[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fxXSBZ1fwmTvqhHJ_tTRtGF8esW5Xga_1dhTM5MtroHQ":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":18,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":47,"crawl_stats":37,"alternatives":51,"analysis":161,"fingerprints":409},"athlon-manage-calameo-publications","Manage Calameo Publications by Athlon","1.1.1","Athlon Production","https:\u002F\u002Fprofiles.wordpress.org\u002Fathlonproduction\u002F","\u003Cp>This plugin allows managing Calameo account(s) through WordPress.\u003Cbr \u002F>\nIt gives users the ability to upload documents to Calameo and update or delete them afterwards.\u003Cbr \u002F>\nOnce a document is uploaded its preview can be easily embedded into blog posts or pages using the custom “Calameo” button in the WYSIWYG text editor.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fwp-calameo\u002F\" rel=\"ugc\">WP Calameo\u003C\u002Fa> plugin must be installed in order to use \u003Ccode>Athlon Manage Calameo Publication\u003C\u002Fcode> plugin’s all features.\u003C\u002Fp>\n\u003Cp>http:\u002F\u002Fwww.athlonproduction.com\u002F\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>we@athlonproduction.com\u003C\u002Fp>\n","This plugin allows managing Calameo account(s) through WordPress.",10,2819,90,2,"2014-01-07T15:12:00.000Z","3.5.2","3.4.2","",[20,21,22,23,24],"calameo","embed-documents","publication","share-document","upload-documents","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fathlon-manage-calameo-publications.zip",85,1,0,"2014-07-07 00:00:00","2026-03-15T15:16:48.613Z",[32],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":6,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":29,"updated_date":43,"references":44,"days_to_patch":46},"WF-cf2f2474-50d6-46da-a97c-731edb514ae5-athlon-manage-calameo-publications","manage-calameo-publications-by-athlon-reflected-cross-site-scripting","Manage Calameo Publications by Athlon \u003C 1.1.1 - Reflected Cross-Site Scripting","The Manage Calameo Publications by Athlon for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘attachment_id’ parameter in versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",null,"\u003C=1.1.0","medium",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-01-22 19:56:02",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fcf2f2474-50d6-46da-a97c-731edb514ae5?source=api-prod",3487,{"slug":48,"display_name":7,"profile_url":8,"plugin_count":27,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":46,"trust_score":49,"computed_at":50},"athlonproduction",69,"2026-04-05T09:29:22.529Z",[52,72,96,121,141],{"slug":53,"name":54,"version":55,"author":20,"author_profile":56,"description":57,"short_description":58,"active_installs":59,"downloaded":60,"rating":61,"num_ratings":62,"last_updated":63,"tested_up_to":64,"requires_at_least":65,"requires_php":18,"tags":66,"homepage":18,"download_link":70,"security_score":26,"vuln_count":27,"unpatched_count":28,"last_vuln_date":71,"fetched_at":30},"wp-calameo","WP Calameo","2.1.8","https:\u002F\u002Fprofiles.wordpress.org\u002Fcalameo\u002F","\u003Cp>This plugin allows to embed Calaméo publications in blog posts. Simply copy the WordPress embed code provided by Calaméo and paste it into your post.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fwww.calameo.com\" rel=\"nofollow ugc\">http:\u002F\u002Fwww.calameo.com\u003C\u002Fa>\u003C\u002Fp>\n","This plugin allows to embed Calaméo publications in blog posts. Copy the WordPress embed code and paste it into your post.",3000,76021,40,4,"2024-03-07T11:05:00.000Z","6.4.8","2.1",[20,67,68,22,69],"document","embed","widget","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-calameo.2.1.8.zip","2024-03-15 00:00:00",{"slug":73,"name":74,"version":75,"author":76,"author_profile":77,"description":78,"short_description":79,"active_installs":80,"downloaded":81,"rating":82,"num_ratings":83,"last_updated":84,"tested_up_to":85,"requires_at_least":86,"requires_php":18,"tags":87,"homepage":92,"download_link":93,"security_score":94,"vuln_count":62,"unpatched_count":28,"last_vuln_date":95,"fetched_at":30},"embed-any-document","Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files","2.7.12","awsm.in","https:\u002F\u002Fprofiles.wordpress.org\u002Fawsmin\u002F","\u003Cp>Embed Any Document WordPress plugin lets you embed your PDF, Word, PowerPoint and Excel documents easily in your WordPress website. The plugin integrates Google Docs Viewer and Microsoft Office Online to display your documents on your website.\u003C\u002Fp>\n\u003Cp>Embed Any Document works just perfectly with Gutenberg as well as the classic editor. Support for more site builders are on its way!  It also lets you add a Download link below your embed optionally.\u003C\u002Fp>\n\u003Ch3>🆕 NEW IN VERSION 2.7.0\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>Embedding documents is now easier than ever in the block editor! The whole new \u003Cstrong>Document block\u003C\u002Fstrong> lets you embed the documents quicker than ever\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>The EAD-Exclusive \u003Cstrong>document pre-loader\u003C\u002Fstrong> helps you with better performance and better User Experince\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fdev.awsm.in\u002Finnovations\u002Fembed-any-document-plugin-demo\u002F\" rel=\"nofollow ugc\">Live Demo\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>📂 Supported file types\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Microsoft Word (\u003Cstrong>DOC\u003C\u002Fstrong>, DOCX, DOCM, DOTM, DOTX)\u003C\u002Fli>\n\u003Cli>Microsoft Excel (\u003Cstrong>XLS\u003C\u002Fstrong>, XLSX, XLSB, XLSM)\u003C\u002Fli>\n\u003Cli>Microsoft PowerPoint (\u003Cstrong>PPT\u003C\u002Fstrong>, PPTX, PPSX, PPS, PPTM, POTM, PPAM, POTX, PPSM)\u003C\u002Fli>\n\u003Cli>Adobe