[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fnE7zf_jcXwV2yKKDQZvSW0A71BKs5xXpLaMM_iXP_eg":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":37,"analysis":140,"fingerprints":365},"akwpuploader-alternative-wordpress-image-uploader","Alternative WordPress Image Uploader Using Flickr","1.1.0","Amit Kumar Singh","https:\u002F\u002Fprofiles.wordpress.org\u002Fthecancerus\u002F","\u003Cp>This plugin was created to for those people who are unsatisfied with image resizing capabilites of wordpress uploader.\u003Cbr \u002F>\nIt uses services from flickr. You can upload your images to flickr.com and then make your photos public. You can play with your pictures using services provided by flickr and then using this plugin you can easily attach them to your blog post.\u003C\u002Fp>\n\u003Cp>This release aadded the option for choosing tags or sets to fetch the images. Also fixed the issue where enabling this plugin, interfered with wordpress 2.5’s jquery.\u003Cbr \u002F>\nyou can get more information at \u003Ca href=\"http:\u002F\u002Famiworks.co.in\u002Ftalk\u002Fakwpupoader-alternative-wordpress-image-uploader\u002F\" title=\" Alternative WordPress Image Uploader using Flickr\" rel=\"nofollow ugc\">akWpUploader article\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>After you check out this plugin, please provide some rating and leave comments for improving it.\u003C\u002Fp>\n\u003Cp>PLEASE NOTE ! This plugin is still in development and may contain few bugs, please report any bug that you find !,\u003C\u002Fp>\n","This plugin was created for those people who are unsatisfied with image resizing capabilites of wordpress uploader. It uses services from flickr.",10,6612,0,"2009-08-25T08:41:00.000Z","2.8","2.5","",[19,20,21,22,23],"admin","flickr","gallery","image-uploader","post","http:\u002F\u002Famiworks.co.in\u002Ftalk\u002Fakwpupoader-alternative-wordpress-image-uploader\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fakwpuploader-alternative-wordpress-image-uploader.1.1.0.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":26,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"thecancerus",2,20,30,84,"2026-04-04T14:22:16.318Z",[38,56,87,101,117],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":33,"downloaded":46,"rating":13,"num_ratings":13,"last_updated":17,"tested_up_to":47,"requires_at_least":48,"requires_php":17,"tags":49,"homepage":52,"download_link":53,"security_score":54,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":55},"awsom-pixgallery","AWSOM Pixgallery","4.8.0","harknell","https:\u002F\u002Fprofiles.wordpress.org\u002Fharknell\u002F","\u003Cp>AWSOM Pixgallery is an Image Gallery\u002FArchive plugin designed to make it easier for Artists or Webcomic creators to set up a portfolio of their artwork. It features Automatic Watermarking, captioning using the Visual Editor or HTML, sorting, auto-thumbnailing, Comicpress theme support, per image\u002Fgallery commenting and more. It is a WordPress native Plugin and does not require any config or file changes or outside tool integration to work; just activate the plugin and add a line of text to any post or page and your Gallery of Images will appear. All options are handled through the regular WordPress Admin interface. More features are in development now such as tagging, extensive theme control through Admin interface, and more.\u003Cbr \u002F>\nPart of the www.AWSOM.org series of WordPress Plugins developed by Harknell\u003C\u002Fp>\n\u003Ch3>Upgrading From Previous Version\u003C\u002Fh3>\n\u003Cp>To upgrade from a previous version to the 4.8.X version:\u003C\u002Fp>\n\u003Cp>1) Go to the Admin Plugins menu and deactivate the previous version of AWSOM Pixgallery.\u003C\u002Fp>\n\u003Cp>2) Delete the pixgallery folder from your wp-content\u002Fplugins folder\u003C\u002Fp>\n\u003Cp>3) copy the new awsom-pixgallery plugin folder to the wp-content\u002Fplugins folder (please note the folder name now MUST be awsom-pixgallery)\u003C\u002Fp>\n\u003Cp>4) go to the Admin Plugins menu and activate the 4.8.X version.