[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fS5zuKVaQW2EqpVtqUAhm5T_SXM1U4Z5fgWj8hIOQ0Rk":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":73,"crawl_stats":38,"alternatives":81,"analysis":188,"fingerprints":273},"author-avatars","Author Avatars List\u002FBlock","2.1.25","Paul Bearne","https:\u002F\u002Fprofiles.wordpress.org\u002Fpbearne\u002F","\u003Cp>This plugin makes it easy to \u003Cem>display lists of user avatars\u003C\u002Fem>, grouped by user roles, on your (multiuser) site. It also allows you to \u003Cem>insert single avatars\u003C\u002Fem> for blog users or any email address into a post or page – great for displaying an image of someone you’re talking about.\u003C\u002Fp>\n\u003Cp>It makes use of built-in WordPress (core) functions to retrieve user information and get avatars.\u003C\u002Fp>\n\u003Cp>Integrates with: Gutenberg, BuddyPress, xprofile, Multisite, Wpmu, BBPress, co-authors.\u003C\u002Fp>\n\u003Cp>Avatar lists can be inserted into your sidebar by adding a widget or into posts\u002Fpages by using a \u003Ca href=\"http:\u002F\u002Fauthoravatars.wordpress.com\u002Fdocumentation\u002Fauthoravatars-shortcode\u002F\" rel=\"nofollow ugc\">shortcode\u003C\u002Fa>. The plugin comes with a tinymce editor plugin which makes inserting shortcodes very easy.\u003C\u002Fp>\n\u003Cp>This also provides Gutenberg Block for use with the Gutenberg editor.\u003Cbr \u002F>\nPlease help with the plugin Translations at https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fauthor-avatars.\u003C\u002Fp>\n\u003Cp>Both the shortcode and widget and Gutenberg Block can be configured to:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Show a custom title (widget only)\u003C\u002Fli>\n\u003Cli>Only show specific user groups and\u002For hide certain users\u003C\u002Fli>\n\u003Cli>Limit the number of users shown\u003C\u002Fli>\n\u003Cli>Change the sort order of users or show in random order\u003C\u002Fli>\n\u003Cli>Adjust the size of user avatars\u003C\u002Fli>\n\u003Cli>Optionally show a user’s name or biography\u003C\u002Fli>\n\u003Cli>Show users from the current blog, all blogs or a selection of blogs (on WPMU\u002FMultisite)\u003C\u002Fli>\n\u003Cli>Group users by their blog (when showing from multiple blogs), and show the blog name above each grouping.\u003C\u002Fli>\n\u003Cli>Support users from Co-Author Plus, Ultimate Member, BBpress and BuddyPress (xprofile)\u003C\u002Fli>\n\u003Cli>Limit the number of avatars per page for large sets by adding a page_size to the shortcode e.g. “page_size=30” (shortcode only)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Additionally, single user avatars can be inserted using the \u003Ca href=\"http:\u002F\u002Fauthoravatars.wordpress.com\u002Fdocumentation\u002Fshow_avatar-shortcode\u002F\" rel=\"nofollow ugc\">show_avatar shortcode\u003C\u002Fa> and configured to:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Adjust the size of the user avatar.\u003C\u002Fli>\n\u003Cli>Align the avatar left, centered or right.\u003Cbr \u002F>\nThe Gutenberg Block support both single user avatars and role based selections of avatars\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Please report bugs and provide feedback in the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Ftags\u002Fauthor-avatars?forum_id=10#postform\" rel=\"ugc\">wordpress support forum\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Plugin support:\u003C\u002Fstrong> In 2011, Ben stepped down as maintainer of the Plugin, handing over ownership to co-author Paul Bearne, who continues to provide support and drive the development of new features.\u003C\u002Fp>\n","Display lists of user avatars using widgets or shortcodes. With Gutenberg support.",4000,378912,96,32,"2025-11-28T17:22:00.000Z","6.9.0","3.0","",[20,21,22,23,24],"author","avatar","block","image","profile","http:\u002F\u002Fauthoravatars.wordpress.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fauthor-avatars.2.1.25.zip",98,3,0,"2025-01-07 00:00:00","2026-03-15T15:16:48.613Z",[33,49,61],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"CVE-2025-22804","author-avatars-listblock-authenticated-contributor-stored-cross-site-scripting","Author Avatars List\u002FBlock \u003C= 2.1.23 - Authenticated (Contributor+) Stored Cross-Site Scripting","The Author Avatars List\u002FBlock plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.1.23 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",null,"\u003C=2.1.23","2.1.24","medium",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-01-14 