Portable Document Format (\u003Cstrong>PDF\u003C\u002Fstrong>)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>📋 Supported Viewers\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Google Docs Viewer (PDF & Office Documents)\u003C\u002Fli>\n\u003Cli>Microsoft Office Online (Office Documents Only)\u003C\u002Fli>\n\u003Cli>Browser Native (PDF Only)\u003C\u002Fli>\n\u003Cli>[PLUS VERSION] Google Drive Viewer (Stable and high performance viewer for documents hosted with Google Drive)\u003C\u002Fli>\n\u003Cli>[PLUS VERSION] One Drive Viewer (Document viewer for documents hosted in OneDrive)\u003C\u002Fli>\n\u003Cli>[PLUS VERSION] Box.com Viewer (Viewer for all documents hosted in Box.com with advanced security options to disable download button, add password, etc)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🔥 Key Benefits of Embed Any Document WordPress plugin \u003C\u002Fh3>\n\u003Col>\n\u003Cli>\n\u003Cp>\u003Cstrong>Easy to Upload and Embed.\u003C\u002Fstrong> Embed Any Document is integrated seamlessly into the Classic Editor and the Block Editor. With a click of ‘Add Document’ button it lets you upload documents and embed them.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>No 3rd party plugin needed.\u003C\u002Fstrong> The plugin uses Google Docs Viewer and Microsoft Office Online’s services to display the documents in your website. You will not require any additional browser plugins to view the documents and you can expect maximum compatibility for your documents.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Option to choose the viewer.\u003C\u002Fstrong> You can choose between Google Docs Viewer and Microsoft Office Online to display your document. If one service is down, you can switch to another easily. EAD also supports browser-based viewer for PDF files.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Cross-browser compatibility.\u003C\u002Fstrong> The viewers are mobile-ready and cross-browser compatible.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Clean and Minimal UI.\u003C\u002Fstrong> Embed Any Document comes with a clean and clutter-free UI.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>🚀 Embed Any Document PLUS\u003C\u002Fh3>\n\u003Cp>The plugin comes with a premium version which allows you embed documents from Google Drive, Dropbox and Box.com.\u003C\u002Fp>\n\u003Cp>By using \u003Cstrong>\u003Ca href=\"http:\u002F\u002Fembedanydocument.com\u002Fplus-cc\" rel=\"nofollow ugc\"> Embed Any Document PLUS \u003C\u002Fa>\u003C\u002Fstrong> you can make use of the privacy options the cloud services (\u003Cstrong>OneDrive, Google Drive, Dropbox and Box.com\u003C\u002Fstrong>) offering you. You can remove download options, embed larger files, put passwords and even restrict the views.\u003C\u002Fp>\n\u003Ch3>⛔️ Limitations of the plugin\u003C\u002Fh3>\n\u003Cp>Being entirely depending on third-party cloud services (Google Docs Viewer and Microsoft Office Online), Embed Any Document has its own limitations.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>The embedded display \u003Cstrong>does not support video\u002Faudio playback and animations\u002Ftransitions\u003C\u002Fstrong> in the embedded documents\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Your document has to be available online for the embed views to work. The \u003Cstrong>viewers do not support local host, intranet\u003C\u002Fstrong> and files hosted in any password protected environment\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>The \u003Cstrong>viewers can handle files of a limited size only\u003C\u002Fstrong> (Maximum 8MB for Google Docs Viewer and 10MB for Microsoft Office Online)\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>The \u003Cstrong>download and pop-out buttons cannot be removed\u003C\u002Fstrong> – Any feature that comes by default with the viewers cannot be removed or altered\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Please read our \u003Ca href=\"http:\u002F\u002Fawsm.in\u002Fead-plus-documentation\u002F#faqs\" rel=\"nofollow ugc\">FAQs\u003C\u002Fa> for details.\u003C\u002Fp>\n\u003Cp>\u003Cem>This is an \u003Ca href=\"http:\u002F\u002Fawsm.in\" rel=\"nofollow ugc\">AWSM\u003C\u002Fa> Project.\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Disclaimer:\u003C\u002Fstrong> This plugin is not authorized by, endorsed by or sponsored by Google or Microsoft. The plugin is just making use of the cloud services the respective companies provide to preview your documents.\u003C\u002Fp>\n\u003Ch3>Summary\u003C\u002Fh3>\n\u003Cp>Seamlessly embed and display PDF, Word, Excel and PowerPoint documents on your WordPress website.\u003C\u002Fp>\n","Embed PDF, DOC, PPT and XLS documents easily on your WordPress website with the help of Google Docs Viewer or Microsoft Office Online.",50000,1140023,84,92,"2025-12-04T06:56:00.000Z","6.9.4","4.0",[88,21,89,90,91],"document-viewer","embed-ppt","pdf-viewer","word-ppt","http:\u002F\u002Fawsm.in\u002Fembed-any-documents","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fembed-any-document.zip",95,"2025-12-17 13:41:06",{"slug":97,"name":98,"version":99,"author":100,"author_profile":101,"description":102,"short_description":103,"active_installs":104,"downloaded":105,"rating":106,"num_ratings":107,"last_updated":108,"tested_up_to":85,"requires_at_least":109,"requires_php":110,"tags":111,"homepage":117,"download_link":118,"security_score":61,"vuln_count":119,"unpatched_count":27,"last_vuln_date":120,"fetched_at":30},"simple-file-list","Simple File List","6.1.18","Mitchell Bennis","https:\u002F\u002Fprofiles.wordpress.org\u002Feemitch\u002F","\u003Cp>Simple File List is a free plugin that is great for when you need to provide a list of files, either publicly available or private to logged-in users. Place a file list anywhere on your site using a simple shortcode, allowing your front-end users to open, download and optionally edit them. Users can also upload files if you choose.