[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fGUO3F8G2zKgepgtOVpQ5dU5MHD3_GoS8nZDmAYCG3hM":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":38,"analysis":138,"fingerprints":302},"autothumb","AutoThumb","0.6.1","maff","https:\u002F\u002Fprofiles.wordpress.org\u002Fmaff\u002F","\u003Cp>The plugin is actually just a port of a plugin\u002Fsnippet I wrote for \u003Ca href=\"http:\u002F\u002Fwww.modxcms.com\" rel=\"nofollow ugc\">MODx\u003C\u002Fa> a while ago (\u003Ca href=\"http:\u002F\u002Fmodxcms.com\u002FphpThumb-Package-1522.html\" rel=\"nofollow ugc\">see here\u003C\u002Fa>). It scans your content’s source code for \u003Cimg> tags with width and height attributes and passes them to \u003Ca href=\"http:\u002F\u002Fphpthumb.sourceforge.net\u002F\" rel=\"nofollow ugc\">phpThumb\u003C\u002Fa>, a great PHP image editing library, which handles the resizing and editing of the image. Additionally, by passing parameters to phpThumb using a query string, it’s possible to edit the image in several ways (take a look at \u003Ca href=\"http:\u002F\u002Fphpthumb.sourceforge.net\u002Fdemo\u002Fdemo\u002FphpThumb.demo.demo.php\" rel=\"nofollow ugc\">phpThumb’s demos\u003C\u002Fa>).\u003C\u002Fp>\n\u003Cp>The simplest way to get resized images is to specify width\u002Fheight attibutes in your HTML. AutoThumb will use the given values and remove the attributes from your page’s output. When you take a look at the URLs of the example images found on the plugin home page, you will see that the \u003Cimg>-tag’s src-attribute points to a file called image.php in the plugin’s directory. This file takes the image source and several other parameters and passes them to phpThumb, which will generate and output the final image (of course images will be cached).\u003C\u002Fp>\n\u003Cp>To prevent evil people playing with the query string and letting your server generate tons of different images, the plugin generates a hash which is a combination of the query string and a secret password you set in phpThumb’s config file. So every call with different parameters (even the same image with different sizes) has another unique hash and it’s not possible to generate new images without knowing the secret password.\u003C\u002Fp>\n\u003Cp>See the \u003Ca href=\"http:\u002F\u002Failoo.net\u002Fprojects\u002Fautothumb\u002F\" rel=\"nofollow ugc\">plugin page\u003C\u002Fa> for more details on the plugin.\u003C\u002Fp>\n\u003Cp>All development is done on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fmaff\u002Fwp-autothumb\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>. If you have ideas, enhancements, etc. feel free to fork the project and send a pull request.\u003C\u002Fp>\n\u003Cp>For any issues please use the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fmaff\u002Fwp-autothumb\u002Fissues\" rel=\"nofollow ugc\">Issue Tracker\u003C\u002Fa>.\u003C\u002Fp>\n","The plugin is actually just a port of a plugin\u002Fsnippet I wrote for MODx a while ago (see here). It scans your content's source code for \u003Cimg&g &hellip;",80,14526,100,1,"2012-02-06T18:30:00.000Z","3.3.2","2.7","",[20,21,22,23,24],"images","library","phpthumb","resize","thumbnails","http:\u002F\u002Failoo.net\u002Fprojects\u002Fautothumb\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fautothumb.0.6.1.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":27,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},8,740,30,84,"2026-04-04T11:23:26.003Z",[39,60,78,97,113],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":47,"downloaded":48,"rating":49,"num_ratings":50,"last_updated":51,"tested_up_to":52,"requires_at_least":53,"requires_php":54,"tags":55,"homepage":58,"download_link":59,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"crop-thumbnails","Crop-Thumbnails","1.9.7","Volkmar Kantor","https:\u002F\u002Fprofiles.wordpress.org\u002Fvolkmar-kantor\u002F","\u003Cp>The plugin provides the functionality to adjust the crop region of cropped images. It add buttons to the edit-pages and media-dialog to access a crop-editor.\u003Cbr \u002F>\nIn the crop-editor you can choose one or more (if they have the same ratio) imagesizes and cut-off the part of the image you want.\u003C\u002Fp>\n\u003Cp>The plugin is especially useful for theme developers who want to keep full control over cropped image sizes. If you want to dive even deeper, you can get informations about the hooks and filters on the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fvollyimnetz\u002Fcrop-thumbnails\" rel=\"nofollow ugc\">github page of the plugin\u003C\u002Fa>.\u003C\u002Fp>\n","\"Crop Thumbnails\" made it easy to get exacly that specific image-detail you want to show in your featured image or gallery image.",40000,836379,92,67,"2025-12-03T10:59:00.000Z","6.8.5","5.0","7.4.0",[20,56,57],"media-library","post-thumbnails","https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fcrop-thumbnails\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcrop-thumbnails.1.9.7.zip",{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":68,"downloaded":69,"rating":28,"num_ratings":28,"last_updated":70,"tested_up_to":71,"requires_at_least":72,"requires_php":73,"tags":74,"homepage":18,"download_link":77,"security_score":49,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"webp-transformer","Webp Transformer","1.0.2","Informatiza","https:\u002F\u002Fprofiles.wordpress.org\u002Finformatiza\u002F","\u003Cp>Automatically convert all images (png and jpg) sent to the WordPress library to webp.