase following WordPress standards\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>📊 \u003Cstrong>Real-time Progress & Logging\u003C\u002Fstrong>\u003C\u002Fh3>\n\u003Cp>Every operation provides detailed feedback:\u003Cbr \u002F>\n* Progress bars showing completion percentage\u003Cbr \u002F>\n* Timestamped logs with success\u002Fwarning\u002Ferror indicators\u003Cbr \u002F>\n* Detailed statistics (items imported, skipped, failed)\u003Cbr \u002F>\n* Clear error messages with actionable solutions\u003Cbr \u002F>\n* Import\u002Fexport summaries with file information\u003C\u002Fp>\n\u003Ch3>🎨 \u003Cstrong>User Experience\u003C\u002Fstrong>\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Intuitive Interface\u003C\u002Fstrong> – Clean, modern admin interface\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Responsive Design\u003C\u002Fstrong> – Works perfectly on desktop and mobile\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Modal Confirmations\u003C\u002Fstrong> – Safe operations with confirmation dialogs\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Detailed Help\u003C\u002Fstrong> – Comprehensive descriptions and usage instructions\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Professional Styling\u003C\u002Fstrong> – Matches WordPress admin design language\u003C\u002Fli>\n\u003C\u002Ful>\n","Easily export and import WP posts, pages, media, widgets, menus, themes, plugins & settings with their media files- secure, fast, and with real-ti &hellip;",700,4100,3,"2026-04-10T17:32:00.000Z","6.7","7.4",[138,21,139,140,141],"export-media","migration","page-export","post-export","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpost-export-import-with-media\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpost-export-import-with-media.1.4.1.zip",{"slug":145,"name":146,"version":147,"author":148,"author_profile":149,"description":150,"short_description":151,"active_installs":152,"downloaded":153,"rating":29,"num_ratings":29,"last_updated":154,"tested_up_to":155,"requires_at_least":156,"requires_php":97,"tags":157,"homepage":160,"download_link":161,"security_score":56,"vuln_count":29,"unpatched_count":29,"last_vuln_date":39,"fetched_at":31},"awsom-pixgallery","AWSOM Pixgallery","4.8.0","harknell","https:\u002F\u002Fprofiles.wordpress.org\u002Fharknell\u002F","\u003Cp>AWSOM Pixgallery is an Image Gallery\u002FArchive plugin designed to make it easier for Artists or Webcomic creators to set up a portfolio of their artwork. It features Automatic Watermarking, captioning using the Visual Editor or HTML, sorting, auto-thumbnailing, Comicpress theme support, per image\u002Fgallery commenting and more. It is a WordPress native Plugin and does not require any config or file changes or outside tool integration to work; just activate the plugin and add a line of text to any post or page and your Gallery of Images will appear. All options are handled through the regular WordPress Admin interface. More features are in development now such as tagging, extensive theme control through Admin interface, and more.\u003Cbr \u002F>\nPart of the www.AWSOM.org series of WordPress Plugins developed by Harknell\u003C\u002Fp>\n\u003Ch3>Upgrading From Previous Version\u003C\u002Fh3>\n\u003Cp>To upgrade from a previous version to the 4.8.X version:\u003C\u002Fp>\n\u003Cp>1) Go to the Admin Plugins menu and deactivate the previous version of AWSOM Pixgallery.\u003C\u002Fp>\n\u003Cp>2) Delete the pixgallery folder from your wp-content\u002Fplugins folder\u003C\u002Fp>\n\u003Cp>3) copy the new awsom-pixgallery plugin folder to the wp-content\u002Fplugins folder (please note the folder name now MUST be awsom-pixgallery)\u003C\u002Fp>\n\u003Cp>4) go to the Admin Plugins menu and activate the 4.8.X version.\u003C\u002Fp>\n\u003Cp>5) Upgrade is complete.\u003C\u002Fp>\n\u003Cp>6) Optional steps: There is a new option in the Pixgallery options area to create the default cache folder used by the new version of the plugin.\u003Cbr \u002F>\nIt is not a requirement to switch to the new default cache folder if your previous one was working fine, it’s just an option.\u003Cbr \u002F>\nFor anyone having issues with their cache folder it is suggested to click the “Create Default Cache” button, which should eliminate\u003Cbr \u002F>\nyour issue. The cache folder field will then automatically update to reflect that you are using the default cache folder. You may delete the old cache folder you\u003Cbr \u002F>\nwere originally using.