\u003C\u002Fp>\n\u003Cp>Simple File List is also a good alternative for organizations using clumsy FTP or Dropbox for larger files. Simply provide your clients with a link to their file list.\u003C\u002Fp>\n\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Displays a file list, file uploader or both using simple shortcode: [eeSFL]\u003C\u002Fli>\n\u003Cli>Manage your files and the list settings from the Admin List on the back-end.\u003C\u002Fli>\n\u003Cli>Choose from three file list styles: table, tiles or flex.\u003C\u002Fli>\n\u003Cli>Choose from a light or dark theme, or choose no theme and provide the styling of your theme.\u003C\u002Fli>\n\u003Cli>Complete settings for the file list style and display, file upload restrictions, and upload notifications.\u003C\u002Fli>\n\u003Cli>Both the front-end list and file upload form can be shown to users based on their role; Everyone, Only Logged-in User, Only Admins or Nobody (OFF).\u003C\u002Fli>\n\u003Cli>Collect the users name, email and description of the file(s) uploaded. This can optionally be shown in the file list.\u003C\u002Fli>\n\u003Cli>Files can be assigned descriptions, which can be added from the Admin list or user uploads.\u003C\u002Fli>\n\u003Cli>Optionally allow your front-end users full control over renaming, moving, sending, deleting and editing descriptions.\u003C\u002Fli>\n\u003Cli>Includes a number of custom hooks you can tie into for file and list actions:\u003Cbr \u002F>\n** Uploaded, Added, Removed, Deleted, Edited, Listed, Loaded, Scanned\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>This Plugin is Great For:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Posting official documents.\u003C\u002Fli>\n\u003Cli>Sharing files within an organization.\u003C\u002Fli>\n\u003Cli>Sharing files with business clients or a community.\u003C\u002Fli>\n\u003Cli>Enabling distance learning by allowing schools to share class materials with students.\u003C\u002Fli>\n\u003Cli>When you need a list of archived files, such as videos, PDF files, or music files.\u003C\u002Fli>\n\u003Cli>When you need a simple front-side uploader so people can send you files.\u003C\u002Fli>\n\u003Cli>Exchanging files when the sizes get too large for email attachments.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>File List Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Limit access to only Admins or logged-in users, or hide the list and only show the uploader.\u003C\u002Fli>\n\u003Cli>Add and manage your files from the Admin List on the WordPress back-end.\u003C\u002Fli>\n\u003Cli>Show details like file dates, size and a thumbnail for PDFs, images and videos.\u003C\u002Fli>\n\u003Cli>Add descriptions to files and optionally show them in your list.\u003C\u002Fli>\n\u003Cli>Sort file by name, date modified, date added or file size … ascending or descending.\u003C\u002Fli>\n\u003Cli>Files are kept separate from the media library.\u003C\u002Fli>\n\u003Cli>Add the free Media Player extensions for an improved experience with audio and video files.\u003Cbr \u002F>\n** \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fee-simple-file-list-media\u002F\" rel=\"ugc\">Simple File List Media\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>File Uploader Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Simple reliable uploader, works on mobile devices too.\u003C\u002Fli>\n\u003Cli>Drag and drop zone, plus upload progress bar\u003C\u002Fli>\n\u003Cli>Allow uploading to only Admins or logged-in users, or turn it off completely.\u003C\u002Fli>\n\u003Cli>Limit the types of files users can upload.\u003C\u002Fli>\n\u003Cli>Limit number of files uploaded per submission.\u003C\u002Fli>\n\u003Cli>Limit the maximum upload file size.\u003C\u002Fli>\n\u003Cli>Get an email notice each time a file is uploaded.\u003C\u002Fli>\n\u003Cli>Option to gather the uploader’s name, email and file description.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Internationalized\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>cz_CZ – Czech (Czech Republic)\u003C\u002Fli>\n\u003Cli>da_DK – Danish (Denmark)\u003C\u002Fli>\n\u003Cli>de_DE – German (Germany)\u003C\u002Fli>\n\u003Cli>es_ES – Spanish (Spain)\u003C\u002Fli>\n\u003Cli>es_MX – Spanish (Mexico)\u003C\u002Fli>\n\u003Cli>fr_CA – French (Canada)\u003C\u002Fli>\n\u003Cli>fr_FR – French (France)\u003C\u002Fli>\n\u003Cli>fr_BE – French (Belgium)\u003C\u002Fli>\n\u003Cli>it_IT – Italian (Italy)\u003C\u002Fli>\n\u003Cli>nl_NL – Dutch (Netherlands)\u003C\u002Fli>\n\u003Cli>pt_BR – Portuguese (Brazil)\u003C\u002Fli>\n\u003Cli>pt_PT – Portuguese (Portugal)\u003C\u002Fli>\n\u003Cli>sv_SE – Swedish (Sweden)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Plus\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Simple lightweight design, easy to style and customize.\u003C\u002Fli>\n\u003Cli>Committed and responsive support from the developer.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Try the Demo\u003C\u002Fh3>\n\u003Cp>Try out the free demo:\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Ffree.simplefilelist.com\" rel=\"nofollow ugc\">Simple File List Demo\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Upgrade to the PRO Version to Add Sub-Folder Support\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Create unlimited levels of sub-folders.\u003C\u002Fli>\n\u003Cli>Use a shortcode attribute to display specific folders.\u003Cbr \u002F>\n\u003Cstrong>[eeSFL folder=”folderA\u002FfolderB”]\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Display different folders in different places on your site.\u003C\u002Fli>\n\u003Cli>You can even show several different folders on the same page and within widgets.