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>ATTENTION\u003C\u002Fstrong>: The original images are not kept, when sending an image it will be as if you had sent a webp from the beginning.\u003C\u002Fp>\n\u003Cp>Features include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Set conversion quality.\u003C\u002Fli>\n\u003Cli>Set the maximum width\u002Fheight of images. If an image exceeds the defined value in height or width, the image will be resized to the defined maximum.\u003C\u002Fli>\n\u003Cli>Ignore images that have a certain name in the file name\u003C\u002Fli>\n\u003C\u002Ful>\n","Convert images from library to webp and resize them during upload",200,2829,"2024-11-11T11:40:00.000Z","6.6.5","6.0","7.4",[75,20,21,23,76],"converter","webp","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwebp-transformer.1.0.2.zip",{"slug":79,"name":80,"version":81,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":13,"downloaded":86,"rating":87,"num_ratings":88,"last_updated":89,"tested_up_to":90,"requires_at_least":91,"requires_php":18,"tags":92,"homepage":95,"download_link":96,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"delete-thumbnails","Delete Thumbnails","2.2","David Sword","https:\u002F\u002Fprofiles.wordpress.org\u002Fdavidsword\u002F","\u003Ch4>Delete thumbnails & resized images from your Media Library\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Delete some or all of WordPress’s resized images (thumbnails, medium, and large, plus extra ones Plugins\u002FThemes make secretly)\u003C\u002Fli>\n\u003Cli>This can clear thousands of unwanted files from your uploads directory \u003C\u002Fli>\n\u003Cli>Useful if you’ve had lots of different theme\u002Fplugins over the years, and inadvertently accumulated a vast number of resized images that are no longer used by your site\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Take careful note\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Deleting is permanent\u003C\u002Fli>\n\u003Cli>You can use \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fregenerate-thumbnails\u002F\" rel=\"ugc\">this plugin\u003C\u002Fa> to regenerate your Media Library after (as WordPress will need the default sizes)\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Please Note\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>🍺 This is a \u003Cstrong>recently revived and re-written plugin\u003C\u002Fstrong>, the bad reviews were correct for the old versions, but not current version. If you experience any issues, please open a support request, I’m happy to help fix any issues and help plugin grow.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Road Map\u003C\u002Fh3>\n\u003Ch4>The current todo list\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>[ ] Add css animation\u002Fcolor to nag inputs when clicking disabled button\u003C\u002Fli>\n\u003Cli>[ ] Add \u003Ccode>count($this->library)\u003C\u002Fcode> result as ‘exempt’ in main info banner to assure Media Library items are safe\u003C\u002Fli>\n\u003Cli>[ ] Add size range filters (ie: delete resized that are within x – y restraints)\u003C\u002Fli>\n\u003Cli>[ ] Make \u003Ccode>View\u003C\u002Fcode> link work off of a Lightbox instead of a new browser tab\u003C\u002Fli>\n\u003Cli>[ ] Please add any additional requests into the Support tab.\u003C\u002Fli>\n\u003C\u002Ful>\n","Find and delete thumbnails & resized images from your Media Library",8415,78,15,"2017-07-06T21:25:00.000Z","4.8.28","4.0",[93,20,21,94,24],"delete","media","https:\u002F\u002Fdavidsword.ca\u002Fwordpress-plugins\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdelete-thumbnails.2.2.zip",{"slug":98,"name":99,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":105,"downloaded":106,"rating":28,"num_ratings":28,"last_updated":107,"tested_up_to":108,"requires_at_least":109,"requires_php":18,"tags":110,"homepage":111,"download_link":112,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"thumbnail-updater","Thumbnail Updater","1.0","Jess","https:\u002F\u002Fprofiles.wordpress.org\u002Fardathksheyna\u002F","\u003Cp>Thumbnail Updater does exactly what it’s name implies: it updates thumbnails. WordPress 2.9 introduced support for\u003Cbr \u002F>\npost thumbnails but one problem is that the support is not backwards compatible—meaning that if you downloaded or created\u003Cbr \u002F>\na theme that supports post thumbnails, any images uploaded prior to the activation of that theme will not have the new thumbnail size.\u003C\u002Fp>\n","A plugin for updating your thumbnails whenever a new thumbnail size is added with add_image_size()",10,3225,"2010-09-03T00:24:00.000Z","3.0.5","3.0",[20,56,57],"http:\u002F\u002Fwww.dumpster-fairy.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fthumbnail-updater.zip",{"slug":114,"name":115,"version":116,"author":117,"author_profile":118,"description":119,"short_description":120,"active_installs":121,"downloaded":122,"rating":123,"num_ratings":124,"last_updated":125,"tested_up_to":126,"requires_at_least":127,"requires_php":73,"tags":128,"homepage":133,"download_link":134,"security_score":135,"vuln_count":136,"unpatched_count":28,"last_vuln_date":137,"fetched_at":30},"shortpixel-image-optimiser","ShortPixel Image Optimizer – Optimize Images, Convert WebP & AVIF","6.4.3","ShortPixel","https:\u002F\u002Fprofiles.wordpress.org\u002Fshortpixel\u002F","\u003Ch3>🚀 The Ultimate Image Optimization Plugin for WordPress\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>⚡ Boost your site’s speed instantly! Optimize images and PDFs with one click, bulk compress to WebP and AVIF, use lazy loading, and resize images.