14:55:57",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F0725a122-9ad3-45bf-bf80-80881520634a?source=api-prod",8,{"id":50,"url_slug":51,"title":52,"description":53,"plugin_slug":4,"theme_slug":38,"affected_versions":54,"patched_in_version":55,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":56,"updated_date":57,"references":58,"days_to_patch":60},"CVE-2024-47370","author-avatars-listblock-authenticated-subscriber-stored-cross-site-scripting","Author Avatars List\u002FBlock \u003C= 2.1.21 - Authenticated (Subscriber+) Stored Cross-Site Scripting","The Author Avatars List\u002FBlock plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.1.21 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","\u003C=2.1.21","2.1.22","2024-09-30 00:00:00","2024-10-10 12:24:31",[59],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F7b9aaafb-cb39-4a3b-85db-d0a8e9498d60?source=api-prod",11,{"id":62,"url_slug":63,"title":64,"description":65,"plugin_slug":4,"theme_slug":38,"affected_versions":66,"patched_in_version":67,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":68,"updated_date":69,"references":70,"days_to_patch":72},"CVE-2023-49846","author-avatars-listblock-authenticated-contributor-stored-cross-site-scripting-via-shortcode","Author Avatars List\u002FBlock \u003C= 2.1.17 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode","The Author Avatars List\u002FBlock plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode in versions up to, and including, 2.1.17 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","\u003C=2.1.17","2.1.18","2023-12-06 00:00:00","2024-01-22 19:56:02",[71],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fc7c8380b-02ae-49d2-8c64-debe7f73ee35?source=api-prod",48,{"slug":74,"display_name":7,"profile_url":8,"plugin_count":75,"total_installs":76,"avg_security_score":77,"avg_patch_time_days":78,"trust_score":79,"computed_at":80},"pbearne",6,5050,95,22,91,"2026-04-04T14:14:55.010Z",[82,108,127,148,166],{"slug":83,"name":84,"version":85,"author":86,"author_profile":87,"description":88,"short_description":89,"active_installs":90,"downloaded":91,"rating":92,"num_ratings":93,"last_updated":94,"tested_up_to":95,"requires_at_least":96,"requires_php":97,"tags":98,"homepage":103,"download_link":104,"security_score":105,"vuln_count":93,"unpatched_count":106,"last_vuln_date":107,"fetched_at":31},"user-avatar-reloaded","User Avatar – Reloaded","1.2.2","Saad Iqbal","https:\u002F\u002Fprofiles.wordpress.org\u002Fsaadiqbal\u002F","\u003Cp>WordPress currently only allows you to use custom avatars that are uploaded through Gravatar. WP User Avatar enables you to use any photo uploaded into your Media Library as an avatar. This means you use the same uploader and library as your posts. No extra folders or image editing functions are necessary.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WP User Avatar\u003C\u002Fstrong> also lets you:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Upload your own Default Avatar in your WP User Avatar settings.\u003C\u002Fli>\n\u003Cli>Show the user’s \u003Ca href=\"http:\u002F\u002Fgravatar.com\u002F\" rel=\"nofollow ugc\">Gravatar\u003C\u002Fa> avatar or Default Avatar if the user doesn’t have a WP User Avatar image.\u003C\u002Fli>\n\u003Cli>Disable \u003Ca href=\"http:\u002F\u002Fgravatar.com\u002F\" rel=\"nofollow ugc\">Gravatar\u003C\u002Fa> avatars and use only local avatars.\u003C\u002Fli>\n\u003Cli>Use the \u003Ccode>[avatar_upload]\u003C\u002Fcode> shortcode to add a standalone uploader to a front page or widget. This uploader is only visible to logged-in users.\u003C\u002Fli>\n\u003Cli>Use the \u003Ccode>[avatar]\u003C\u002Fcode> shortcode in your posts. These shortcodes will work with any theme, whether it has avatar support or not.\u003C\u002Fli>\n\u003Cli>Allow Contributors and Subscribers to upload their own avatars.\u003C\u002Fli>\n\u003Cli>Limit upload file size and image dimensions for Contributors and Subscribers.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>ADD WP USER AVATAR TO YOUR OWN PROFILE EDIT PAGE\u003C\u002Fh3>\n\u003Cp>You can use the [avatar_upload] shortcode to add a standalone uploader to any page. It’s best to use this uploader by itself and without other profile fields.