\u003C\u002Fli>\n\u003Cli>Front-side users cannot navigate above the folder you specify.\u003C\u002Fli>\n\u003Cli>Breadcrumb navigation indicates where you are.\u003C\u002Fli>\n\u003Cli>Easily move files and folders as needed.\u003C\u002Fli>\n\u003Cli>Rename folders and add descriptions, which can be shown in the file list.\u003C\u002Fli>\n\u003Cli>Quickly delete any folder, along with all contents.\u003C\u002Fli>\n\u003Cli>Choose to sort folders first or sort along with the files.\u003C\u002Fli>\n\u003Cli>Optionally display folder sizes.\u003C\u002Fli>\n\u003Cli>Optionally define a custom file list directory.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"\u002F\u002Fget.simplefilelist.com\u002F\" rel=\"nofollow ugc\">Get Simple File List Pro\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>PRO Extensions\u003C\u002Fh3>\n\u003Ch3>File Access Manager\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Lock down your files to prevent direct access. Only allow specific users to see the file you want them to.\u003C\u002Fli>\n\u003Cli>Limit file access to only logged-in users. Specify the minimum role or specify a matched role.\u003C\u002Fli>\n\u003Cli>Create a file list for a specific WordPress user or a group of users.\u003C\u002Fli>\n\u003Cli>For each list mode you can separately control permissions for file uploading and front-side file management.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Create Five Types Lists\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Normal Mode\u003C\u002Fstrong>\u003Cbr \u002F>\nDo not restrict access. Files are viewable by anyone who can reach the file list page. Files may also be linked-to from outside of your website.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Limited Mode\u003C\u002Fstrong>\u003Cbr \u002F>\nRestrict file list access to all except WordPress users matching a specified role or with a minimum role or higher.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Group Mode\u003C\u002Fstrong>\u003Cbr \u002F>\nRestrict file list access to a specified group of WordPress users.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>User Mode\u003C\u002Fstrong>\u003Cbr \u002F>\nRestrict file list access to a specific WordPress user.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Restricted Mode\u003C\u002Fstrong>\u003Cbr \u002F>\nRestrict access to all of the files by default. Grant access to specific files to specific users or roles.\u003C\u002Fp>\n\u003Ch3>Search & Pagination\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Adds searching and pagination functionality.\u003C\u002Fli>\n\u003Cli>Designed to make very large file lists more manageable.\u003C\u002Fli>\n\u003Cli>Adds a search bar above the file list.\u003C\u002Fli>\n\u003Cli>Search by file name and\u002For date, if this column is displayed.\u003C\u002Fli>\n\u003Cli>Searches within sub-folders. (But not above the current folder)\u003C\u002Fli>\n\u003Cli>Pagination breaks up large file lists into smaller pages.\u003C\u002Fli>\n\u003Cli>Define the number of files per page in the settings.\u003C\u002Fli>\n\u003Cli>Show or hide the search bar and\u002For pagination in the settings.\u003C\u002Fli>\n\u003Cli>Updating to newer versions is just like other WordPress plugins.\u003C\u002Fli>\n\u003Cli>Shortcode attributes to control search visibility and pagination functionality.\u003Cbr \u002F>\n\u003Cstrong>[eeSFL search=”YES\u002FNO” paged=”YES\u002FNO” filecount=”25″]\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Use a shortcode to place a search form anywhere on your website.\u003Cbr \u002F>\n\u003Cstrong>[eeSFLS permalink=’file-list-url’]\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"\u002F\u002Fsimplefilelist.com\u002F\" rel=\"nofollow ugc\">More Information\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fdemo.simplefilelist.com\u002Fadd-search-and-pagination\u002F\" rel=\"nofollow ugc\">Try the Demo\u003C\u002Fa>\u003C\u002Fp>\n","Simple File List gives your WordPress website a list of your files which allows your users to open and download them.",5000,206457,86,26,"2026-01-29T20:30:00.000Z","5.0","7.4",[112,113,114,115,116],"file-list","file-sharing","ftp-alternative","share-documents","zip-files","http:\u002F\u002Fsimplefilelist.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-file-list.6.1.18.zip",15,"2026-02-09 00:00:00",{"slug":122,"name":123,"version":124,"author":125,"author_profile":126,"description":127,"short_description":128,"active_installs":129,"downloaded":130,"rating":106,"num_ratings":131,"last_updated":132,"tested_up_to":85,"requires_at_least":133,"requires_php":110,"tags":134,"homepage":18,"download_link":139,"security_score":140,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"content-update-scheduler","Content Update Scheduler","4.0.2","Constantin Oesterling","https:\u002F\u002Fprofiles.wordpress.org\u002Finfinitnet\u002F","\u003Cp>WordPress lacks the ability to schedule content updates. Keeping your posts and pages up to date manually can often be a waste of valuable time, especially when you know you’ll need to update the same page again soon.\u003C\u002Fp>\n\u003Ch3>Use Cases\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Promotions:\u003C\u002Fstrong> Automatically publish versions of your pages that contain temporary promotions and schedule content updates that remove these promotions once they expire.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Events:\u003C\u002Fstrong> Schedule content updates for pages that list events. Automatically publish an updated version of the page after an event ends.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>SEO:\u003C\u002Fstrong> Schedule series of content updates to keep your pages and publishing dates current and satisfy the freshness algorithm.