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Increase your website’s SEO ranking, number of visitors, and ultimately your sales by optimising any image or PDF document on your website.\u003C\u002Fp>\n\u003Cp>The \u003Ca href=\"https:\u002F\u002Fshortpixel.com\" rel=\"nofollow ugc\">ShortPixel\u003C\u002Fa> plugin is a lightweight, user-friendly, install-and-forget solution for image optimization.\u003Cbr \u002F>\nIt is designed to work with any website type, whether it’s a small blog or a large WooCommerce-powered online store with tens of thousands of products.\u003Cbr \u002F>\nAdditionally, it’s an excellent choice for agencies, offering unlimited image optimization credits for a flat monthly fee.\u003C\u002Fp>\n\u003Ch4>🎬 Ready for a Quick DEMO of our Top Image Optimization Tool?\u003C\u002Fh4>\n\u003Cp>Test our plugin \u003Ca href=\"https:\u002F\u002Fdemo.tastewp.com\u002Fshortpixel-image-optimiser\" rel=\"nofollow ugc\">here\u003C\u002Fa>.\u003Cbr \u002F>\nMake an instant \u003Ca href=\"https:\u002F\u002Fshortpixel.com\u002Fimage-compression-test\" rel=\"nofollow ugc\">image compression test\u003C\u002Fa> of your site or \u003Ca href=\"https:\u002F\u002Fshortpixel.com\u002Fonline-image-compression\" rel=\"nofollow ugc\">compress some images\u003C\u002Fa> to test our optimization algorithms.\u003C\u002Fp>\n\u003Ch3>💡 Why is ShortPixel the best choice for image optimization or PDF compression?\u003C\u002Fh3>\n\u003Ch3>🆕 New! Brand new AI features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>AI Image Upscale (2x, 3x, 4x) – Upscale smaller images with high-quality AI upscaling, perfect for retina displays and crisp visuals.\u003C\u002Fli>\n\u003Cli>AI Background Removal – Instantly remove background from your images with one click, ideal for creating clean product photos. After the background is removed, your image can have a transparent background or be filled with a single solid color.\u003C\u002Fli>\n\u003Cli>AI Image Titles – In addition to ALT text, captions, and descriptions, you can now generate smart image titles using AI for better SEO.\u003C\u002Fli>\n\u003Cli>Bulk Remove AI Data – Easily clear all AI-generated image SEO data in one go.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🆕 New! Freshly added AI Image SEO features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>AI-powered image SEO – Automatically generate ALT text, captions, and image descriptions for all your images.\u003C\u002Fli>\n\u003Cli>Bulk mode – Mass-generate and update details for all your images.\u003C\u002Fli>\n\u003Cli>Preview mode – Test and fine-tune AI results before applying new ALT texts and descriptions in bulk.\u003C\u002Fli>\n\u003Cli>Multilingual – Support for 100+ languages.\u003C\u002Fli>\n\u003Cli>WooCommerce – Seamless support for WooCommerce product images.\u003C\u002Fli>\n\u003Cli>Unlimited credits – AI-generate image titles, captions, and more with our Unlimited plan.\u003C\u002Fli>\n\u003Cli>Accessibility – Improve website accessibility by generating all the necessary metadata for each image.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Freshly added features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Compress WebP images – ShortPixel now also \u003Ca href=\"https:\u002F\u002Fshortpixel.com\u002Fblog\u002Fintroducing-smartcompress\u002F\" rel=\"nofollow ugc\">smartly compresses\u003C\u002Fa> all your existing WebP images.\u003C\u002Fli>\n\u003Cli>Added support for serving CSS, JS and fonts from our global CDN.\u003C\u002Fli>\n\u003Cli>Save & Restore option for all settings – ideal for agencies and users managing multiple websites.\u003C\u002Fli>\n\u003Cli>Decide whether AI bots can use your images for machine learning (ML) training, or \u003Ca href=\"https:\u002F\u002Fshortpixel.com\u002Fblog\u002Fprevent-ai-data-mining-on-images\u002F\" rel=\"nofollow ugc\">block them entirely\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>You can now exclude images from optimization based on their upload date, perfect for skipping older or already optimized media.\u003C\u002Fli>\n\u003Cli>Filter and select images in bulk using date-based criteria, giving you precise control over what gets optimized and when.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🌍 Faster Websites for Global Audiences\u003C\u002Fh3>\n\u003Cp>The ShortPixel plugin now includes a built-in global Content Delivery Network (CDN). This powerful feature ensures that ShortPixel-optimized WebP and AVIF images, as well as your website’s CSS and JavaScript files, are delivered quickly and efficiently to any location worldwide, minimizing delays and improving load times.\u003C\u002Fp>\n\u003Cp>By leveraging this built-in solution, you enhance the user experience, reduce server strain, boost SEO performance, and simplify website management — all with minimal effort.