\u003Cbr \u002F>\nIf you’re building your own profile edit page with other fields, WP User Avatar is automatically added to the show_user_profile and edit_user_profile hooks. If you’d rather have WP User Avatar in its own section, you could add another hook:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>do_action('edit_user_avatar', $current_user);\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Then, to add WP User Avatar to that hook and remove it from the other hooks outside of the administration panel, you would add this code to the functions.php file of your theme:\n    \u003C\u002Fp>\n\u003Ch3>HTML WRAPPER\u003C\u002Fh3>\n\u003Cp>You can change the HTML wrapper of the WP User Avatar section by using the functions wpua_before_avatar and wpua_after_avatar. By default, the avatar code is structured like this:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003Cdiv class=\"wpua-edit-container\">\n  \u003Ch3>Avatar\u003C\u002Fh3>\n  \u003Cinput type=\"hidden\" name=\"wp-user-avatar\" id=\"wp-user-avatar\" value=\"{attachmentID}\" \u002F>\n  \u003Cp id=\"wpua-add-button\">\n    \u003Cbutton type=\"button\" class=\"button\" id=\"wpua-add\" name=\"wpua-add\">Edit Image\u003C\u002Fbutton>\n  \u003C\u002Fp>\n  \u003Cp id=\"wpua-preview\">\n    \u003Cimg src=\"{imageURL}\" alt=\"\" \u002F>\n    Original Size\n  \u003C\u002Fp>\n  \u003Cp id=\"wpua-thumbnail\">\n    \u003Cimg src=\"{imageURL}\" alt=\"\" \u002F>\n    Thumbnail\n  \u003C\u002Fp>\n  \u003Cp id=\"wpua-remove-button\">\n    \u003Cbutton type=\"button\" class=\"button\" id=\"wpua-remove\" name=\"wpua-remove\">Default Avatar\u003C\u002Fbutton>\n  \u003C\u002Fp>\n  \u003Cp id=\"wpua-undo-button\">\n    \u003Cbutton type=\"button\" class=\"button\" id=\"wpua-undo\" name=\"wpua-undo\">Undo\u003C\u002Fbutton>\n  \u003C\u002Fp>\n\u003C\u002Fdiv>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>To strip out the div container and h3 heading, you would add the following filters to the functions.php file in your theme:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003C?php\nremove_action('wpua_before_avatar', 'wpua_do_before_avatar');\nremove_action('wpua_after_avatar', 'wpua_do_after_avatar');\n?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>To add your own wrapper, you could create something like this:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003C?php\nfunction my_before_avatar() {\n  echo '\u003Cdiv id=\"my-avatar\">';\n}\nadd_action('wpua_before_avatar', 'my_before_avatar');\n\nfunction my_after_avatar() {\n  echo '\u003C\u002Fdiv>';\n}\nadd_action('wpua_after_avatar', 'my_after_avatar');\n?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>This would output:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003Cdiv id=\"my-avatar\">\n  \u003Cinput type=\"hidden\" name=\"wp-user-avatar\" id=\"wp-user-avatar\" value=\"{attachmentID}\" \u002F>\n  \u003Cp id=\"wpua-add-button\">\n    \u003Cbutton type=\"button\" class=\"button\" id=\"wpua-add\" name=\"wpua-add\">Edit Image\u003C\u002Fbutton>\n  \u003C\u002Fp>\n  \u003Cp id=\"wpua-preview\">\n    \u003Cimg src=\"{imageURL}\" alt=\"\" \u002F>\n    \u003Cspan class=\"description\">Original Size\u003C\u002Fspan>\n  \u003C\u002Fp>\n  \u003Cp id=\"wpua-thumbnail\">\n    \u003Cimg src=\"{imageURL}\" alt=\"\" \u002F>\n    \u003Cspan class=\"description\">Thumbnail\u003C\u002Fspan>\n  \u003C\u002Fp>\n  \u003Cp id=\"wpua-remove-button\">\n    \u003Cbutton type=\"button\" class=\"button\" id=\"wpua-remove\" name=\"wpua-remove\">Default Avatar\u003C\u002Fbutton>\n  \u003C\u002Fp>\n  \u003Cp id=\"wpua-undo-button\">\n    \u003Cbutton type=\"button\" class=\"button\" id=\"wpua-undo\" name=\"wpua-undo\">Undo\u003C\u002Fbutton>\n  \u003C\u002Fp>\n\u003C\u002Fdiv>\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Use any image from your WordPress Media Library as a custom user avatar or user profile picture. Add your own Default Avatar.",900,10086,100,2,"2023-09-14T08:17:00.000Z","6.3.8","4.0","5.6",[99,100,21,101,102],"author-image","author-photo","gravatar","user-profile","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-user-avatar-reloaded","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-avatar-reloaded.1.2.2.zip",62,1,"2025-09-28 00:00:00",{"slug":99,"name":109,"version":110,"author":111,"author_profile":112,"description":113,"short_description":114,"active_installs":92,"downloaded":115,"rating":92,"num_ratings":93,"last_updated":116,"tested_up_to":117,"requires_at_least":118,"requires_php":18,"tags":119,"homepage":124,"download_link":125,"security_score":126,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"WP Custom Author Image","1.0","p4wparamjeet","https:\u002F\u002Fprofiles.wordpress.org\u002Fp4wparamjeet\u002F","\u003Cp>The WP Custom Author Image plugin for WordPress lets you easily add WP Custom Author Images on your site.\u003C\u002Fp>\n\u003Cp>It creates a widget that you can insert in a sidebar or any other widget area allowed by your theme.\u003Cbr \u002F>\nThe plugin now supports a short code [wp-custom-author-image] you can use to directly add the image to the page or post content.\u003C\u002Fp>\n\u003Cp>Alternatively, you can place the following call in the loop where you want the WP Custom Author Image to appear:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003C?php the_wp_custom_author_image($author_id = null); ?>\n\nThis $author_id parameter is optional.  