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Updates page content and publishing date\u003C\u002Fli>\n\u003Cli>Compatible with any post type\u003C\u002Fli>\n\u003Cli>Compatible with Elementor and Oxygen Builder\u003C\u002Fli>\n\u003Cli>Nested content updates (multiple updates of the same page scheduled in a row)\u003C\u002Fli>\n\u003Cli>Lightweight code\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>Developed by \u003Ca href=\"https:\u002F\u002Finfinitnet.io\u002F\" rel=\"nofollow ugc\">Infinitnet\u003C\u002Fa> and based on the abandoned \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ftao-software\u002Ftao-schedule-update\" rel=\"nofollow ugc\">tao-schedule-update\u003C\u002Fa> plugin. Major contributions by \u003Ca href=\"https:\u002F\u002Fimmediate.co.uk\u002F\" rel=\"nofollow ugc\">Immediate Media\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Github:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Finfinitnet\u002Fcontent-update-scheduler\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002Finfinitnet\u002Fcontent-update-scheduler\u002F\u003C\u002Fa>\u003C\u002Fp>\n","Schedule content updates for any WordPress page or post type.",2000,38242,12,"2025-12-27T19:45:00.000Z","6.0",[22,135,136,137,138],"republish","schedule","scheduling","update","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcontent-update-scheduler.4.0.2.zip",100,{"slug":142,"name":143,"version":144,"author":145,"author_profile":146,"description":147,"short_description":148,"active_installs":129,"downloaded":149,"rating":13,"num_ratings":150,"last_updated":151,"tested_up_to":85,"requires_at_least":152,"requires_php":153,"tags":154,"homepage":159,"download_link":160,"security_score":140,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"organize-series","Issues and Series for Newspapers, Magazines, Publishers, Writers","3.1.0","PublishPress","https:\u002F\u002Fprofiles.wordpress.org\u002Fpublishpress\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fpublishpress.com\u002Fseries\" rel=\"nofollow ugc\">PublishPress Series\u003C\u002Fa> is a publishing plugin that allows you to organize posts into issues or series. This is ideal for magazines, newspapers, short-story writers, teachers, comic artists, or anyone who writes multiple posts on the same topic.\u003C\u002Fp>\n\u003Cp>Newspapers, magazines and publishers can use PublishPress Series to create issues based on topics or time periods:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Collect posts into monthly issues for a magazine.\u003C\u002Fli>\n\u003Cli>Group together newspaper articles on the same topic.\u003C\u002Fli>\n\u003Cli>Organize chapters into an overall story.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>When you’re writing a post, you can easily add a post to an existing series, or start a new series. You can also add a new post into the middle of an existing series, and the plugin will adjust the order.\u003C\u002Fp>\n\u003Ch3>PublishPress Series Pro\u003C\u002Fh3>\n\u003Cblockquote>\n\u003Cp>\u003Cstrong>Upgrade to Series Pro\u003C\u002Fstrong>\u003Cbr \u002F>\n  This plugin is the free version of the Series Pro plugin. The Pro version of PublishPress Series supports custom post types, multiple series, extra tokens, shortcodes and more. \u003Ca href=\"https:\u002F\u002Fpublishpress.com\u002Fseries\" title=\"Series Pro\" rel=\"nofollow ugc\">Click here to purchase the best WordPress newspaper and magazine plugin now!\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch3>Easily assign posts to your series\u003C\u002Fh3>\n\u003Cp>When you’re writing a post, you can easily add a post to an existing series, or start a new series. You can also add a new post into the middle of an existing series, and the plugin will adjust the order.\u003C\u002Fp>\n\u003Cp>It’s easy to keep track of what posts have been added to a series. You can also filter the post list by series giving you a quick way to see all the posts you’ve already added to the series.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fpublishpress.com\u002Fknowledge-base\u002Finstallation-series\u002F\" rel=\"nofollow ugc\">Click here to get started with PublishPress Series\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Display options for your Series information\u003C\u002Fh3>\n\u003Cp>Right out-of-the-box, the Series meta box will be automatically added to posts that are a part of a series. You can modify how this meta box appears using the template for it in the Series Options Page. Plus, there are at least four different displays that your visitors may see in PublishPress Series.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fpublishpress.com\u002Fknowledge-base\u002Fdisplays-series\u002F\" rel=\"nofollow ugc\">Click here to see more about displaying Series\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Advanced layouts for PublishPress Series\u003C\u002Fh3>\n\u003Cp>You can easily create beautiful layouts with PublishPress Series. This is possible thanks to an integration with the PublishPress Blocks plugin. Using the Content Display block, you choose your series from the “Show content with these Series” box. You will then have access to dozens of layout options.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fpublishpress.com\u002Fknowledge-base\u002Fblocks-series\u002F\" rel=\"nofollow ugc\">Click here to see more about advanced layouts\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Widgets and Blocks to show your Series information\u003C\u002Fh3>\n\u003Cp>PublishPress Series plugin provides two widgets you can use to display your series: Series Table of Contents, and Latest Series. Both widgets are packed with features and can be dropped into your theme, or into the Gutenberg editor.