\u003C\u002Fp>\n\u003Ch3>📸 Resize and Compress Images Without Losing Quality\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Popular plugin with over 300,000 active installations – according to WordPress\u003C\u002Fli>\n\u003Cli>Compress JPG (and its variations: JPEG, JPEG 2000, JPEG XR), PNG, GIF (still or animated) images, and also PDF documents.\u003C\u002Fli>\n\u003Cli>Option to automatically convert PNG to JPG if that results in smaller images (ideal for large PNG pictures).\u003C\u002Fli>\n\u003Cli>CMYK to RGB conversion.\u003C\u002Fli>\n\u003Cli>Progressive JPEG is used whenever it leads to a smaller image.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🌟 Lossy and Lossless image compression\u003C\u002Fh3>\n\u003Cp>Both \u003Cstrong>Lossy and Lossless image compression\u003C\u002Fstrong> are available for the most common image types (JPG, PNG, GIF, WebP, and AVIF) plus PDF files.\u003Cbr \u002F>\nWe also offer \u003Cstrong>Glossy\u003C\u002Fstrong> JPEG compression which is a very high-quality lossy optimization algorithm. Especially designed for photographers or for high-quality product pictures.\u003Cbr \u002F>\nOptimized images lead to a better user experience, improved PageSpeed Insights or GTmetrix results, higher Google PageRank, and more visitors.\u003C\u002Fp>\n\u003Ch3>🔄 Convert WebP and AVIF Formats\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Option to automatically convert JPEG, PNG, or GIF to WebP and AVIF for better performance and improved Google ranking.\u003C\u002Fli>\n\u003Cli>Automatically optimize your existing WebP files with ShortPixel’s SmartCompress algorithm.\u003C\u002Fli>\n\u003Cli>Animated GIFs can be automatically converted to much smaller animated WebP or AVIF files.\u003C\u002Fli>\n\u003Cli>Option to include next-gen images (WebP and AVIF) in front-end pages with a single click using the  tag.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>📦 Bulk Image Optimization and Background Image Processing\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>New! With ‘Background mode,’ images can now be optimized without needing to keep a browser tab open.\u003C\u002Fli>\n\u003Cli>Easily add recurring cron jobs for background optimization, ideal for sites where users upload images via the front end.\u003C\u002Fli>\n\u003Cli>Bulk-optimize all images in the Media Library or any gallery with a single click.\u003C\u002Fli>\n\u003Cli>Full WP-CLI support for background processing, especially useful for large Media Libraries.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🔥 Performance and Automatic Image Optimization\u003C\u002Fh3>\n\u003Cp>ShortPixel uses minimal resources and works well with any shared, cloud, VPS, or dedicated web hosting. It can optimize any image on your website, including those not listed in the Media Library, such as images in galleries or those added directly via FTP.\u003Cbr \u002F>\nAll optimization is performed using ShortPixel’s Image Optimization Cloud, so your hosting resources remain unaffected.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>New! Automatic scan of Custom media folders for new images using cron jobs.\u003C\u002Fli>\n\u003Cli>Skip already optimized images to avoid redundant processing.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🎨 Compatibility with Popular Themes, Page Builders, and Media Library Plugins\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Works great for eCommerce websites using WooCommerce and other plugins.\u003C\u002Fli>\n\u003Cli>Compatible with NextGEN Gallery, Modula, Foo Gallery, and other galleries or sliders.\u003C\u002Fli>\n\u003Cli>Fully compatible with WP Retina 2x, including automatic compression of retina images.\u003C\u002Fli>\n\u003Cli>Works seamlessly with WordPress multisite installs (sub-folders or sub-domains) using a single API key.\u003C\u002Fli>\n\u003Cli>Compatible with WPML and WPML Media plugins.\u003C\u002Fli>\n\u003Cli>Fully compatible with WP Offload Media plugin.\u003C\u002Fli>\n\u003Cli>Supports both HTTPS and HTTP websites.\u003C\u002Fli>\n\u003Cli>Compatible with virtually all hosting providers.\u003C\u002Fli>\n\u003Cli>Integrates with Gravity Forms’ post_image field type to optimize images upon upload.\u003C\u002Fli>\n\u003Cli>Works with watermarking plugins.\u003C\u002Fli>\n\u003Cli>Integrates directly with Cloudflare via a Cloudflare Token, automatically synchronizing updates with Cloudflare cache.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>New! HEIC file support\u003C\u002Fstrong>\u003Cbr \u002F>\nWith ShortPixel, you can now add images in Apple’s HEIC format directly from your iPhone. They will be automatically converted to JPG and optimized according to your settings. Easy!\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fshortpixel.com\u002Fknowledge-base\u002Farticle\u002Fheic-apple-images-support-in-shortpixel-image-optimizer\u002F\" rel=\"nofollow ugc\">Read more\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🔧 Advanced Image Optimization Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>NEW Smart Cropping: Generate \u003Ca href=\"https:\u002F\u002Fshortpixel.com\u002Fknowledge-base\u002Farticle\u002Fwhat-is-smart-cropping\u002F\" rel=\"nofollow ugc\">subject-centered\u003C\u002Fa> thumbnails using AI, ideal for eCommerce websites.\u003C\u002Fli>\n\u003Cli>Optimize thumbnails and featured images, with options to exclude individual thumbnails from optimization.\u003C\u002Fli>\n\u003Cli>Advanced exclusion options (exclude images based on filename, path, size, or complex regex).