[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fVs3XnWqFJE365w4f8hyNS6yJRTIT_6h84CV4ogCFIvk":3,"$ft7MfdG5iTimBN56Xnm0ErcUV2IWytoBJTaqWN-s_Tx4":369,"$fFrkT2oy8SL4iHDar7t8kl-KEUbPT5EFx2WDgrhJpnQg":373},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":17,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"discovery_status":28,"vulnerabilities":29,"developer":30,"crawl_stats":26,"alternatives":37,"analysis":137,"fingerprints":350},"auto-image-field","Auto Image Field","2.0","andur","https:\u002F\u002Fprofiles.wordpress.org\u002Fanduriell\u002F","\u003Cp>This plugin allows you to create custom fields to manage image custom fields easily from the administration screen.\u003C\u002Fp>\n\u003Cp>This plugin is based on the fantastic plugin \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fnkmimagefield\u002F\" rel=\"ugc\">NKMImageField from Naomi Millman\u003C\u002Fa>.\u003Cbr \u002F>\nAnyway neither this or any other did what I was lookingfor: Let me attach images from the media library in custom fields easily.\u003C\u002Fp>\n\u003Cp>So I created this plugin to allow me to do that and a little more:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>* Allows create, edit or delete custom fields from the administration \n  of the following values wordpress:\n      o Field Name.\n      o Field description.\n      o Default value of this field.\n* On screen editing of messages can add the images from the multimedia library.\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>The plugin will try not to leave the field empty,if the field isn’t filled will try to find the first image post. However in  case that none image is found will take the default value.\u003C\u002Fp>\n","This plugin allow you to administrate image custom fields easily using the wordpress media gallery",10,4701,0,"2014-06-23T11:12:00.000Z","3.9.40","2.8","",[19,20,21,22,23],"custom-field","custom-image-field","field","image","image-field","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fauto-image-field.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":25,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"anduriell",2,20,30,84,"2026-05-20T10:31:08.651Z",[38,58,76,96,116],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":32,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":17,"tags":52,"homepage":17,"download_link":56,"security_score":57,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"simple-image-xml-sitemap","Simple Image XML Sitemap","3.5","Janine","https:\u002F\u002Fprofiles.wordpress.org\u002Fblapps\u002F","\u003Cp>The Simple Image XML Sitemap plugin will generate a XML sitemap for all your images uploaded within pages and posts (added as attachments).\u003C\u002Fp>\n\u003Cp>Therefore, the specific Image XML Sitemap will contain the URL to the post or page and URLs to all attached images and image meta data (caption and title).\u003C\u002Fp>\n\u003Cp>The plugin is written by Janine, and is based on Herbert van-Vliet’s image sitemap plugin.\u003C\u002Fp>\n","The Simple Image XML Sitemap plugin will generate a XML Sitemap for specifically for all images including images uploaded as Advanced Custom Fields (P &hellip;",1000,11712,100,"2024-07-28T13:06:00.000Z","6.6.5","4.0",[53,54,55],"advanced-custom-fields","google-image-sitemaps","xml-image-sitemap","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-image-xml-sitemap.zip",92,{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":66,"downloaded":67,"rating":48,"num_ratings":32,"last_updated":68,"tested_up_to":69,"requires_at_least":51,"requires_php":17,"tags":70,"homepage":74,"download_link":75,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"my-upload-images","My Upload Images","1.4.1","Mizuho Ogino","https:\u002F\u002Fprofiles.wordpress.org\u002Ffishpie\u002F","\u003Cp>This plugin create the metabox with the media uploader into any post types. In the metabox, You can drag images into any order you like. The IDs and the order of images will put on record in the customfield of your posts as array.\u003C\u002Fp>\n\u003Ch4>Attention\u003C\u002Fh4>\n\u003Cp>Available only for WordPress 4.0+.