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fpublishpress.com\u002Fknowledge-base\u002Fseries-widgets\u002F\" rel=\"nofollow ugc\">Click here to see more about Series widgets\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Order, schedule, publish and unpublish posts in your series\u003C\u002Fh3>\n\u003Cp>The Publish Series feature is available in the Free and Pro versions of PublishPress Series. This feature allows you to quickly manage all posts linked to a Series. You can use this screen to re-order, schedule publish, and unpublish all the posts in a Series.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fpublishpress.com\u002Fknowledge-base\u002Fusage-publisher\u002F\" rel=\"nofollow ugc\">Click here to see more about Publish Series screen\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Series Pro: Custom post type support\u003C\u002Fh3>\n\u003Cp>Custom Post Type support is available in the Pro version of PublishPress Series. With this feature, not only can you use PublishPress Series with WordPress posts, plus you can also create series with pages, or any other WordPress Custom Post Type. Your series can even have parts across different post types. That means you could have “Part 1” that is a post, “Part 2” that is a page, and “Part 3” that is another post type.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fpublishpress.com\u002Fknowledge-base\u002Fcustom-post-types\u002F\" rel=\"nofollow ugc\">Click here to see more about custom post types\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Series Pro: Shortcodes\u003C\u002Fh3>\n\u003Cp>PublishPress Series Shortcodes is a feature in the Pro version of PublishPress Series. This provides a set of WordPress shortcodes that allow you insert series information into posts. There are five shortcodes available:\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fpublishpress.com\u002Fknowledge-base\u002Foverview-shortcodes\u002F\" rel=\"nofollow ugc\">Click here to see more about Series shortcodes\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Series Pro: Multiples\u003C\u002Fh3>\n\u003Cp>The Pro version of PublishPress Series allows you to add posts to more than one series. The core plugin only allows posts to be added to one series. The most obvious change you will see after enabling this feature is inside the post editing screen. The “Series” metabox will allow you to choose more than one series.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fpublishpress.com\u002Fknowledge-base\u002Foverview-multiples\u002F\" rel=\"nofollow ugc\">Click here to see more about the Multiples feature\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Series Pro: Extra Tokens\u003C\u002Fh3>\n\u003Cp>token is a specific format for indicating where you want series information to appear. Tokens can be added in any of the PublishPress Series templates available on the Series Options screen. Extra tokens are available in the Pro version of PublishPress Series. This adds new tokens to the “Templates” screen for customizing the various series templates.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fpublishpress.com\u002Fknowledge-base\u002Foverview-tokens\u002F\" rel=\"nofollow ugc\">Click here to see more about the extra tokens\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Join PublishPress and get the Pro plugins\u003C\u002Fh4>\n\u003Cp>The Pro versions of the PublishPress plugins are well worth your investment. The Pro versions have extra features and faster support. \u003Ca href=\"https:\u002F\u002Fpublishpress.com\u002Fpricing\u002F\" rel=\"nofollow ugc\">Click here to join PublishPress\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Join PublishPress and you’ll get access to these ten Pro plugins:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fpublishpress.com\u002Fauthors\" rel=\"nofollow ugc\">PublishPress Authors Pro\u003C\u002Fa> allows you to add multiple authors and guest authors to WordPress posts.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fpublishpress.com\u002Fblocks\" rel=\"nofollow ugc\">PublishPress Blocks Pro\u003C\u002Fa> has everything you need to build professional websites with the WordPress block editor.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fpublishpress.com\u002Fcapabilities\" rel=\"nofollow ugc\">PublishPress Capabilities Pro\u003C\u002Fa> is the plugin to manage your WordPress user roles, permissions, and capabilities.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fpublishpress.com\u002Fchecklists\" rel=\"nofollow ugc\">PublishPress Checklists Pro\u003C\u002Fa> enables you to define tasks that must be completed before content is published.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fpublishpress.com\u002Ffuture\" rel=\"nofollow ugc\">PublishPress Future Pro\u003C\u002Fa> is the plugin for scheduling changes to your posts.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fpublishpress.com\u002Fpermissions\" rel=\"nofollow ugc\">PublishPress Permissions Pro\u003C\u002Fa> is the plugin for advanced WordPress permissions.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fpublishpress.com\u002Fpublishpress\" rel=\"nofollow ugc\">PublishPress Planner Pro\u003C\u002Fa> is the plugin for managing and scheduling WordPress content.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fpublishpress.com\u002Frevisions\" rel=\"nofollow ugc\">PublishPress Revisions Pro\u003C\u002Fa> allows you to update your published pages with teamwork and precision.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fpublishpress.com\u002Fseries\" rel=\"nofollow ugc\">PublishPress Series Pro\u003C\u002Fa> enables you to group content together into a series.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fpublishpress.com\u002Fseries\" rel=\"nofollow ugc\">PublishPress Statuses Pro\u003C\u002Fa> enables you to create additional publishing steps for your posts.