\u003C\u002Fli>\n\u003Cli>Ability to optimize any image, including those in NextGEN Gallery and other image galleries or sliders.\u003C\u002Fli>\n\u003Cli>Option to scale images down, with two automatic resizing options for large images (applicable to featured images).\u003C\u002Fli>\n\u003Cli>Option to deactivate auto-optimization of images on upload.\u003C\u002Fli>\n\u003Cli>Keep or remove EXIF data from images, which is especially useful for photographers or for enhanced privacy.\u003C\u002Fli>\n\u003Cli>Easily test lossy, glossy, or lossless versions of images with a single click in the Media Library.\u003C\u002Fli>\n\u003Cli>100MB filesize limit\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🛡️ Backup and Safety\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Safe to test and use: original images are backed up locally and can be restored with a single click (either individually or in bulk).\u003C\u002Fli>\n\u003Cli>No credits are used for images optimized by less than 5%\u003C\u002Fli>\n\u003Cli>Save & Restore option for all settings – ideal for agencies and users managing multiple websites.\u003C\u002Fli>\n\u003Cli>Decide whether AI bots can use your images for machine learning (ML) training, or block them entirely\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>📊 Reporting, Analytics, Compliance and Customer Support\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>30-day optimization report with detailed image statistics and overall site performance improvements.\u003C\u002Fli>\n\u003Cli>24\u002F7 stellar support.\u003C\u002Fli>\n\u003Cli>We are fully GDPR compliant.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>🚀 \u003Ca href=\"https:\u002F\u002Fshortpixel.com\u002Fpricing\" rel=\"nofollow ugc\">New Plan: ShortPixel Unlimited\u003C\u002Fa>\u003C\u002Fstrong>\u003Cbr \u002F>\nThis is the ideal monthly plan for web agencies or website owners with multiple sites and frequent image uploads.\u003Cbr \u002F>\nIt allows you to optimize an unlimited number of images with ShortPixel Image Optimizer or use \u003Ca href=\"\u002F\u002Fwordpress.org\u002Fplugins\u002Fshortpixel-adaptive-images\u002F”\" rel=\"nofollow ugc\">ShortPixel Adaptive Images\u003C\u002Fa> without worrying about CDN traffic limits.\u003Cbr \u002F>\nRead more details on our \u003Ca href=\"https:\u002F\u002Fshortpixel.com\u002Fknowledge-base\u002Farticle\u002Fhow-does-the-unlimited-plan-work\u002F\" rel=\"nofollow ugc\">dedicated page\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>free optimization credits for non-profits\u003C\u002Fstrong>, \u003Ca href=\"https:\u002F\u002Fshortpixel.com\u002Fcontact\" rel=\"nofollow ugc\">contact us\u003C\u002Fa> for details\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>💸 How much does it cost?\u003C\u002Fstrong>\u003Cbr \u002F>\nShortPixel comes with 100 free credits per month, and additional unlimited monthly credits can be purchased for $9.99.\u003Cbr \u002F>\nOne-time credit packages that never expire are available starting at $19.99.\u003Cbr \u002F>\nCheck out \u003Ca href=\"https:\u002F\u002Fshortpixel.com\u002Fpricing\" rel=\"nofollow ugc\">our prices\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>\u003Cstrong>🌟 Testimonials:\u003C\u002Fstrong>\u003Cbr \u002F>\n  ★★★★★ \u003Cstrong>A Super Plugin works very well 62% reduction overall.\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fa-super-plugin-works-very-well-62-reduction-overall\u002F\" rel=\"ugc\">robertvarns\u003C\u002Fa>\u003Cbr \u002F>\n  ★★★★★ \u003Cstrong>The secret sauce for a WordPress website.\u003C\u002Fstrong>  \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fthe-secret-sauce-for-a-wordpress-website\u002F\" rel=\"ugc\">mark1mark\u003C\u002Fa>\u003Cbr \u002F>\n  ★★★★★ \u003Cstrong>A must have plugin, great support!\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fa-must-have-plugin-great-support\u002F\" rel=\"ugc\">ElColo13\u003C\u002Fa>\u003Cbr \u002F>\n  ★★★★★ \u003Cstrong>Excellent Plugin! Even Better Customer Service!\u003C\u002Fstrong>  \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fgreat-plugin-great-support-508\u002F\" rel=\"ugc\">scaliendo\u003C\u002Fa>\u003Cbr \u002F>\n  ★★★★★ \u003Cstrong>Great image compression, solid plugin, equally great support.\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fsupport-shortpixel-image-optimiser\u002F\" rel=\"ugc\">matters1959\u003C\u002Fa>\u003Cbr \u002F>\n  \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fshortpixel-image-optimiser\u002Freviews\u002F?filter=5\" rel=\"ugc\">more testimonials\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FFVPWeNsJWss?