[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$faDX9RssrauWShYM-41_eHKt-XF31xljEy863O8Cy5rE":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":38,"analysis":135,"fingerprints":177},"air-download-attachments","AIR Download Attachments","1.0.1","Dan Zakirov","https:\u002F\u002Fprofiles.wordpress.org\u002Falexodiy\u002F","\u003Cp>The AIR Download Attachments plugin adds a “Download All Attachments” button to posts, allowing users to download all attached images as a zip archive.\u003C\u002Fp>\n\u003Ch3>Features:\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Adds a “Download All Attachments” button to the post content.\u003C\u002Fli>\n\u003Cli>Creates a zip archive containing all attached images.\u003C\u002Fli>\n\u003Cli>Automatically generates a temporary folder for storing the zip archive.\u003C\u002Fli>\n\u003Cli>Provides localized translations for the plugin.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Translations\u003C\u002Fh3>\n\u003Cp>If you wish to help translate this plugin, you are most welcome!\u003Cbr \u002F>\nTo contribute, please visit \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fair-download-attachments\u002F\" rel=\"nofollow ugc\">translate.wordpress.org\u003C\u002Fa>\u003C\u002Fp>\n","The AIR Download Attachments plugin adds a \"Download All Attachments\" button to posts, allowing users to download all attached images as a z …",10,1043,0,"2023-11-26T10:41:00.000Z","6.4.8","4.8","5.6",[19,20,21,22,23],"attachments","download","images","media","zip","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fair-download-attachments\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fair-download-attachments.1.0.1.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":34,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"alexodiy",4,11010,93,30,89,"2026-04-04T14:20:02.698Z",[39,59,74,97,116],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":47,"downloaded":48,"rating":13,"num_ratings":13,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":57,"download_link":58,"security_score":47,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"export-media-as-zip","Export Media as ZIP","1.6","Huzoor Bux","https:\u002F\u002Fprofiles.wordpress.org\u002Fhuzoorbakhsh\u002F","\u003Cp>\u003Cstrong>Export Media as ZIP\u003C\u002Fstrong> is a lightweight plugin that allows administrators to download all images from the WordPress media library as a ZIP file. It’s perfect for quick backups, migrations, or sharing image assets with clients.\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Export JPG, PNG, GIF, JPEG, and WEBP images\u003C\u002Fli>\n\u003Cli>Admin-only access to the export feature\u003C\u002Fli>\n\u003Cli>One-click download\u003C\u002Fli>\n\u003Cli>No configuration needed\u003C\u002Fli>\n\u003Cli>Compatible with all major themes and plugins\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>If you have any questions or need help, please feel free to open an issue on GitHub or contact me at huzoorbux@gmail.com.\u003C\u002Fp>\n","Export your entire WordPress media library as a single downloadable ZIP file. Simple, fast, and admin-only.",100,1016,"2025-12-09T03:34:00.000Z","6.9.4","6.0","7.4",[54,55,56,22,23],"backup","download-images","export","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fexport-media-as-zip.1.5.zip",{"slug":60,"name":61,"version":6,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":11,"downloaded":66,"rating":13,"num_ratings":13,"last_updated":57,"tested_up_to":67,"requires_at_least":68,"requires_php":17,"tags":69,"homepage":71,"download_link":72,"security_score":47,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":73},"wp-attachment-download","WP Attachment Download","Tomas Rybnicky","https:\u002F\u002Fprofiles.wordpress.org\u002Frybnitom\u002F","\u003Cp>If you are adding functionality to your posts using popular Advanced Custom Fields plugin. This plugin is focused on fields of type \\”file\\”. Handful when publishing some posts with attachments whole year and once a year you need to download all attachments to send them to third parties.\u003C\u002Fp>\n\u003Cp>You are prompted to select post type, publish date range and ACF filed group you want to extract attachments from.