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Together, these plugins are a suite of powerful publishing tools for WordPress. If you need to create a professional workflow in WordPress, with moderation, revisions, permissions and more… then you should try PublishPress.\u003C\u002Fp>\n\u003Ch4>Bug Reports\u003C\u002Fh4>\n\u003Cp>Bug reports for PublishPress Series are welcomed in our \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fpublishpress\u002Fpublishpress-series\" rel=\"nofollow ugc\">repository on GitHub\u003C\u002Fa>. Please note that GitHub is not a support forum, and that issues that aren’t properly qualified as bugs will be closed.\u003C\u002Fp>\n\u003Ch4>Follow the PublishPress team\u003C\u002Fh4>\n\u003Cp>Follow PublishPress on \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fpublishpress\" rel=\"nofollow ugc\">Facebook\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fwww.twitter.com\u002Fpublishpresscom\" rel=\"nofollow ugc\">Twitter\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fpublishpress\" rel=\"nofollow ugc\">YouTube\u003C\u002Fa>.\u003C\u002Fp>\n","PublishPress Series is the publishing plugin that allows you to organize posts into issues or series. This is ideal for magazines, newspapers, writers &hellip;",246948,71,"2026-03-09T14:04:00.000Z","5.5","7.2.5",[155,156,157,22,158],"issue","magazine","newspaper","series","https:\u002F\u002Fpublishpress.com\u002Fpublishpress-series\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Forganize-series.3.1.0.zip",{"attackSurface":162,"codeSignals":232,"taintFlows":324,"riskAssessment":389,"analyzedAt":408},{"hooks":163,"ajaxHandlers":212,"restRoutes":228,"shortcodes":229,"cronEvents":230,"entryPointCount":231,"unprotectedCount":231},[164,170,175,180,184,188,193,197,201,204,208],{"type":165,"name":166,"callback":167,"file":168,"line":169},"action","plugins_loaded","update_db_check","athlon-manage-calameo-publications.php",57,{"type":165,"name":171,"callback":172,"file":173,"line":174},"init","ath_add_calameo_button","functions.php",23,{"type":176,"name":177,"callback":178,"file":173,"line":179},"filter","mce_external_plugins","ath_add_calameo_button_tinymce_plugin",357,{"type":176,"name":181,"callback":182,"file":173,"line":183},"mce_buttons","ath_register_calameo_button",358,{"type":165,"name":185,"callback":186,"file":173,"line":187},"admin_footer","ath_wp_calameo_not_installed_warning",390,{"type":176,"name":189,"callback":190,"file":191,"line":192},"manage_media_columns","ath_add_upload_to_calameo_column","post_types\\media.php",9,{"type":165,"name":194,"callback":195,"file":191,"line":196},"manage_media_custom_column","ath_manage_upload_to_calameo_media_column",21,{"type":165,"name":198,"callback":199,"file":191,"line":200},"admin_init","ath_enqueue_js_to_media_library",47,{"type":165,"name":198,"callback":202,"file":191,"line":203},"ath_enqueue_css_to_media_library",64,{"type":165,"name":198,"callback":205,"file":206,"line":207},"ath_calameo_credentials_init","settings\\register-settings.php",11,{"type":165,"name":209,"callback":210,"file":206,"line":211},"admin_menu","ath_calameo_credentials_page",53,[213,217,220,222,225],{"action":214,"nopriv":215,"callback":214,"hasNonce":215,"hasCapCheck":215,"file":173,"line":216},"ath_upload_to_calameo",false,24,{"action":218,"nopriv":215,"callback":218,"hasNonce":215,"hasCapCheck":215,"file":173,"line":219},"ath_update_calameo_publication",25,{"action":221,"nopriv":215,"callback":221,"hasNonce":215,"hasCapCheck":215,"file":173,"line":107},"ath_delete_calameo_publication",{"action":223,"nopriv":215,"callback":223,"hasNonce":215,"hasCapCheck":215,"file":173,"line":224},"ath_get_account_info",27,{"action":226,"nopriv":215,"callback":226,"hasNonce":215,"hasCapCheck":215,"file":173,"line":227},"ath_get_account_subscriptions",28,[],[],[],5,{"dangerousFunctions":233,"sqlUsage":241,"outputEscaping":243,"fileOperations":28,"externalRequests":231,"nonceChecks":28,"capabilityChecks":14,"bundledLibraries":323},[234,238],{"fn":235,"file":236,"line":211,"context":237},"unserialize","thickbox_content.php","$attachment_calameo_options    = unserialize( $attachment_calameo_options );",{"fn":235,"file":236,"line":239,"context":240},79,"$ids = unserialize( get_option('calameo_subscription_ids') );",{"prepared":207,"raw":28,"locations":242},[],{"escaped":14,"rawEcho":244,"locations":245},44,[246,249,251,253,255,257,259,261,263,265,267,269,271,273,275,276,278,280,281,283,284,286,287,289,291,293,294,296,297,299,300,302,303,305,306,308,309,311,312,314,316,318,320,322],{"file":173,"line":247,"context":248},60,"raw output",{"file":173,"line":250,"context":248},111,{"file":173,"line":252,"context":248},118,{"file":173,"line":254,"context":248},148,{"file":173,"line":256,"context":248},152,{"file":173,"line":258,"context":248},187,{"file":173,"line":260,"context":248},191,{"file":173,"line":262,"context":248},225,{"file":173,"line":264,"context":248},229,{"file":191,"line":266,"context":248},34,{"file":191,"line":268,"context":248},35,{"file":191,"line":270,"context":248},39,{"file":206,"line":272,"context":248},216,{"file":236,"line":274,"context":248},83,{"file":236,"line":274,"context":248},{"file":236,"line":277,"context":248},88,{"file":236,"line":279,"context":248},98,{"file":236,"line":279,"context":248},{"file":236,"line":282,"context":248},109,{"file":236,"line":282,"context":248},{"file":236,"line":285,"context":248},119,{"file":236,"line":285,"context":248},{"file":236,"line":288,"context":248},127,{"file":236,"line":290,"context":248},133,{"file":236,"line":292,"context":248},166,{"file":236,"line":292,"context":248},{"file":236,"line":295,"context":248},176,{"file":236,"line":295,"context":248},{"file":236,"line":298,"context":248},186,{"file":236,"line":298,"context":248},{"file":236,"line":301,"context":248},208,{"file":236,"line":301,"context":248},{"file":236,"line":304,"context":248},219,{"file":236,"line":304,"context":248},{"file":236,"line":307,"context":248},230,{"file":236,"line":307,"context":248},{"file":236,"line":310,"context":248},233,{"file":236,"line":310,"context":248},{"file":236,"line":313,"context":248},236,{"file":236,"line":315,"context":248},242,{"file":236,"line":317,"context":248},248,{"file":236,"line":319,"context":248},254,{"file":236,"line":321,"context":248},260,{"file":236,"line":321,"context":248},[],[325,349,358,372],{"entryPoint":326,"graph":327,"unsanitizedCount":14,"severity":39},"ath_get_account_info (functions.php:45)",{"nodes":328,"edges":346},[329,334,340,342],{"id":330,"type":331,"label":332,"file":173,"line":333},"n0","source","$_POST",49,{"id":335,"type":336,"label":337,"file":173,"line":338,"wp_function":339},"n1","sink","wp_remote_get() [SSRF]",54,"wp_remote_get",{"id":341,"type":331,"label":332,"file":173,"line":333},"n2",{"id":343,"type":336,"label":344,"file":173,"line":247,"wp_function":345},"n3","echo() [XSS]","echo",[347,348],{"from":330,"to":335,"sanitized":215},{"from":341,"to":343,"sanitized":215},{"entryPoint":350,"graph":351,"unsanitizedCount":27,"severity":39},"ath_get_account_subscriptions (functions.php:67)",{"nodes":352,"edges":356},[353,355],{"id":330,"type":331,"label":332,"file":173,"line":354},72,{"id":335,"type":336,"label":337,"file":173,"line":106,"wp_function":339},[357],{"from":330,"to":335,"sanitized":215},{"entryPoint":359,"graph":360,"unsanitizedCount":28,"severity":371},"\u003Cfunctions> (functions.php:0)",{"nodes":361,"edges":367},[362,364,365,366],{"id":330,"type":331,"label":363,"file":173,"line":333},"$_POST (x5)",{"id":335,"type":336,"label":337,"file":173,"line":338,"wp_function":339},{"id":341,"type":331,"label":363,"file":173,"line":333},{"id":343,"type":336,"label":344,"file":173,"line":247,"wp_function":345},[368,370],{"from":330,"to":335,"sanitized":369},true,{"from":341,"to":343,"sanitized":369},"low",{"entryPoint":373,"graph":374,"unsanitizedCount":387,"severity":388},"\u003Cthickbox_content> (thickbox_content.php:0)",{"nodes":375,"edges":384},[376,379,381,383],{"id":330,"type":331,"label":377,"file":236,"line":378},"$_GET",13,{"id":335,"type":336,"label":380,"file":236,"line":211,"wp_function":235},"unserialize() [Object Injection]",{"id":341,"type":331,"label":382,"file":236,"line":378},"$_GET (x6)",{"id":343,"type":336,"label":344,"file":236,"line":288,"wp_function":345},[385,386],{"from":330,"to":335,"sanitized":215},{"from":341,"to":343,"sanitized":215},7,"high",{"summary":390,"deductions":391},"The 'athlon-manage-calameo-publications' plugin v1.1.1 exhibits significant security concerns, primarily stemming from its unprotected entry points and a lack of robust input validation and sanitization.\n\nThe static analysis reveals a considerable attack surface with 5 AJAX handlers, all of which lack authentication checks. This means any unauthenticated user can potentially trigger these functions, leading to an increased risk of exploitation. The presence of the 'unserialize' function is also a red flag, as it can be a vector for Remote Code Execution if not handled with extreme care and proper input validation.  Furthermore, the taint analysis indicates that 3 out of 4 analyzed flows have unsanitized paths, with one identified as high severity, suggesting potential vulnerabilities like cross-site scripting or command injection.\n\nThe plugin's vulnerability history, though showing no currently unpatched CVEs, includes a medium severity Cross-site Scripting (XSS) vulnerability from 2014. While this specific vulnerability might be patched or less relevant now, the historical pattern, combined with the current findings of unsanitized taint flows and unprotected AJAX handlers, indicates a recurring weakness in how user-supplied data is handled. The low percentage of properly escaped outputs (4%) further exacerbates this risk, making it highly probable that stored or reflected XSS could be injected.\n\nIn conclusion, while the plugin uses prepared statements for its SQL queries, this single strength is overshadowed by critical weaknesses in its handling of AJAX requests, input sanitization, and output escaping. The large number of unprotected entry points presents a substantial risk that could be exploited by unauthenticated users, and the taint analysis strongly suggests the presence of exploitable vulnerabilities.",[392,394,396,399,401,403,406],{"reason":393,"points":11},"Unprotected AJAX handlers",{"reason":395,"points":11},"High severity unsanitized taint flow",{"reason":397,"points":398},"Low output escaping percentage",8,{"reason":400,"points":387},"Dangerous function unserialize",{"reason":402,"points":11},"No nonce checks on AJAX handlers",{"reason":404,"points":405},"Limited capability checks",3,{"reason":407,"points":231},"Historical medium severity CVE (XSS)","2026-03-17T00:20:57.797Z",{"wat":410,"direct":420},{"assetPaths":411,"generatorPatterns":415,"scriptPaths":416,"versionParams":417},[412,413,414],"\u002Fwp-content\u002Fplugins\u002Fathlon-manage-calameo-publications\u002Fcss\u002Fstyles.css","\u002Fwp-content\u002Fplugins\u002Fathlon-manage-calameo-publications\u002Fjs\u002Fscripts.js","\u002Fwp-content\u002Fplugins\u002Fathlon-manage-calameo-publications\u002Fthickbox_content.php",[],[413],[418,419],"athlon-manage-calameo-publications\u002Fcss\u002Fstyles.css?ver=","athlon-manage-calameo-publications\u002Fjs\u002Fscripts.js?ver=",{"cssClasses":421,"htmlComments":423,"htmlAttributes":424,"restEndpoints":426,"jsGlobals":427,"shortcodeOutput":431},[422],"ath_calameo_form",[],[425],"data-attachment-id",[],[428,429,430],"ath_delete_from_calameo_action","ath_upload_to_calameo_action","athlon_calameo_admin_ajax_url",[]]