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>Help us spread the word by recommending ShortPixel to your friends and collect \u003Cstrong>100 lifetime monthly additional image credits for each referred active user\u003C\u002Fstrong>. Make money by promoting a great plugin with our \u003Ca href=\"https:\u002F\u002Fshortpixel.com\u002Ffree-sign-up-affiliate\" rel=\"nofollow ugc\">30% commission affiliate program\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>🛠️ Other plugins by ShortPixel\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ffastpixel-website-accelerator\u002F\" rel=\"ugc\">FastPixel Caching\u003C\u002Fa> – WP Optimization made easy\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fshortpixel-adaptive-images\u002F\" rel=\"ugc\">ShortPixel Adaptive Images\u003C\u002Fa> – On-the-fly image optimization & CDN delivery\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fenable-media-replace\u002F\" rel=\"ugc\">Enable Media Replace\u003C\u002Fa> – Easily replace images or files in Media Library\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fregenerate-thumbnails-advanced\u002F\" rel=\"ugc\">reGenerate Thumbnails Advanced\u003C\u002Fa> – Easily regenerate thumbnails\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fresize-image-after-upload\u002F\" rel=\"ugc\">Resize Image After Upload\u003C\u002Fa> – Automatically resize each uploaded image\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-svg-images\u002F\" rel=\"ugc\">WP SVG Images\u003C\u002Fa> – Secure upload of SVG files to Media Library \u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fshortpixel-critical-css\u002F\" rel=\"ugc\">ShortPixel Critical CSS\u003C\u002Fa> – Automatically generate above-the-fold CSS for fatster loading times and better SEO scores\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>📩 Get in touch!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Email \u003Ca href=\"https:\u002F\u002Fshortpixel.com\u002Fcontact\" rel=\"nofollow ugc\">https:\u002F\u002Fshortpixel.com\u002Fcontact\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Twitter \u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Fshortpixel\" rel=\"nofollow ugc\">https:\u002F\u002Ftwitter.com\u002Fshortpixel\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Facebook \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002FShortPixel\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.facebook.com\u002FShortPixel\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>LinkedIn \u003Ca href=\"https:\u002F\u002Fwww.linkedin.com\u002Fcompany\u002Fshortpixel\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.linkedin.com\u002Fcompany\u002Fshortpixel\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Actions and Filters for Developers\u003C\u002Fh3>\n\u003Cp>The ShortPixel Image Optimizer plugin calls the following actions and filters:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>do_action( 'shortpixel_image_optimised', $post_id );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>upon successful optimization;\u003C\u002Fp>\n\u003Cpre>\u003Ccode>do_action(\"shortpixel_before_restore_image\", $post_id);\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>before restoring an image from backup;\u003C\u002Fp>\n\u003Cpre>\u003Ccode>do_action(\"shortpixel_after_restore_image\", $post_id);\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>after succesful restore;\u003C\u002Fp>\n\u003Cp>For version 4.22.10 and earlier:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>apply_filters(\"shortpixel_backup_folder\", $backup_folder, $main_file_path, $sizes);\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>just before returning the ShortPixel backup folder, usually \u002Fwp-content\u002Fuploads\u002FShortpixelBackups. The \u003Ccode>$sizes\u003C\u002Fcode> are the sizes array from metadata;\u003C\u002Fp>\n\u003Cp>For version 5.0.0 and later:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>$directory = apply_filters(\"shortpixel\u002Ffile\u002Fbackup_folder\", $directory, $file);\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>just before returning the ShortPixel backup folder, usually \u002Fwp-content\u002Fuploads\u002FShortpixelBackups).\u003C\u002Fp>\n\u003Cpre>\u003Ccode>apply_filters('shortpixel_image_exists', file_exists($path), $path, $post_id);\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>post ID is not always set, only if it’s an image from Media Library;\u003C\u002Fp>\n\u003Cpre>\u003Ccode>apply_filters('shortpixel_image_urls', $URLs, $post_id);\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>filters the URLs that will be sent to optimisation, \u003Ccode>$URLs\u003C\u002Fcode> is a plain array;\u003C\u002Fp>\n\u003Cp>\u003Cstrong>The filter below is deprecated starting with version 5.0.0!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>apply_filters('shortpixel\u002Fdb\u002Fchunk_size', $chunk);\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>the \u003Ccode>$chunk\u003C\u002Fcode> is the value ShortPixel chooses to use as the number of selected records in one query (based on total table size), some hosts work better with a different value;\u003C\u002Fp>\n\u003Cp>For version 4.22.10 and earlier:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>apply_filters('shortpixel\u002Fbackup\u002Fpaths', $PATHs, $mainPath);\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>filters the array of paths of the images sent for backup and can be used to exclude certain paths\u002Fimages\u002Fthumbs from being backed up, based on the image path. \u003Ccode>$mainPath\u003C\u002Fcode> is the path of the main image, while \u003Ccode>$PATHs\u003C\u002Fcode> is an array with all files to be backed up (including thumbnails);\u003C\u002Fp>\n\u003Cp>For version 5.0.0 and later:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>apply_filters('shortpixel\u002Fimage\u002Fskip_backup', false, $this->getFullPath(), $this->is_main_file)\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>filters the images that are skipped or not from the backup. Return true for the type of images to be skipped in the backup. If you check if \u003Ccode>is_main_file\u003C\u002Fcode> is true and return false (do not skip backup), while while otherwise returning true, the backup will be kept only for the main image. We suggest using it in conjuction with this action that fires right after the restore from backup is done:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>do_action('shortpixel\u002Fimage\u002Fafter_restore', $this, $this->id, $cleanRestore);\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>This action can be used to cleanup the meta data from the database, regenerate thumbnails after restoring the main file, writing the updated meta data, etc.