If it is not passed in, the code will attempt to get the current author of the page\u002Fpost.\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>A second version of this function exists whereby you can pass in width and height to display the image.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003C?php the_wp_custom_author_image_size($width, $height, $author_id = null); ?>\n\nThis $author_id parameter is optional.  If it is not passed in, the code will attempt to get the current author of the page\u002Fpost.\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>To configure your WP Custom Author Image, browse Users \u002F Your Profile in the admin area.\u003C\u002Fp>\n\u003Ch4>Setting WP Custom Author Image Size\u003C\u002Fh4>\n\u003Cp>You can adjust the actual display size in the WP Custom Author Image widget or by using the_wp_custom_author_image_size function call.\u003C\u002Fp>\n\u003Cp>If you do not specify a size the width and height of the actual image will be used.\u003C\u002Fp>\n\u003Ch4>Shortcode\u003C\u002Fh4>\n\u003Col>\n\u003Cli>You can use [wp-custom-author-image] to display the uploaded WP Custom Author Image in your page\u002Fpost content.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Multi-Author Sites\u003C\u002Fh4>\n\u003Cp>For sites with multitudes of authors, the widget offers the ability to insert a link to the author’s posts — his archives.\u003C\u002Fp>\n\u003Ch4>Single Author Sites\u003C\u002Fh4>\n\u003Cp>Normally the widget will only display an WP Custom Author Image when it can clearly identify who the content’s author actually is. In other words, on singular pages or in the loop.\u003C\u002Fp>\n\u003Cp>If you run a single author site, or a site with multiple ghost writers, be sure to check the “This site has a single author” option. The widget will then output your image at all times.\u003C\u002Fp>\n\u003Ch4>Alternate About Page Link\u003C\u002Fh4>\n\u003Cp>Normally the widget will use the author’s posts page (\u002Fauthor\u002Fauthorname\u002F) is the image is clicked on.   If your site has a dedicated page for the author, such as an ‘About Me’ page,\u003C\u002Fp>\n\u003Cp>there is a new field in ‘Your Profile’ called ‘About Me Page’.  Entering a url in this field (\u002Fabout-me\u002F) will cause the widget to use this link as opposed to \u002Fauthor\u002Fauthorname.\u003C\u002Fp>\n\u003Ch4>Retrieving Author Url\u003C\u002Fh4>\n\u003Cp>You can retrieve the url to the respective WP Custom Author Image by calling the function\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003C?php the_wp_custom_author_image_url($author_id = null); ?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>If $author_id is blank the plugin will attempt to determine the current author and retrieve his\u002Fher image.\u003C\u002Fp>\n","Lets you easily add WP Custom Author Images on your site.",2740,"2019-08-27T05:41:00.000Z","5.2.24","3.1",[20,120,121,122,123],"user-gravatar","user-photo","user-profile-photo","wp-custom-author-image","https:\u002F\u002Fprofiles.wordpress.org\u002Fp4wparamjeet","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fauthor-image.zip",85,{"slug":128,"name":129,"version":130,"author":131,"author_profile":132,"description":133,"short_description":134,"active_installs":135,"downloaded":136,"rating":137,"num_ratings":138,"last_updated":139,"tested_up_to":140,"requires_at_least":141,"requires_php":97,"tags":142,"homepage":145,"download_link":146,"security_score":79,"vuln_count":106,"unpatched_count":29,"last_vuln_date":147,"fetched_at":31},"metronet-profile-picture","User Profile Picture","2.6.3","Cozmoslabs","https:\u002F\u002Fprofiles.wordpress.org\u002Fcozmoslabs\u002F","\u003Cp>\u003Cstrong>User Profile Picture is no longer under active development, but will continue to work as is. We have integrated the current functionality in \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fprofile-builder\u002F\" rel=\"ugc\">Profile Builder\u003C\u002Fa> where it will actively be maintained, and we recommend migrating to it.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Set or remove a custom profile image for a user using the standard WordPress media upload tool.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.cozmoslabs.com\u002Fuser-profile-picture\u002F\" rel=\"nofollow ugc\">View Documentation and Examples\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F9icnOWWZUpA?version=3&rel=0&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>Users must have the ability to upload images (typically author role or greater). You can use the plugin \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fprofile-builder\u002F\" rel=\"ugc\">Profile Builder\u003C\u002Fa> to allow other roles (e.g. subscribers) the ability to upload images.