\u003C\u002Fp>\n\u003Cp>7) AWSOM Pixgallery now also has the ability to create a default gallery folder in your uploads folder. You can create this folder by going to the Appearance Galleries admin\u003Cbr \u002F>\nmenu and clicking the create default gallery button.\u003C\u002Fp>\n","AWSOM Pixgallery is an Image Gallery\u002FArchive plugin for Wordpress designed to make it easier for Artists or Webcomic creators to set up a portfolio of &hellip;",20,31587,"2022-09-19T20:20:00.000Z","6.0.11","2.0.5",[20,158,159,22,23],"gallery","images","http:\u002F\u002Fwww.awsom.org","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fawsom-pixgallery.zip",{"attackSurface":163,"codeSignals":182,"taintFlows":201,"riskAssessment":202,"analyzedAt":212},{"hooks":164,"ajaxHandlers":178,"restRoutes":179,"shortcodes":180,"cronEvents":181,"entryPointCount":29,"unprotectedCount":29},[165,170,173],{"type":166,"name":167,"callback":167,"file":168,"line":169},"action","admin_init","class.add-from-server.php",17,{"type":166,"name":171,"callback":171,"file":168,"line":172},"admin_menu",18,{"type":166,"name":174,"callback":175,"file":176,"line":177},"pre_current_active_plugins","closure","old-versions.php",33,[],[],[],[],{"dangerousFunctions":183,"sqlUsage":184,"outputEscaping":186,"fileOperations":28,"externalRequests":29,"nonceChecks":28,"capabilityChecks":199,"bundledLibraries":200},[],{"prepared":29,"raw":29,"locations":185},[],{"escaped":187,"rawEcho":188,"locations":189},14,4,[190,193,195,197],{"file":168,"line":191,"context":192},59,"raw output",{"file":168,"line":194,"context":192},145,{"file":168,"line":196,"context":192},147,{"file":168,"line":198,"context":192},594,5,[],[],{"summary":203,"deductions":204},"The 'add-from-server' plugin v3.4.5 demonstrates a generally good security posture concerning its current code. The static analysis reveals a promising lack of identified dangerous functions, all SQL queries utilize prepared statements, and there are no external HTTP requests. The presence of nonce and capability checks, along with proper output escaping for a majority of outputs, indicates an effort towards secure coding practices. The attack surface is reported as zero, which, if accurate, is a significant positive, meaning there are no directly exposed entry points like AJAX handlers, REST API routes, or shortcodes that could be immediately exploited.\n\nHowever, a critical concern arises from its vulnerability history. The plugin has one known CVE, which was a high-severity Cross-Site Request Forgery (CSRF) vulnerability. While this CVE is reported as patched (0 currently unpatched), the existence of a past high-severity vulnerability, especially of the CSRF type, suggests that the plugin's codebase might have had inherent weaknesses that could reappear or be a target for future attacks. The lack of taint analysis data is also a gap, as it limits the insight into potential data flow vulnerabilities that might not be caught by static function analysis alone.\n\nIn conclusion, the current version of 'add-from-server' appears to have addressed immediate code-level threats effectively, with a minimal attack surface and good coding practices in place. The primary weakness stems from its past high-severity CSRF vulnerability, which warrants caution and continuous monitoring. While the current code seems clean, the historical context suggests a potential for issues to arise if development practices lapse or if new attack vectors are discovered.",[205,208,210],{"reason":206,"points":207},"Known high severity CVE",15,{"reason":209,"points":199},"Limited taint analysis data",{"reason":211,"points":188},"Some output not properly