\u003Cbr \u002F>\nThen if there is something to download you can hit the button and archive file with attachments is prepared to download.\u003C\u002Fp>\n\u003Ch4>Instructions\u003C\u002Fh4>\n\u003Cp>After installing and activating plugin, you will find new section in Tools called Attachments.\u003Cbr \u002F>\nYou can use it for downloading all attachments specified by ACF file fields you want.\u003C\u002Fp>\n\u003Ch4>Prerequisites\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>installed and activated \u003Ca href=\"https:\u002F\u002Fcs.wordpress.org\u002Fplugins\u002Fadvanced-custom-fields\u002F\" rel=\"nofollow ugc\">Advanced Custom Field plugin\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>All you need to do to get you attachments is:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Select required post type\u003C\u002Fli>\n\u003Cli>Select published date range by specifying from and to days\u003C\u002Fli>\n\u003Cli>If there are more ACF field groups that contains file field you can select only one of them\u003C\u002Fli>\n\u003Cli>Check preview information\u003C\u002Fli>\n\u003Cli>Hit Download button if there is something to download\u003C\u002Fli>\n\u003Cli>Archive ZIP file will be downloaded automatically or you can use link in review under Download button\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>GitHub repository\u003C\u002Fh4>\n\u003Cp>You can find this plugin on [GitHub](https:\u002F\u002Fgithub.com\u002Fwetory\u002Fwp-attachment-download \\”Your favorite public repository\\”),\u003Cbr \u002F>\nwhere you can report issues, review code and commits. Please report all possible problems to make it better.\u003C\u002Fp>\n","Plugin adds functionality to download posts attachments build with ACF file fields from administration.",1156,"5.4.19","3.0.1",[19,70,22,23],"downloads","https:\u002F\u002Fwww.wetory.eu\u002Fwordpress\u002Fplugins\u002Fwp-attachments-download\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-attachment-download.1.0.1.zip","2026-03-15T10:48:56.248Z",{"slug":75,"name":76,"version":77,"author":78,"author_profile":79,"description":80,"short_description":81,"active_installs":82,"downloaded":83,"rating":47,"num_ratings":84,"last_updated":85,"tested_up_to":86,"requires_at_least":87,"requires_php":88,"tags":89,"homepage":94,"download_link":95,"security_score":96,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"gl-import-external-images","GL Import External Images","3.1","Asiqur Rahman","https:\u002F\u002Fprofiles.wordpress.org\u002Fimasikur22\u002F","\u003Cp>With the help of this plugin, you can become hassle-free from downloading and re-uploading images from hosted elsewhere to your site.\u003C\u002Fp>\n\u003Cp>The \u003Cstrong>GL Import External Images\u003C\u002Fstrong> plugin for WordPress is designed to facilitate downloading and inserting images directly into your WP Media Library from external URLs, streamlining the process of importing media content. This plugin enhances user efficiency by allowing seamless integration of external images, thereby improving content management workflows. Be a better online citizen: avoid image hot-linking with ease!\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Easily download images from external URLs directly into your WordPress Media Library.\u003C\u002Fli>\n\u003Cli>After successful uploading, you can select or edit (like caption, title, alt, description) the image.\u003C\u002Fli>\n\u003Cli>Full integration with WordPress Media Library – including creation of thumbnail images.\u003C\u002Fli>\n\u003Cli>Simplifies the process of adding external images to your website and saves you time.\u003C\u002Fli>\n\u003Cli>Saves time by automating the image import process.\u003C\u002Fli>\n\u003Cli>Lightweight and code written following WordPress coding standards.