\u003C\u002Fp>\n\u003Cp>A template tag is supplied for outputting to a theme and the option to override a user’s default avatar is also available.\u003C\u002Fp>\n\u003Ch3>Documentation and Feedback\u003C\u002Fh3>\n\u003Cp>See the documentation on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fmadalinungureanu\u002Fuser-profile-picture\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>Please \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fmetronet-profile-picture\u002Freviews\u002F#new-post\" rel=\"ugc\">Rate the Plugin\u003C\u002Fa>.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n","Set a custom profile image (avatar) for a user using the standard WordPress media upload tool.",40000,1023099,92,59,"2024-07-18T13:11:00.000Z","6.6.5","4.6",[21,143,101,102,144],"blocks","users","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmetronet-profile-picture\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmetronet-profile-picture.2.6.3.zip","2024-06-20 00:00:00",{"slug":149,"name":150,"version":151,"author":152,"author_profile":153,"description":154,"short_description":155,"active_installs":156,"downloaded":157,"rating":158,"num_ratings":48,"last_updated":159,"tested_up_to":140,"requires_at_least":17,"requires_php":18,"tags":160,"homepage":163,"download_link":164,"security_score":79,"vuln_count":106,"unpatched_count":29,"last_vuln_date":165,"fetched_at":31},"meks-smart-author-widget","Meks Smart Author Widget","1.1.5","Meks","https:\u002F\u002Fprofiles.wordpress.org\u002Fmekshq\u002F","\u003Cp>Simple plugin which allows you to display author\u002Fuser info inside WordPress widget. Smart feature of this plugin is user\u002Fauthor “auto detection” which means that it can optionally show author of current post on single post templates or on specific author archive.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Flexible display options\u003C\u002Fli>\n\u003Cli>Auto detect post author on single post and author templates\u003C\u002Fli>\n\u003Cli>Custom avatar size\u003C\u002Fli>\n\u003Cli>Link avatar image to author archive (optional)\u003C\u002Fli>\n\u003Cli>Link user display name to author archive (optional)\u003C\u002Fli>\n\u003Cli>Replace widget title with user display name (optional)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Smart Author Widget plugin is created by \u003Ca href=\"https:\u002F\u002Fmekshq.com\" rel=\"nofollow ugc\">Meks\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Live example?\u003C\u002Fh3>\n\u003Cp>You can see Smart Author Widget live example on our \u003Ca href=\"https:\u002F\u002Fmekshq.com\u002Fdemo\u002Ftypology\" rel=\"nofollow ugc\">Typology theme demo website\u003C\u002Fa>\u003C\u002Fp>\n","Easily display your author\u002Fuser profile info inside WordPress widget.",10000,429633,90,"2024-07-23T14:46:00.000Z",[20,21,24,161,162],"user","widget","https:\u002F\u002Fmekshq.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmeks-smart-author-widget.zip","2024-07-10 00:00:00",{"slug":167,"name":168,"version":169,"author":170,"author_profile":171,"description":172,"short_description":173,"active_installs":174,"downloaded":175,"rating":137,"num_ratings":176,"last_updated":177,"tested_up_to":178,"requires_at_least":96,"requires_php":179,"tags":180,"homepage":186,"download_link":187,"security_score":92,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"ultimate-post-list","Ultimate Post List","5.2.7.1","Kybernetik Services","https:\u002F\u002Fprofiles.wordpress.org\u002Fkybernetikservices\u002F","\u003Cp>Make up custom-tailored preview lists of your website’s contents easily and place them in widget areas and post contents.\u003C\u002Fp>\n\u003Cp>Promote your website’s content with many kinds of post lists. No programming skills are necessary. No fiddling with templates. With just a few keyboard entries and clicks you get a customized posts list.\u003C\u002Fp>\n\u003Cp>The plugin Ultimate Post List for WordPress gives you an easy-to-use toolbox to make lists of posts. You can insert the lists\u003C\u002Fp>\n\u003Cul>\n\u003Cli>as \u003Cstrong>widgets in every widget area\u003C\u002Fstrong> per drag’n’drop easily\u003C\u002Fli>\n\u003Cli>via \u003Cstrong>configurable shortcodes in every post content\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>via \u003Cstrong>calls of the function upl_get_html()\u003C\u002Fstrong> in PHP code\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can switch between a \u003Cstrong>vertical list layout\u003C\u002Fstrong> or a \u003Cstrong>responsive grid layout\u003C\u002Fstrong>. A few options help you to get a nice layout without any need to code.