\u003C\u002Fp>\n\u003Cp>5) Upgrade is complete.\u003C\u002Fp>\n\u003Cp>6) Optional steps: There is a new option in the Pixgallery options area to create the default cache folder used by the new version of the plugin.\u003Cbr \u002F>\nIt is not a requirement to switch to the new default cache folder if your previous one was working fine, it’s just an option.\u003Cbr \u002F>\nFor anyone having issues with their cache folder it is suggested to click the “Create Default Cache” button, which should eliminate\u003Cbr \u002F>\nyour issue. The cache folder field will then automatically update to reflect that you are using the default cache folder. You may delete the old cache folder you\u003Cbr \u002F>\nwere originally using.\u003C\u002Fp>\n\u003Cp>7) AWSOM Pixgallery now also has the ability to create a default gallery folder in your uploads folder. You can create this folder by going to the Appearance Galleries admin\u003Cbr \u002F>\nmenu and clicking the create default gallery button.\u003C\u002Fp>\n","AWSOM Pixgallery is an Image Gallery\u002FArchive plugin for Wordpress designed to make it easier for Artists or Webcomic creators to set up a portfolio of …",31520,"6.0.11","2.0.5",[19,21,50,51,23],"images","media","http:\u002F\u002Fwww.awsom.org","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fawsom-pixgallery.zip",100,"2026-03-15T10:48:56.248Z",{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":17,"short_description":62,"active_installs":33,"downloaded":63,"rating":13,"num_ratings":13,"last_updated":64,"tested_up_to":65,"requires_at_least":66,"requires_php":17,"tags":67,"homepage":17,"download_link":86,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"real-postimages","real.PostImages","1.3","real.master","https:\u002F\u002Fprofiles.wordpress.org\u002Frealmaster-1\u002F","Дополнительное поле записей (постов) для изображений. | English read below",2054,"2016-05-15T14:51:00.000Z","4.5.33","4.1.1",[19,68,69,70,71,72,73,74,75,76,77,21,78,50,51,79,23,80,81,82,57,83,84,85],"%d0%b0%d0%b4%d0%bc%d0%b8%d0%bd","%d0%b3%d0%b0%d0%bb%d0%b5%d1%80%d0%b5%d1%8f","%d0%b7%d0%b0%d0%bf%d0%b8%d1%81%d1%8c","%d0%b8%d0%b7%d0%be%d0%b1%d1%80%d0%b0%d0%b6%d0%b5%d0%bd%d0%b8%d1%8f","%d0%ba%d0%b0%d1%80%d1%82%d0%b8%d0%bd%d0%ba%d0%b0","%d0%ba%d0%b0%d1%80%d1%82%d0%b8%d0%bd%d0%ba%d0%b8","%d0%bc%d0%b5%d0%b4%d0%b8%d0%b0","%d0%bc%d0%b8%d0%bd%d0%b8%d0%b0%d1%82%d1%8e%d1%80%d0%b0","%d0%bc%d0%b8%d0%bd%d0%b8%d0%b0%d1%82%d1%8e%d1%80%d1%8b","%d0%bf%d0%be%d1%81%d1%82","image","%d1%80%d0%b5%d0%b0%d0%bb%d0%b8%d1%81%d1%82","post-images","postimages","real","thumb","thumbnail","thumbnails","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Freal-postimages.zip",{"slug":88,"name":89,"version":6,"author":90,"author_profile":91,"description":92,"short_description":93,"active_installs":11,"downloaded":94,"rating":13,"num_ratings":13,"last_updated":95,"tested_up_to":96,"requires_at_least":15,"requires_php":17,"tags":97,"homepage":99,"download_link":100,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"wpflickr","WPFlickr","Carey Zhou","https:\u002F\u002Fprofiles.wordpress.org\u002Frunsheng2005\u002F","\u003Cp>Handles uploading, modifying images on Flickr, and insertion into posts.\u003C\u002Fp>\n\u003Cp>上传和编辑 Flickr 账户中的图片，并且在博文中插入Flickr账户中的图片，利用Flickr做图床。\u003C\u002Fp>\n\u003Cp>Inserting images into posts could never have been easier. Simply click on an image from the added \u003Cem>‘Flickr Manager’\u003C\u002Fem> panel on the edit page and it will automatically be inserted into your post.\u003C\u002Fp>\n\u003Cp>本插件由 “WordPress Flickr Manager” 更新而来.\u003C\u002Fp>\n","Handles uploading, modifying images on Flickr, and insertion into posts.",2877,"2012-05-30T03:40:00.000Z","3.3.2",[19,98,20,50,23],"ajax","http:\u002F\u002Fblog.zhourunsheng.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpflickr.zip",{"slug":102,"name":103,"version":104,"author":105,"author_profile":106,"description":107,"short_description":108,"active_installs":13,"downloaded":109,"rating":13,"num_ratings":13,"last_updated":110,"tested_up_to":111,"requires_at_least":112,"requires_php":17,"tags":113,"homepage":115,"download_link":116,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"gallery-view","Gallery View","1.2","Greg Ross","https:\u002F\u002Fprofiles.wordpress.org\u002Fgregross\u002F","\u003Cp>If your blog is primarily visually based?  