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Like this plugin? Please consider \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fgl-import-external-images\u002Freviews\u002F\" rel=\"ugc\">leaving a 5-star review\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Want to suggest any feature? Please consider \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fgl-import-external-images\u002F\" rel=\"ugc\">Create a new topic\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n","Import and insert images to WordPress Media Library from external URLs.",800,7007,6,"2024-11-29T15:51:00.000Z","6.7.5","2.6.0","7.0",[20,90,91,92,93],"external-images","image","import","media-library","https:\u002F\u002Fgreenlifeit.com\u002Fplugins","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgl-import-external-images.3.1.zip",92,{"slug":98,"name":99,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":82,"downloaded":105,"rating":106,"num_ratings":107,"last_updated":108,"tested_up_to":109,"requires_at_least":110,"requires_php":57,"tags":111,"homepage":114,"download_link":115,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"media-vault","Media Vault","0.8.12","Max GJ Panas","https:\u002F\u002Fprofiles.wordpress.org\u002Fmax-gjp\u002F","\u003Ch4>Protected Attachment Files\u003C\u002Fh4>\n\u003Cp>Media Vault cordons off a section of your WordPress uploads folder and secures it, protecting all files within by passing requests for them through a \u003Cem>powerful, flexible and completely customizable\u003C\u002Fem> set of permission checks.\u003C\u002Fp>\n\u003Cp>After activating the plugin, to protect attachment files with Media Vault you can:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>use the \u003Cem>Media Uploader admin page\u003C\u002Fem> to upload new protected attachments,\u003C\u002Fli>\n\u003Cli>use the \u003Cem>Media Vault metabox\u003C\u002Fem> to toggle file protection on the ‘Edit Media’ admin page,\u003C\u002Fli>\n\u003Cli>use the the \u003Cem>Media Vault Protection Settings\u003C\u002Fem> fields in the new Media Modal, or, \u003C\u002Fli>\n\u003Cli>using \u003Cem>bulk actions\u003C\u002Fem> in your Media Library page, you can change file protection on multiple pre-existing attachments at once.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>By default the only permission check that the plugin does on media files is that the user requesting them be logged in. You can change this \u003Cem>default\u003C\u002Fem> behavior from the ‘Media Settings’ page in the ‘Settings’ menu of the WordPress Admin. You can also change the restrictions set on attachments on an individual basis by means of either the Media Vault metabox on the ‘Edit Media’ page or the Media Vault Protection Settings fields in the new Media Modal.\u003C\u002Fp>\n\u003Cp>You can also write your own custom restrictions using the \u003Ccode>mgjp_mv_add_permission()\u003C\u002Fcode> function. See \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Frestrict-only-for-subscribers?replies=5\" rel=\"ugc\">this support question\u003C\u002Fa> for more details.\u003C\u002Fp>\n\u003Ch4>Safe Download Links\u003C\u002Fh4>\n\u003Cp>Creating a cross-browser compatible download link for a file is a harder task than might be expected. Media Vault handles this for you, and it does so while preserving all the file security features discussed earlier like blocking downloads to people who should not have access to the file.\u003C\u002Fp>\n\u003Cp>The download links are available through a simple shortcode that you can use in your post\u002Fpage editor screen:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[mv_dl_links ids=\"1,2,3\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>where ‘ids’ are the comma separated list of attachment ids you would like to make available for download in the list.\u003C\u002Fp>\n\u003Cp>\u003Cem>Note:\u003C\u002Fem> Plugin comes with styles ready for WordPress 3.8+!\u003C\u002Fp>\n\u003Cp>\u003Cem>Note:\u003C\u002Fem>  \u003Cstrong>Now supports WordPress MultiSite!\u003C\u002Fstrong>\u003C\u002Fp>\n","Protect attachment files from direct access using powerful and flexible restrictions. Offer safe download links for any file in your uploads folder.",17132,88,27,"2014-02-18T16:48:00.000Z","3.7.41","3.5.0",[19,70,22,112,113],"protection","security","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmedia-vault\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmedia-vault.0.8.12.zip",{"slug":117,"name":118,"version":119,"author":120,"author_profile":121,"description":122,"short_description":123,"active_installs":47,"downloaded":124,"rating":125,"num_ratings":126,"last_updated":127,"tested_up_to":128,"requires_at_least":129,"requires_php":57,"tags":130,"homepage":133,"download_link":134,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"documents-tab-for-woocommerce","Documents Tab for WooCommerce","1.0","dimitrov.adrian","https:\u002F\u002Fprofiles.wordpress.org\u002Fdimitrovadrian\u002F","\u003Cp>Allow attach various documents and media files to a product as separate tab.