\u003C\u002Fp>\n\u003Cp>You can \u003Cstrong>filter\u003C\u002Fstrong> the posts by their \u003Cstrong>post type\u003C\u002Fstrong> “Post” or\u002Fand “Page” and by multiple \u003Cstrong>categories\u003C\u002Fstrong>. For filtering by custom post types check out \u003Ca href=\"https:\u002F\u002Fwww.kybernetik-services.com\u002Fshop\u002Fwordpress\u002Fplugin\u002Fultimate-post-list-pro\u002F?utm_source=wordpress_org&utm_medium=plugin&utm_campaign=ultimate-post-list&utm_content=update-notice-readme\" rel=\"nofollow ugc\">Ultimate Post List Pro\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>You can switch on a \u003Cstrong>“Load more posts”\u003C\u002Fstrong> link or button which loads further posts without leaving the page. Its text is controlled easily for you.\u003C\u002Fp>\n\u003Cp>The plugin is \u003Cstrong>multi-widget capable\u003C\u002Fstrong>. That is, you can have several widgets of Ultimate Post List on your blog, each with its own settings!\u003C\u002Fp>\n\u003Cp>You can clone (duplicate, copy) every list with a single click on the action link.\u003C\u002Fp>\n\u003Cp>The plugin is available in English, German (Deutsch) and Greek (Ελληνικά). It does not collect any personal data, so it is ready for EU General Data Protection Regulation (GDPR) compliance.\u003C\u002Fp>\n\u003Ch4>Demo\u003C\u002Fh4>\n\u003Cp>You want to test Ultimate Post List before installing on your site? Try it out on your individual and free dummy site and \u003Ca href=\"https:\u002F\u002Fdemo.tastewp.com\u002Fultimate-post-list\" rel=\"nofollow ugc\">click here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Options you can set\u003C\u002Fh4>\n\u003Cp>The free version of Ultimate Post List offers you many options to type and click customized post lists easily. These are the options:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>List Options\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>\u003Cstrong>List Display Options\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>List Visibility\u003C\u002Fli>\n\u003Cli>Text if no posts\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>List Title Options\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>List title\u003C\u002Fli>\n\u003Cli>URL of list title\u003C\u002Fli>\n\u003Cli>HTML element of list title\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Post List Options\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>\u003Cstrong>Post List Options In General\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>Number of posts\u003C\u002Fli>\n\u003Cli>Posts offset\u003C\u002Fli>\n\u003Cli>Hide current viewed post in list\u003C\u002Fli>\n\u003Cli>Show sticky posts on top of the list\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Posts Sort Order\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>\u003Cstrong>Order by\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>Post date\u003C\u002Fli>\n\u003Cli>Post title\u003C\u002Fli>\n\u003Cli>Post author\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Order direction\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>Ascending\u003C\u002Fli>\n\u003Cli>Descending\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Post Filter Options\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>\u003Cstrong>Post Type Filter\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>Show posts of selected types: posts or\u002Fand pages\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Category Filter\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>Show posts of selected categories only\u003C\u002Fli>\n\u003Cli>Show only posts that are in all selected categories\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Post List Item Options\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>\u003Cstrong>Post Data Order\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>Position of post thumbnail\u003C\u002Fli>\n\u003Cli>Position of post title\u003C\u002Fli>\n\u003Cli>Position of post date\u003C\u002Fli>\n\u003Cli>Position of post author name\u003C\u002Fli>\n\u003Cli>Position of post excerpt\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Post Display Options\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>Show post thumbnail (default)\u003C\u002Fli>\n\u003Cli>Show post title (default)\u003C\u002Fli>\n\u003Cli>Show post date\u003C\u002Fli>\n\u003Cli>Show post author name\u003C\u002Fli>\n\u003Cli>Show post excerpt\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Post Links Options\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>Set post title clickable (default)\u003C\u002Fli>\n\u003Cli>Set post thumbnail clickable (default)\u003C\u002Fli>\n\u003Cli>Set post date clickable, pointing to the month archive\u003C\u002Fli>\n\u003Cli>Set post author clickable, pointing to the author’s archive\u003C\u002Fli>\n\u003Cli>Set post excerpt clickable\u003C\u002Fli>\n\u003Cli>Open post links in new