Do you have featured images on all of your posts?  Is the default posts view less than intuitive for you?\u003C\u002Fp>\n\u003Cp>Perhaps Gallery View might be able to help.\u003C\u002Fp>\n\u003Cp>Gallery view adds a new view of your posts in a grid layout like a photographic contact sheet, letting you see your posts in a whole new way.\u003C\u002Fp>\n","View posts in a gallery layout in the admin.",966,"2023-12-03T02:47:00.000Z","6.4.8","4.6",[19,21,114],"posts","https:\u002F\u002Ftoolstack.com\u002Fgallery-view","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgallery-view.1.2.zip",{"slug":118,"name":119,"version":120,"author":121,"author_profile":122,"description":123,"short_description":124,"active_installs":125,"downloaded":126,"rating":127,"num_ratings":128,"last_updated":129,"tested_up_to":130,"requires_at_least":131,"requires_php":132,"tags":133,"homepage":136,"download_link":137,"security_score":35,"vuln_count":138,"unpatched_count":13,"last_vuln_date":139,"fetched_at":28},"add-from-server","Add From Server","3.4.5","Dion Hulse","https:\u002F\u002Fprofiles.wordpress.org\u002Fdd32\u002F","\u003Cp>This plugin offers limited support. Please do not expect new features or too many bugfixes. Features may be removed at any time.\u003C\u002Fp>\n\u003Cp>Add From Server is designed to help ease the pain of bad web hosts, allowing you to upload files via FTP or SSH and later import them into WordPress.\u003C\u002Fp>\n\u003Cp>This plugin is NOT designed to..\u003Cbr \u002F>\n * Be used as a replacement for the file uploader\u003Cbr \u002F>\n * Be used for migration of websites\u003Cbr \u002F>\n * Re-import your files after moving webhosting\u003Cbr \u002F>\n * Batch import media\u003C\u002Fp>\n\u003Cp>This plugins IS designed to..\u003Cbr \u002F>\n * Import files which are larger than your hosting allows to be uploaded.\u003Cbr \u002F>\n * Import files which are too large for your internet connections upload speed.\u003C\u002Fp>\n\u003Cp>WordPress does a better job of file uploads than this plugin, so please consider your needs before you use it.\u003C\u002Fp>\n\u003Cp>You may also want to look at using WP-CLI for media import purposes:\u003Cbr \u002F>\nhttps:\u002F\u002Fdeveloper.wordpress.org\u002Fcli\u002Fcommands\u002Fmedia\u002Fimport\u002F\u003C\u002Fp>\n","Add From Server is designed to help ease the pain of bad web hosts, allowing you to upload files via FTP or SSH and later import them into WordPress.",70000,1319395,92,239,"2020-12-11T07:32:00.000Z","5.5.18","5.4","7.0",[19,134,51,23,135],"import","uploads","https:\u002F\u002Fdd32.id.au\u002Fwordpress-plugins\u002Fadd-from-server\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadd-from-server.3.4.5.zip",1,"2016-08-08 00:00:00",{"attackSurface":141,"codeSignals":165,"taintFlows":254,"riskAssessment":344,"analyzedAt":364},{"hooks":142,"ajaxHandlers":156,"restRoutes":162,"shortcodes":163,"cronEvents":164,"entryPointCount":138,"unprotectedCount":138},[143,149,152],{"type":144,"name":145,"callback":146,"file":147,"line":148},"action","edit_form_advanced","initTheForm","akWpUploader.php",12,{"type":144,"name":150,"callback":146,"file":147,"line":151},"edit_page_form",13,{"type":144,"name":153,"callback":154,"file":147,"line":155},"admin_head","loadJquery",15,[157],{"action":158,"nopriv":159,"callback":160,"hasNonce":159,"hasCapCheck":159,"file":147,"line":161},"akwpuploader_attach",false,"createAttachment",14,[],[],[],{"dangerousFunctions":166,"sqlUsage":180,"outputEscaping":218,"fileOperations":248,"externalRequests":13,"nonceChecks":13,"capabilityChecks":138,"bundledLibraries":249},[167,172,177],{"fn":168,"file":169,"line":170,"context":171},"create_function","phpFlickr\\PEAR\\HTTP\\Request.php",939,"create_function('$a', 'return $a[0] . \\'=\\' . $a[1];'),",{"fn":173,"file":174,"line":175,"context":176},"unserialize","phpFlickr\\phpFlickr.php",238,"$this->parsed_response = $this->clean_text_nodes(unserialize($this->response));",{"fn":173,"file":174,"line":178,"context":179},328,"return unserialize(file_get_contents('http:\u002F\u002Fphpflickr.com\u002Fgeodata\u002F?format=php&lat=' . $lat . '&lon=",{"prepared":33,"raw":181,"locations":182},16,[183,186,188,191,193,195,197,199,201,203,205,207,209,212,214,216],{"file":147,"line":184,"context":185},81,"$wpdb->query() with variable interpolation",{"file":147,"line":187,"context":185},82,{"file":189,"line":190,"context":185},"phpFlickr\\PEAR\\DB\\mysql.php",587,{"file":189,"line":192,"context":185},609,{"file":189,"line":194,"context":185},666,{"file":189,"line":196,"context":185},673,{"file":189,"line":198,"context":185},678,{"file":189,"line":200,"context":185},696,{"file":189,"line":202,"context":185},734,{"file":204,"line":198,"context":185},"phpFlickr\\PEAR\\DB\\pgsql.php",{"file":204,"line":206,"context":185},717,{"file":204,"line":208,"context":185},736,{"file":210,"line":211,"context":185},"phpFlickr\\PEAR\\DB\\storage.php",209,{"file":174,"line":213,"context":185},116,{"file":174,"line":215,"context":185},125,{"file":174,"line":217,"context":185},126,{"escaped":138,"rawEcho":148,"locations":219},[220,223,225,226,229,231,233,236,239,242,244,246],{"file":147,"line":221,"context":222},26,"raw output",{"file":147,"line":224,"context":222},44,{"file":147,"line":26,"context":222},{"file":227,"line":228,"context":222},"phpFlickr\\getToken.php",17,{"file":210,"line":230,"context":222},278,{"file":210,"line":232,"context":222},279,{"file":234,"line":235,"context":222},"phpFlickr\\PEAR\\HTTP\\Request\\Listener.php",99,{"file":237,"line":238,"context":222},"phpFlickr\\PEAR\\PEAR.php",174,{"file":240,"line":241,"context":222},"upload.php",69,{"file":240,"line":243,"context":222},90,{"file":240,"line":245,"context":222},111,{"file":240,"line":247,"context":222},128,19,[250],{"name":251,"version":252,"knownCves":253},"jQuery","1.2.3",[],[255,273,281,293,302,321,331],{"entryPoint":256,"graph":257,"unsanitizedCount":32,"severity":272},"auth (phpFlickr\\phpFlickr.php:541)",{"nodes":258,"edges":270},[259,264],{"id":260,"type":261,"label":262,"file":174,"line":263},"n0","source","$_SERVER (x2)",549,{"id":265,"type":266,"label":267,"file":174,"line":268,"wp_function":269},"n1","sink","header() [Header Injection]",553,"header",[271],{"from":260,"to":265,"sanitized":159},"medium",{"entryPoint":274,"graph":275,"unsanitizedCount":32,"severity":272},"\u003CphpFlickr> (phpFlickr\\phpFlickr.php:0)",{"nodes":276,"edges":279},[277,278],{"id":260,"type":261,"label":262,"file":174,"line":263},{"id":265,"type":266,"label":267,"file":174,"line":268,"wp_function":269},[280],{"from":260,"to":265,"sanitized":159},{"entryPoint":282,"graph":283,"unsanitizedCount":138,"severity":272},"getUserImages (upload.php:33)",{"nodes":284,"edges":291},[285,288],{"id":260,"type":261,"label":286,"file":240,"line":287},"$_POST",39,{"id":265,"type":266,"label":289,"file":240,"line":241,"wp_function":290},"echo() [XSS]","echo",[292],{"from":260,"to":265,"sanitized":159},{"entryPoint":294,"graph":295,"unsanitizedCount":138,"severity":272},"getMetaData (upload.php:115)",{"nodes":296,"edges":300},[297,299],{"id":260,"type":261,"label":286,"file":240,"line":298},119,{"id":265,"type":266,"label":289,"file":240,"line":247,"wp_function":290},[301],{"from":260,"to":265,"sanitized":159},{"entryPoint":303,"graph":304,"unsanitizedCount":13,"severity":320},"\u003CakWpUploader> (akWpUploader.php:0)",{"nodes":305,"edges":316},[306,308,311,314],{"id":260,"type":261,"label":307,"file":147,"line":184},"$_POST['iurl'] (x2)",{"id":265,"type":266,"label":309,"file":147,"line":184,"wp_function":310},"query() [SQLi]","query",{"id":312,"type":261,"label":286,"file":147,"line":313},"n2",71,{"id":315,"type":266,"label":289,"file":147,"line":26,"wp_function":290},"n3",[317,319],{"from":260,"to":265,"sanitized":318},true,{"from":312,"to":315,"sanitized":318},"low",{"entryPoint":322,"graph":323,"unsanitizedCount":330,"severity":320},"\u003Cupload> (upload.php:0)",{"nodes":324,"edges":328},[325,327],{"id":260,"type":261,"label":326,"file":240,"line":287},"$_POST (x4)",{"id":265,"type":266,"label":289,"file":240,"line":241,"wp_function":290},[329],{"from":260,"to":265,"sanitized":159},4,{"entryPoint":332,"graph":333,"unsanitizedCount":342,"severity":343},"createAttachment (akWpUploader.php:62)",{"nodes":334,"edges":339},[335,336,337,338],{"id":260,"type":261,"label":307,"file":147,"line":184},{"id":265,"type":266,"label":309,"file":147,"line":184,"wp_function":310},{"id":312,"type":261,"label":286,"file":147,"line":313},{"id":315,"type":266,"label":289,"file":147,"line":26,"wp_function":290},[340,341],{"from":260,"to":265,"sanitized":159},{"from":312,"to":315,"sanitized":159},3,"high",{"summary":345,"deductions":346},"The \"akwpuploader-alternative-wordpress-image-uploader\" plugin version 1.1.0 presents a significant security risk due to its unprotected AJAX handler.  The presence of an AJAX entry point without any authentication or capability checks is a critical vulnerability, allowing any unauthenticated user to potentially interact with the plugin's backend functions.\n\nFurther concerns are raised by the static analysis, which indicates a lack of robust security practices. Specifically, the use of dangerous functions like `create_function` and `unserialize` opens the door to potential code injection and deserialization vulnerabilities, especially when combined with unsanitized input.  The alarmingly low percentage of properly escaped output (8%) suggests a high likelihood of cross-site scripting (XSS) vulnerabilities.  Additionally, the presence of multiple flows with unsanitized paths in the taint analysis, even without a critical severity flag, points to potential issues with file handling or directory traversal.\n\nWhile the plugin has no recorded historical CVEs, this absence of past vulnerabilities does not negate the substantial risks identified in the current code. The plugin's static analysis and taint analysis reveal fundamental security weaknesses that could be exploited regardless of past history. The bundled outdated jQuery library is also a minor concern. Overall, this plugin exhibits a poor security posture due to critical vulnerabilities in its attack surface and a general lack of security hardening.",[347,349,352,354,356,358,360,362],{"reason":348,"points":11},"Unprotected AJAX handler",{"reason":350,"points":351},"Dangerous function: create_function",5,{"reason":353,"points":351},"Dangerous function: unserialize",{"reason":355,"points":351},"Low output escaping percentage",{"reason":357,"points":11},"Flows with unsanitized paths (High severity taint flow)",{"reason":359,"points":342},"Bundled outdated jQuery v1.2.3",{"reason":361,"points":351},"No nonce checks on AJAX",{"reason":363,"points":351},"Low capability checks coverage","2026-03-17T01:14:10.973Z",{"wat":366,"direct":376},{"assetPaths":367,"generatorPatterns":371,"scriptPaths":372,"versionParams":373},[368,369,370],"\u002Fwp-content\u002Fplugins\u002Fakwpuploader-alternative-wordpress-image-uploader\u002Fjs\u002Fjquery-1.2.3.min.js","\u002Fwp-content\u002Fplugins\u002Fakwpuploader-alternative-wordpress-image-uploader\u002Fjs\u002Fakuploader.js","\u002Fwp-content\u002Fplugins\u002Fakwpuploader-alternative-wordpress-image-uploader\u002Fakloader.gif",[],[369],[374,375],"akwpuploader-alternative-wordpress-image-uploader\u002Fjs\u002Fjquery-1.2.3.min.js?ver=","akwpuploader-alternative-wordpress-image-uploader\u002Fjs\u002Fakuploader.js?ver=",{"cssClasses":377,"htmlComments":384,"htmlAttributes":385,"restEndpoints":397,"jsGlobals":398,"shortcodeOutput":402},[378,379,380,381,382,383],"meta-box-sortables","postbox","handlediv","hndle","inside","dbx-content",[],[386,387,388,389,390,391,392,393,394,395,396],"id=\"flickid\"","id=\"tag_sets\"","id=\"tags_button\"","onclick=\"getTagsAndSets(","id=\"img_button\"","onclick=\"submitForm(","name=\"akmodes\"","value=\"getFlist\"","id=\"akloader\"","id=\"akimglist\"","id=\"akImgOption\"",[],[399,400,401],"akuploader.js","getTagsAndSets","submitForm",[]]