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>apply_filters('shortpixel\u002Fsettings\u002Fimage_sizes', $sizes);\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>filters the array (\u003Ccode>$sizes\u003C\u002Fcode>) of image sizes that can be excluded from processing (displayed in the plugin Advanced settings);\u003C\u002Fp>\n\u003Cpre>\u003Ccode>apply_filters('shortpixel\u002Fimage\u002Fimageparamlist', $result, $this->id, $this);\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>filters the list of parameters sent to the API so that resizing can be performed more granularly;\u003C\u002Fp>\n\u003Cpre>\u003Ccode>apply_filters('shortpixel\u002Fapi\u002Frequest', $requestParameters, $item_id);\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>filters the parameters sent to the optimization API (through \u003Ccode>$requestParameters\u003C\u002Fcode>), described in detail here: \u003Ca href=\"https:\u002F\u002Fshortpixel.com\u002Fapi-docs\" rel=\"nofollow ugc\">ShortPixel Reducer API\u003C\u002Fa>; \u003Ccode>$item_id\u003C\u002Fcode> contains the ID of the Media Library item, or the ID of the Custom Media item (when used). In short, this filter can be used to alter any parameters sent to the API, depending on the needs. For example, you can set different resize parameters for different post types, different compression levels, remove EXIF or not, covert WebP\u002FAVIF, and basically any other parameter that is sent to the API for a specific image (together with all its thumbnails).\u003C\u002Fp>\n\u003Cp>This filter enables the background ShortPixel processing in additional pages (see \u003Ca href=\"https:\u002F\u002Fshortpixel.com\u002Fknowledge-base\u002Farticle\u002Fon-what-pages-does-spio-optimize-images\u002F\" rel=\"nofollow ugc\">here\u003C\u002Fa> the original list). Here’s an example of this filter that enables the processing on the Comments screen (to be placed in your functions.php file):\u003C\u002Fp>\n\u003Cpre>\u003Ccode>add_filter('shortpixel\u002Finit\u002Foptimize_on_screens', function ($screens) {\n    $screens[] = 'edit-comments';\n    return $screens;\n});\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>The \u003Ccode>edit-comments\u003C\u002Fcode> is the ID of the screen where you want to enable the processing.\u003C\u002Fp>\n\u003Cp>If you want to add multiple pages, here’s what the snippet looks like:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>add_filter('shortpixel\u002Finit\u002Foptimize_on_screens', function ($screens) {\n    $screens = array('edit-comments', 'plugins', 'another-custom-post-type-page');\n    return $screens;\n    });\n\n\nadd_filter('shortpixel\u002Fimage\u002Ffilecheck', function () { return true; });\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>This filter forces a file check for WebP\u002FAVIF in case they were manually removed from disk.\u003C\u002Fp>\n\u003Cp>If you want to disable the automatic cache flush that is triggered after image optimization, you can use this filter:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>add_filter( 'shortpixel\u002Fexternal\u002Fflush_cache', function() { return false; } );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>In order to define custom thumbnails to be picked up by the optimization you have two options, both comma separated defines:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define('SHORTPIXEL_CUSTOM_THUMB_SUFFIXES', '_tl,_tr');\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>will handle custom thumbnails like image-100x100_tl.jpg;\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define('SHORTPIXEL_CUSTOM_THUMB_INFIXES', '-uae');\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>will handle custom thumbnails like image-uae-100×100.jpg;\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define('SHORTPIXEL_USE_DOUBLE_WEBP_EXTENSION', true);\ndefine('SHORTPIXEL_USE_DOUBLE_AVIF_EXTENSION', true);\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>will tell the plugin to create double extensions for the WebP\u002FAVIF image counterparts, for example, image.jpg.webp\u002Fimage.jpg.avif for image.jpg;\u003C\u002Fp>\n\u003Cp>Enable the “Trusted mode” in case the file system has limitations and is very slow in responding to direct file operations by adding this constant:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define('SHORTPIXEL_TRUSTED_MODE', true);\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>This will simply skip file check operations and if the Media Library loads very slowly or freezes, you might want to try adding the constant above to your wp-config.php file.