windows\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Post Title Options\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>Maximum length of post title\u003C\u002Fli>\n\u003Cli>Text after shortened title\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Post Date Options\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>Format of the post date (over 100 options available)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Post Thumbnail Options\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>\u003Cstrong>Source of the post thumbnail\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>Featured image\u003C\u002Fli>\n\u003Cli>First post content image if previously uploaded to the media library\u003C\u002Fli>\n\u003Cli>Featured image if the first post content image is not available\u003C\u002Fli>\n\u003Cli>First post content image if the featured image is not available\u003C\u002Fli>\n\u003Cli>Avatars of post authors\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Use post title as the alternative text for the thumbnail\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Use default thumbnail if no image could be ascertained\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>URL of default thumbnail\u003C\u002Fli>\n\u003Cli>Thumbnail size \u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Width of thumbnail in px\u003C\u002Fli>\n\u003Cli>Height of thumbnail in px\u003C\u002Fli>\n\u003Cli>Use aspect ratios of original images\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Alignment of thumbnail\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>Align left\u003C\u002Fli>\n\u003Cli>Align center\u003C\u002Fli>\n\u003Cli>Align right\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Top image margin width in px\u003C\u002Fli>\n\u003Cli>Bottom image margin width in px\u003C\u002Fli>\n\u003Cli>Left image margin width in px\u003C\u002Fli>\n\u003Cli>Right image margin width in px\u003C\u002Fli>\n\u003Cli>Flow of text at the thumbnail (wrap right\u002Fleft or side by side)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Post Excerpt Options\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>Maximum length of post excerpt\u003C\u002Fli>\n\u003Cli>Text after shortened excerpt\u003C\u002Fli>\n\u003Cli>Ignore post excerpt field as excerpt source\u003C\u002Fli>\n\u003Cli>Ignore post content as excerpt source\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>“More” Element Options\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>\u003Cstrong>“More” Element Appearance\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>Show a clickable “More” element for loading further list items at the bottom of the list\u003C\u002Fli>\n\u003Cli>\u003Cstrong>“More” element type\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>Show element as a link\u003C\u002Fli>\n\u003Cli>Show element as a button\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Label of “More” element\u003C\u002Fli>\n\u003Cli>Show icon while new posts are loaded\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Icon style\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>\u003Cstrong>Small icons\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>Small gray circle with rotating dot\u003C\u002Fli>\n\u003Cli>Small turning wheel\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Big icons\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>Big gray circle with rotating dot\u003C\u002Fli>\n\u003Cli>Big turning wheel\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Text that appears when no further posts have been found\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>List Layout Options\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>List Layout Type: vertical list or responsive grid\u003C\u002Fli>\n\u003Cli>Grid item width in px\u003C\u002Fli>\n\u003Cli>Minimal height of grid item in px\u003C\u002Fli>\n\u003Cli>\u003Cstrong>List Item Margin Options\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>Top item margin in px\u003C\u002Fli>\n\u003Cli>Bottom item margin in px\u003C\u002Fli>\n\u003Cli>Left item margin in px\u003C\u002Fli>\n\u003Cli>Right item margin in px\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Additional options in the Pro version\u003C\u002Fh4>\n\u003Cp>The Pro version has all the options of the free version and many additional options for layouts, numbered lists, colors, custom post types and much more. \u003Ca href=\"https:\u002F\u002Fwww.kybernetik-services.com\u002Fplugins\u002Fultimate-post-list-pro\u002F?utm_source=wordpress_org&utm_medium=plugin&utm_campaign=ultimate-post-list&utm_content=update-notice-readme\" rel=\"nofollow ugc\">Go to Ultimate Post List Pro\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Pro users get premium support whilst free support is offered in the WordPress forums in our spare time.