\u003C\u002Fp>\n","Create metabox with media uploader. It allows to upload and sort images in any post_type.",400,6176,"2017-03-14T09:03:00.000Z","4.7.33",[71,19,22,72,73],"cms","media-uploader","upload","http:\u002F\u002Fweb.contempo.jp\u002Fweblog\u002Ftips\u002Fp617","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmy-upload-images.1.4.1.zip",{"slug":77,"name":78,"version":79,"author":80,"author_profile":81,"description":82,"short_description":83,"active_installs":84,"downloaded":85,"rating":48,"num_ratings":86,"last_updated":87,"tested_up_to":88,"requires_at_least":89,"requires_php":90,"tags":91,"homepage":94,"download_link":95,"security_score":48,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"acf-image-size-select","Advanced Custom Fields: Image Size Select Field","1.0.3","Jeremy Ross","https:\u002F\u002Fprofiles.wordpress.org\u002Fjeremyrwross\u002F","\u003Cp>Field to select registered image sizes within the WordPress dashboard.\u003C\u002Fp>\n\u003Ch3>Compatibility\u003C\u002Fh3>\n\u003Cp>This ACF field type is compatible with:\u003Cbr \u002F>\n* ACF 5\u003C\u002Fp>\n\u003Ch3>How to Use\u003C\u002Fh3>\n\u003Cp>Once activated, this plugin will create a \u003Cem>Image Size\u003C\u002Fem> field type in ACF.  This field type will list all registered field types as a drop down within the field group.\u003C\u002Fp>\n\u003Cp>To use this field within your custom templates you will use the following code:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>$my_image_id   = get_field('my_image_id');    \u002F\u002F ACF Image return type set to ID for this demo\n$my_image_size = get_field('my_image_size');  \u002F\u002F The selected image size (eg. large)\n\necho wp_get_attachment_image( $my_image_id, $my_image_size );  \u002F\u002F Output the image based on the ID, and the Image Size selected.\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Field to select registered image sizes within the WordPress dashboard.",300,5691,1,"2026-01-12T00:01:00.000Z","6.9.4","3.6.0","7.0",[92,53,93],"acf","image-size","https:\u002F\u002Fjereross.com\u002Facf-image-size-select\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Facf-image-size-select.1.0.3.zip",{"slug":97,"name":98,"version":99,"author":100,"author_profile":101,"description":102,"short_description":103,"active_installs":84,"downloaded":104,"rating":105,"num_ratings":106,"last_updated":107,"tested_up_to":88,"requires_at_least":108,"requires_php":17,"tags":109,"homepage":112,"download_link":113,"security_score":114,"vuln_count":86,"unpatched_count":13,"last_vuln_date":115,"fetched_at":27},"buddypress-xprofile-image-field","BuddyPress XProfile Custom Image Field","3.1.0","Alex Githatu","https:\u002F\u002Fprofiles.wordpress.org\u002Fkalengi\u002F","\u003Cp>The BuddyPress XProfile module does not support Image type fields. The BuddyPress XProfile Custom Image Field (BPXPIF) plugin allows you to add fields of type Image to a BuddyPress user profile.\u003C\u002Fp>\n\u003Cp>Images uploaded during User Registration can be viewed on the Manage Signups screen to allow the Site Administrator to review them before activating a new user account.\u003C\u002Fp>\n\u003Cp>The BPXPIF plugin has a number of action hooks that allow theme and plugin developers to modify its behavior.\u003C\u002Fp>\n\u003Cp>This plugin requires BuddyPress minimum version 1.5 and has been tested up to BuddyPress version 14.4.0\u003C\u002Fp>\n\u003Ch3>Translations\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>English – default\u003C\u002Fli>\n\u003Cli>Spanish translation by \u003Ca href=\"http:\u002F\u002Fwww.webhostinghub.com\u002F\" rel=\"nofollow ugc\">Andrew Kurtis – WebHostingHub\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","With the BPXPIF plugin you can add XProfile fields of type Image without writing any custom code.",21244,96,6,"2026-01-08T18:15:00.000Z","3.2.1",[110,21,22,23,111],"buddypress","xprofile","https:\u002F\u002Falextheafrican.wordpress.com\u002F2012\u002F03\u002F10\u002Fhow-to-add-an-image-field-to-buddypress-extended-profile-fields\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbuddypress-xprofile-image-field.3.1.0.zip",95,"2025-07-31 00:00:00",{"slug":117,"name":118,"version":119,"author":120,"author_profile":121,"description":122,"short_description":123,"active_installs":48,"downloaded":124,"rating":13,"num_ratings":13,"last_updated":125,"tested_up_to":126,"requires_at_least":127,"requires_php":128,"tags":129,"homepage":135,"download_link":136,"security_score":57,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"acf-default-image-addon","Default Image Addon for ACF","1.5","Galaxy Weblinks","https:\u002F\u002Fprofiles.wordpress.org\u002Fgalaxyweblinks\u002F","\u003Cp>This plugin provides an option to add a default image in the backend option for the ACF field type image. It will provide the default image in the result when the image field value is not set.