escaped","2026-03-16T17:14:45.308Z",{"wat":214,"direct":223},{"assetPaths":215,"generatorPatterns":218,"scriptPaths":219,"versionParams":220},[216,217],"\u002Fwp-content\u002Fplugins\u002Fadd-from-server\u002Fadd-from-server.js","\u002Fwp-content\u002Fplugins\u002Fadd-from-server\u002Fadd-from-server.css",[],[216],[221,222],"add-from-server.js?ver=","add-from-server.css?ver=",{"cssClasses":224,"htmlComments":226,"htmlAttributes":227,"restEndpoints":229,"jsGlobals":230,"shortcodeOutput":232},[225],"wrap",[],[228],"data-capability=\"upload_files\"",[],[231],"add_from_server_data",[],{"error":234,"url":235,"statusCode":236,"statusMessage":237,"message":237},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fadd-from-server\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":239,"versions":240},9,[241,246,253,260,267,274,281,288,294],{"version":6,"download_url":26,"svn_tag_url":242,"released_at":39,"has_diff":51,"diff_files_changed":243,"diff_lines":39,"trac_diff_url":244,"vulnerabilities":245,"is_current":234},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fadd-from-server\u002Ftags\u002F3.4.5\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fadd-from-server%2Ftags%2F3.4.4&new_path=%2Fadd-from-server%2Ftags%2F3.4.5",[],{"version":247,"download_url":248,"svn_tag_url":249,"released_at":39,"has_diff":51,"diff_files_changed":250,"diff_lines":39,"trac_diff_url":251,"vulnerabilities":252,"is_current":51},"3.4.4","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadd-from-server.3.4.4.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fadd-from-server\u002Ftags\u002F3.4.4\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fadd-from-server%2Ftags%2F3.4.3&new_path=%2Fadd-from-server%2Ftags%2F3.4.4",[],{"version":254,"download_url":255,"svn_tag_url":256,"released_at":39,"has_diff":51,"diff_files_changed":257,"diff_lines":39,"trac_diff_url":258,"vulnerabilities":259,"is_current":51},"3.4.3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadd-from-server.3.4.3.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fadd-from-server\u002Ftags\u002F3.4.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fadd-from-server%2Ftags%2F3.4.2&new_path=%2Fadd-from-server%2Ftags%2F3.4.3",[],{"version":261,"download_url":262,"svn_tag_url":263,"released_at":39,"has_diff":51,"diff_files_changed":264,"diff_lines":39,"trac_diff_url":265,"vulnerabilities":266,"is_current":51},"3.4.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadd-from-server.3.4.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fadd-from-server\u002Ftags\u002F3.4.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fadd-from-server%2Ftags%2F3.4.1&new_path=%2Fadd-from-server%2Ftags%2F3.4.2",[],{"version":268,"download_url":269,"svn_tag_url":270,"released_at":39,"has_diff":51,"diff_files_changed":271,"diff_lines":39,"trac_diff_url":272,"vulnerabilities":273,"is_current":51},"3.4.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadd-from-server.3.4.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fadd-from-server\u002Ftags\u002F3.4.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fadd-from-server%2Ftags%2F3.4&new_path=%2Fadd-from-server%2Ftags%2F3.4.1",[],{"version":275,"download_url":276,"svn_tag_url":277,"released_at":39,"has_diff":51,"diff_files_changed":278,"diff_lines":39,"trac_diff_url":279,"vulnerabilities":280,"is_current":51},"3.4","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadd-from-server.3.4.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fadd-from-server\u002Ftags\u002F3.4\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fadd-from-server%2Ftags%2F3.3.3&new_path=%2Fadd-from-server%2Ftags%2F3.4",[],{"version":282,"download_url":283,"svn_tag_url":284,"released_at":39,"has_diff":51,"diff_files_changed":285,"diff_lines":39,"trac_diff_url":286,"vulnerabilities":287,"is_current":51},"3.3.3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadd-from-server.3.3.3.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fadd-from-server\u002Ftags\u002F3.3.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fadd-from-server%2Ftags%2F3.3.2&new_path=%2Fadd-from-server%2Ftags%2F3.3.3",[],{"version":41,"download_url":289,"svn_tag_url":290,"released_at":39,"has_diff":51,"diff_files_changed":291,"diff_lines":39,"trac_diff_url":292,"vulnerabilities":293,"is_current":51},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadd-from-server.3.3.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fadd-from-server\u002Ftags\u002F3.3.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fadd-from-server%2Ftags%2F3.3.1&new_path=%2Fadd-from-server%2Ftags%2F3.3.2",[],{"version":295,"download_url":296,"svn_tag_url":297,"released_at":39,"has_diff":51,"diff_files_changed":298,"diff_lines":39,"trac_diff_url":39,"vulnerabilities":299,"is_current":51},"3.3.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadd-from-server.3.3.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fadd-from-server\u002Ftags\u002F3.3.1\u002F",[],[300],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41}]