\u003C\u002Fp>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cp>Support for this plugin will be provided in the form of Product Support. This means that we intend to fix any confirmed bugs, listen to ideas for this plugin and improve the user experience when enhancements are identified and can reasonably be accommodated.\u003C\u002Fp>\n\u003Cp>Pro users get premium support whilst free support is offered in the WordPress forums in our spare time. If you are having trouble with this plugin in your particular installation of WordPress, we will not be able to help you troubleshoot the problem.\u003C\u002Fp>\n","Make up custom-tailored preview lists of the contents easily and place them in widget areas and post contents.",2000,61198,12,"2025-12-01T17:13:00.000Z","6.9.4","5.2",[181,182,183,184,185],"authors","avatars","css","featured-image","first-image","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fultimate-post-list\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fultimate-post-list.5.2.7.1.zip",{"attackSurface":189,"codeSignals":223,"taintFlows":236,"riskAssessment":261,"analyzedAt":272},{"hooks":190,"ajaxHandlers":211,"restRoutes":220,"shortcodes":221,"cronEvents":222,"entryPointCount":93,"unprotectedCount":29},[191,197,201,206,208],{"type":192,"name":193,"callback":194,"file":195,"line":196},"action","init","register_author_avatars_block","blocks\\init.php",108,{"type":192,"name":198,"callback":199,"file":195,"line":200},"enqueue_block_editor_assets","author_avatar_editor_assets",238,{"type":192,"name":202,"callback":203,"file":204,"line":205},"enqueue_block_assets","author_avatar_block_assets","blocks\\src\\init.php",41,{"type":192,"name":198,"callback":199,"file":204,"line":207},78,{"type":192,"name":193,"callback":193,"file":209,"line":210},"blocks\\src\\show-avatar\\class-render.php",20,[212,218],{"action":213,"nopriv":214,"callback":213,"hasNonce":215,"hasCapCheck":214,"file":216,"line":217},"AA_shortcode_paging",false,true,"author-avatars.php",27,{"action":213,"nopriv":215,"callback":213,"hasNonce":215,"hasCapCheck":214,"file":216,"line":219},28,[],[],[],{"dangerousFunctions":224,"sqlUsage":225,"outputEscaping":227,"fileOperations":29,"externalRequests":29,"nonceChecks":106,"capabilityChecks":29,"bundledLibraries":232},[],{"prepared":29,"raw":29,"locations":226},[],{"escaped":210,"rawEcho":106,"locations":228},[229],{"file":216,"line":230,"context":231},39,"raw output",[233],{"name":234,"version":38,"knownCves":235},"TinyMCE",[],[237,253],{"entryPoint":238,"graph":239,"unsanitizedCount":29,"severity":252},"AA_shortcode_paging (author-avatars.php:30)",{"nodes":240,"edges":250},[241,245],{"id":242,"type":243,"label":244,"file":216,"line":230},"n0","source","$_POST",{"id":246,"type":247,"label":248,"file":216,"line":230,"wp_function":249},"n1","sink","echo() [XSS]","echo",[251],{"from":242,"to":246,"sanitized":215},"low",{"entryPoint":254,"graph":255,"unsanitizedCount":29,"severity":252},"\u003Cauthor-avatars> (author-avatars.php:0)",{"nodes":256,"edges":259},[257,258],{"id":242,"type":243,"label":244,"file":216,"line":230},{"id":246,"type":247,"label":248,"file":216,"line":230,"wp_function":249},[260],{"from":242,"to":246,"sanitized":215},{"summary":262,"deductions":263},"The author-avatars v2.1.25 plugin exhibits a generally good security posture based on the static analysis. The plugin demonstrates a commitment to secure coding practices by utilizing prepared statements for all SQL queries and properly escaping the vast majority of its output. The absence of dangerous functions, file operations, and external HTTP requests further strengthens its security.  Crucially, all identified entry points (AJAX handlers) have nonce checks, a vital layer of protection against CSRF attacks.",[264,267,269],{"reason":265,"points":266},"No capability checks on AJAX handlers",10,{"reason":268,"points":28},"Bundled TinyMCE library",{"reason":270,"points":271},"Medium severity CVEs in history",9,"2026-03-16T18:12:08.211Z",{"wat":274,"direct":282},{"assetPaths":275,"generatorPatterns":279,"scriptPaths":280,"versionParams":281},[276,277,278],"\u002Fwp-content\u002Fplugins\u002Fauthor-avatars\u002Fbuild\u002Fshow-avatar\u002Fstyle-block.css","\u002Fwp-content\u002Fplugins\u002Fauthor-avatars\u002Fbuild\u002Fshow-avatar\u002Fblock.js","\u002Fwp-content\u002Fplugins\u002Fauthor-avatars\u002Fbuild\u002Fshow-avatar\u002Fblock.css",[],[277],[],{"cssClasses":283,"htmlComments":285,"htmlAttributes":286,"restEndpoints":288,"jsGlobals":289,"shortcodeOutput":291},[284],"shortcode-author-avatars",[],[287],"data-aa-action",[],[290],"authorAvatars",[292],"\u003Cdiv class=\"shortcode-author-avatars\">"]