\u003C\u002Fp>\n","Allow attach various documents and media files to a product as separate tab.",2265,86,3,"2015-08-21T06:35:00.000Z","4.3.34","3.7",[19,131,70,22,132],"documents","woocommerce","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdocuments-tab-woocommerce\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdocuments-tab-for-woocommerce.zip",{"attackSurface":136,"codeSignals":160,"taintFlows":167,"riskAssessment":168,"analyzedAt":176},{"hooks":137,"ajaxHandlers":156,"restRoutes":157,"shortcodes":158,"cronEvents":159,"entryPointCount":13,"unprotectedCount":13},[138,144,148,152],{"type":139,"name":140,"callback":141,"file":142,"line":143},"action","plugins_loaded","air_load_text_domain","air-download-attachments.php",48,{"type":139,"name":145,"callback":146,"file":142,"line":147},"wp_enqueue_scripts","air_enqueue_styles",62,{"type":149,"name":150,"callback":151,"file":142,"line":34},"filter","the_content","air_add_download_button",{"type":139,"name":153,"callback":154,"file":142,"line":155},"template_redirect","air_handle_attachments_download",144,[],[],[],[],{"dangerousFunctions":161,"sqlUsage":162,"outputEscaping":164,"fileOperations":126,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":166},[],{"prepared":13,"raw":13,"locations":163},[],{"escaped":32,"rawEcho":13,"locations":165},[],[],[],{"summary":169,"deductions":170},"The 'air-download-attachments' plugin v1.0.1 exhibits a strong security posture based on the provided static analysis.  There are no identified entry points like AJAX handlers, REST API routes, shortcodes, or cron events that are exposed to attack. Furthermore, the code signals show no dangerous functions used, all SQL queries are prepared, and all output is properly escaped. The absence of critical or high-severity taint flows and no recorded vulnerability history further bolster this assessment.  The plugin appears to be developed with good security practices in mind.\n\nHowever, a few areas warrant attention. The complete absence of nonce checks and capability checks across the plugin's code, despite having file operations, is a notable concern. While no direct vulnerabilities are evident *in this version*, this lack of authorization and integrity checks could become a problem if new entry points are introduced or if the file operations are leveraged in a sensitive context.  The plugin's strengths lie in its clean code regarding direct vulnerabilities and data handling, but the lack of explicit authorization checks represents a potential weakness that could be exploited in future scenarios or with more complex usage.\n\nIn conclusion, 'air-download-attachments' v1.0.1 currently presents a very low risk. The development team has demonstrated a good understanding of secure coding principles by avoiding common pitfalls like raw SQL and unescaped output. The lack of historical vulnerabilities is also a positive indicator. The primary area for improvement, and the only notable weakness identified, is the absence of nonce and capability checks, which are crucial for preventing unauthorized actions and ensuring data integrity, especially when file operations are involved.",[171,174],{"reason":172,"points":173},"Missing nonce checks",5,{"reason":175,"points":173},"Missing capability checks","2026-03-17T00:11:51.565Z",{"wat":178,"direct":184},{"assetPaths":179,"generatorPatterns":181,"scriptPaths":182,"versionParams":183},[180],"\u002Fwp-content\u002Fplugins\u002Fair-download-attachments\u002Fassets\u002Fcss\u002Fair-download-attachments.css",[],[],[],{"cssClasses":185,"htmlComments":187,"htmlAttributes":188,"restEndpoints":190,"jsGlobals":191,"shortcodeOutput":192},[4,186],"air-download-attachments-button",[],[189],"air_download_attachments",[],[],[193],"\u003Cdiv class=\"air-download-attachments\">\u003Ca href=\""]