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Important Note:\u003C\u002Fstrong> Default Image Addon for ACF is built on top of Advanced Custom Fields. This plugin requires ACF plugin to function. Make sure you have ACF installed and activated.\u003C\u002Fp>\n\u003Cp>Here’s a link to the documentation for the plugin. This will help you learn more about its features and how to use it.\u003Cbr \u002F>\n\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwp-plugins.galaxyweblinks.com\u002Fwp-plugins\u002Fdefault-image-addon-for-acf\u002Fdoc\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fstrong>\u003Cbr \u002F>\nFor any feedback or queries regarding this plugin, please contact our \u003Ca href=\"https:\u002F\u002Fwp-plugins.galaxyweblinks.com\u002Fcontact\u002F\" rel=\"nofollow ugc\">Support team\u003C\u002Fa>.\u003C\u002Fp>\n","This plugin provides the feature to add an option for the default image in the field type image.",3848,"2025-04-25T12:09:00.000Z","6.8.5","4.9","7.4",[130,131,132,133,134],"acf-default-image","acf-field-type-image","acf-image-field","default-image","default-image-addon-for-acf","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Facf-default-image-addon","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Facf-default-image-addon.1.5.zip",{"attackSurface":138,"codeSignals":178,"taintFlows":237,"riskAssessment":336,"analyzedAt":349},{"hooks":139,"ajaxHandlers":174,"restRoutes":175,"shortcodes":176,"cronEvents":177,"entryPointCount":13,"unprotectedCount":13},[140,146,150,152,155,159,162,165,170],{"type":141,"name":142,"callback":143,"file":144,"line":145},"action","admin_menu","menuadm","auto-image-field.php",28,{"type":141,"name":147,"callback":148,"file":144,"line":149},"save_post","sv",29,{"type":141,"name":151,"callback":148,"file":144,"line":34},"publish_post",{"type":141,"name":153,"callback":148,"file":144,"line":154},"private_to_published",31,{"type":141,"name":156,"callback":157,"file":144,"line":158},"submitpost_box","field_hook",32,{"type":141,"name":160,"callback":160,"file":144,"line":161},"media_upload_andimage",33,{"type":141,"name":163,"callback":163,"file":144,"line":164},"media_upload_andlibrary",34,{"type":166,"name":167,"callback":168,"file":144,"line":169},"filter","media_upload_tabs","and_media_upload_tabs",55,{"type":141,"name":171,"callback":172,"file":144,"line":173},"admin_head","jstodo",208,[],[],[],[],{"dangerousFunctions":179,"sqlUsage":180,"outputEscaping":183,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":236},[],{"prepared":181,"raw":13,"locations":182},27,[],{"escaped":184,"rawEcho":181,"locations":185},12,[186,189,191,193,194,195,197,199,201,203,204,206,207,209,211,213,215,217,219,221,223,225,227,229,231,233,235],{"file":144,"line":187,"context":188},69,"raw output",{"file":144,"line":190,"context":188},108,{"file":144,"line":192,"context":188},187,{"file":144,"line":192,"context":188},{"file":144,"line":192,"context":188},{"file":144,"line":196,"context":188},189,{"file":144,"line":198,"context":188},193,{"file":144,"line":200,"context":188},196,{"file":144,"line":202,"context":188},199,{"file":144,"line":202,"context":188},{"file":144,"line":205,"context":188},273,{"file":144,"line":205,"context":188},{"file":144,"line":208,"context":188},337,{"file":144,"line":210,"context":188},371,{"file":144,"line":212,"context":188},372,{"file":144,"line":214,"context":188},373,{"file":144,"line":216,"context":188},374,{"file":144,"line":218,"context":188},375,{"file":144,"line":220,"context":188},376,{"file":144,"line":222,"context":188},402,{"file":144,"line":224,"context":188},404,{"file":144,"line":226,"context":188},405,{"file":144,"line":228,"context":188},410,{"file":144,"line":230,"context":188},417,{"file":144,"line":232,"context":188},423,{"file":144,"line":234,"context":188},430,{"file":144,"line":234,"context":188},[],[238,261,275,301],{"entryPoint":239,"graph":240,"unsanitizedCount":86,"severity":260},"andmedia_insert_handler (auto-image-field.php:71)",{"nodes":241,"edges":256},[242,247,251],{"id":243,"type":244,"label":245,"file":144,"line":246},"n0","source","$_GET",76,{"id":248,"type":249,"label":250,"file":144,"line":246},"n1","transform","→ jstododos()",{"id":252,"type":253,"label":254,"file":144,"line":205,"wp_function":255},"n2","sink","echo() [XSS]","echo",[257,259],{"from":243,"to":248,"sanitized":258},false,{"from":248,"to":252,"sanitized":258},"medium",{"entryPoint":262,"graph":263,"unsanitizedCount":86,"severity":274},"sv (auto-image-field.php:210)",{"nodes":264,"edges":272},[265,268],{"id":243,"type":244,"label":266,"file":144,"line":267},"$_REQUEST",230,{"id":248,"type":253,"label":269,"file":144,"line":270,"wp_function":271},"query() [SQLi]",246,"query",[273],{"from":243,"to":248,"sanitized":258},"high",{"entryPoint":276,"graph":277,"unsanitizedCount":300,"severity":274},"option (auto-image-field.php:278)",{"nodes":278,"edges":296},[279,282,286,288,291,294],{"id":243,"type":244,"label":280,"file":144,"line":281},"$_POST",282,{"id":248,"type":253,"label":283,"file":144,"line":284,"wp_function":285},"get_results() [SQLi]",292,"get_results",{"id":252,"type":244,"label":287,"file":144,"line":281},"$_POST (x2)",{"id":289,"type":253,"label":269,"file":144,"line":290,"wp_function":271},"n3",298,{"id":292,"type":244,"label":280,"file":144,"line":293},"n4",391,{"id":295,"type":253,"label":254,"file":144,"line":226,"wp_function":255},"n5",[297,298,299],{"from":243,"to":248,"sanitized":258},{"from":252,"to":289,"sanitized":258},{"from":292,"to":295,"sanitized":258},4,{"entryPoint":302,"graph":303,"unsanitizedCount":335,"severity":274},"\u003Cauto-image-field> (auto-image-field.php:0)",{"nodes":304,"edges":327},[305,307,308,310,311,312,313,315,317,319,321,323,325],{"id":243,"type":244,"label":245,"file":144,"line":306},61,{"id":248,"type":253,"label":269,"file":144,"line":270,"wp_function":271},{"id":252,"type":244,"label":245,"file":144,"line":309},72,{"id":289,"type":253,"label":254,"file":144,"line":205,"wp_function":255},{"id":292,"type":244,"label":280,"file":144,"line":281},{"id":295,"type":253,"label":283,"file":144,"line":284,"wp_function":285},{"id":314,"type":244,"label":287,"file":144,"line":281},"n6",{"id":316,"type":253,"label":269,"file":144,"line":290,"wp_function":271},"n7",{"id":318,"type":244,"label":280,"file":144,"line":293},"n8",{"id":320,"type":253,"label":254,"file":144,"line":226,"wp_function":255},"n9",{"id":322,"type":244,"label":245,"file":144,"line":246},"n10",{"id":324,"type":249,"label":250,"file":144,"line":246},"n11",{"id":326,"type":253,"label":254,"file":144,"line":205,"wp_function":255},"n12",[328,329,330,331,332,333,334],{"from":243,"to":248,"sanitized":258},{"from":252,"to":289,"sanitized":258},{"from":292,"to":295,"sanitized":258},{"from":314,"to":316,"sanitized":258},{"from":318,"to":320,"sanitized":258},{"from":322,"to":324,"sanitized":258},{"from":324,"to":326,"sanitized":258},7,{"summary":337,"deductions":338},"The \"auto-image-field\" v2.0 plugin exhibits a mixed security posture.  On the positive side, the plugin utilizes prepared statements for all SQL queries and avoids file operations and external HTTP requests, which are common vectors for vulnerabilities.  Furthermore, there is no recorded vulnerability history, suggesting a good track record for past versions.  However, the static analysis reveals significant concerns.  A substantial portion of output (69%) is not properly escaped, posing a risk of cross-site scripting (XSS) vulnerabilities if user-supplied data is reflected in the output without sanitization.  The taint analysis highlights three high-severity flows with unsanitized paths, which, despite the absence of direct code execution indicators, could still lead to unintended behavior or data exposure if these paths are reachable by attackers.  The complete absence of nonce and capability checks across all identified entry points (though the entry point count is zero) is also a notable weakness, as it implies that even if new entry points were added or discovered, they might not be adequately protected against common web attacks.",[339,341,344,347],{"reason":340,"points":184},"High severity unsanitized taint flows",{"reason":342,"points":343},"Insufficient output escaping",8,{"reason":345,"points":346},"No nonce checks",5,{"reason":348,"points":346},"No capability checks","2026-04-16T12:38:02.780Z",{"wat":351,"direct":358},{"assetPaths":352,"generatorPatterns":354,"scriptPaths":355,"versionParams":357},[353],"\u002Fwp-content\u002Fplugins\u002Fauto-image-field\u002Fimages\u002Fmedia-button-image.gif",[],[356],"\u002Fwp-content\u002Fplugins\u002Fauto-image-field\u002Fcustom-header.js.php",[],{"cssClasses":359,"htmlComments":360,"htmlAttributes":361,"restEndpoints":365,"jsGlobals":366,"shortcodeOutput":368},[],[],[362,363,364],"data-update-link","data-choose","data-update",[],[367],"wp.media",[],{"error":370,"url":371,"statusCode":224,"statusMessage":372,"message":372},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fauto-image-field\u002Fbundle","no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":13,"versions":374},[]]