\u003C\u002Fp>\n\u003Cp>Disable the feedback survey when the plugin is deactivated:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define('SHORTPIXEL_SKIP_FEEDBACK', true);\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Hide the Cloudflare settings by defining these constants in wp-config.php:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define('SHORTPIXEL_CFTOKEN', 'the Cloudflare API token that has Purge Cache right');\ndefine('SHORTPIXEL_CFZONE', 'The Zone ID from the domain settings in Cloudflare');\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Add HTTP basic authentication credentials by defining these constants in wp-config.php\u003C\u002Fp>\n\u003Cpre>\u003Ccode>define('SHORTPIXEL_HTTP_AUTH_USER', 'user');\ndefine('SHORTPIXEL_HTTP_AUTH_PASSWORD', 'pass');\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Optimize images & PDFs smartly. Create and compress next-gen WebP and AVIF formats. Smart crop and resize.",300000,18526594,90,802,"2026-01-29T14:18:00.000Z","6.9.4","4.8.0",[129,130,131,132,23],"compress-images","convert-webp","image-optimization","optimize-images","https:\u002F\u002Fshortpixel.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fshortpixel-image-optimiser.6.4.3.zip",95,7,"2026-03-25 00:00:00",{"attackSurface":139,"codeSignals":169,"taintFlows":216,"riskAssessment":285,"analyzedAt":301},{"hooks":140,"ajaxHandlers":165,"restRoutes":166,"shortcodes":167,"cronEvents":168,"entryPointCount":28,"unprotectedCount":28},[141,147,150,152,156,161],{"type":142,"name":143,"callback":144,"file":145,"line":146},"action","admin_init","checkEnvironment","autothumb.php",98,{"type":142,"name":143,"callback":148,"file":145,"line":149},"registerSettings",99,{"type":142,"name":143,"callback":151,"file":145,"line":13},"generateRewriteRules",{"type":142,"name":153,"callback":154,"file":145,"line":155},"admin_menu","addOptionsPage",101,{"type":157,"name":158,"callback":159,"file":145,"line":160},"filter","the_content","processContent",106,{"type":142,"name":162,"callback":163,"file":145,"line":164},"admin_notices","anonymous",157,[],[],[],[],{"dangerousFunctions":170,"sqlUsage":180,"outputEscaping":182,"fileOperations":214,"externalRequests":14,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":215},[171,175],{"fn":172,"file":145,"line":173,"context":174},"create_function",158,"'admin_notices', create_function('', \"echo '\u003Cdiv class=\\\"{$type}\\\">\u003Cp>{$message}\u003C\u002Fp>\u003C\u002Fdiv>';\")",{"fn":176,"file":177,"line":178,"context":179},"exec","phpthumb\\phpthumb.gif.php",117,"exec('cjpeg '.$lpszFileName.'.bmp >'.$lpszFileName.' 2>\u002Fdev\u002Fnull');",{"prepared":28,"raw":28,"locations":181},[],{"escaped":183,"rawEcho":184,"locations":185},69,12,[186,190,192,195,198,200,202,204,206,208,210,212],{"file":187,"line":188,"context":189},"autothumb-options-panel.php",54,"raw output",{"file":187,"line":191,"context":189},82,{"file":193,"line":194,"context":189},"phpthumb\\phpthumb.bmp.php",764,{"file":196,"line":197,"context":189},"phpthumb\\phpthumb.class.php",576,{"file":196,"line":199,"context":189},610,{"file":196,"line":201,"context":189},632,{"file":196,"line":203,"context":189},3737,{"file":196,"line":205,"context":189},3739,{"file":196,"line":207,"context":189},3754,{"file":196,"line":209,"context":189},3758,{"file":196,"line":211,"context":189},3790,{"file":196,"line":213,"context":189},3806,61,[],[217,237,247],{"entryPoint":218,"graph":219,"unsanitizedCount":14,"severity":236},"SendSaveAsFileHeaderIfNeeded (phpthumb\\phpThumb.php:321)",{"nodes":220,"edges":233},[221,227],{"id":222,"type":223,"label":224,"file":225,"line":226},"n0","source","$_GET","phpthumb\\phpThumb.php",326,{"id":228,"type":229,"label":230,"file":225,"line":231,"wp_function":232},"n1","sink","header() [Header Injection]",329,"header",[234],{"from":222,"to":228,"sanitized":235},false,"medium",{"entryPoint":238,"graph":239,"unsanitizedCount":14,"severity":236},"RedirectToCachedFile (phpthumb\\phpThumb.php:419)",{"nodes":240,"edges":245},[241,244],{"id":222,"type":223,"label":242,"file":225,"line":243},"$_SERVER['SERVER_PROTOCOL']",457,{"id":228,"type":229,"label":230,"file":225,"line":243,"wp_function":232},[246],{"from":222,"to":228,"sanitized":235},{"entryPoint":248,"graph":249,"unsanitizedCount":284,"severity":236},"\u003CphpThumb> (phpthumb\\phpThumb.php:0)",{"nodes":250,"edges":277},[251,252,253,255,257,261,265,269,273,275],{"id":222,"type":223,"label":224,"file":225,"line":226},{"id":228,"type":229,"label":230,"file":225,"line":231,"wp_function":232},{"id":254,"type":223,"label":242,"file":225,"line":243},"n2",{"id":256,"type":229,"label":230,"file":225,"line":243,"wp_function":232},"n3",{"id":258,"type":223,"label":259,"file":225,"line":260},"n4","$_GET (x2)",142,{"id":262,"type":263,"label":264,"file":225,"line":260},"n5","transform","→ ErrorImage()",{"id":266,"type":229,"label":267,"file":196,"line":211,"wp_function":268},"n6","echo() [XSS]","echo",{"id":270,"type":223,"label":271,"file":225,"line":272},"n7","$_SERVER['PHP_SELF']",523,{"id":274,"type":263,"label":264,"file":225,"line":272},"n8",{"id":276,"type":229,"label":267,"file":196,"line":211,"wp_function":268},"n9",[278,279,280,281,282,283],{"from":222,"to":228,"sanitized":235},{"from":254,"to":256,"sanitized":235},{"from":258,"to":262,"sanitized":235},{"from":262,"to":266,"sanitized":235},{"from":270,"to":274,"sanitized":235},{"from":274,"to":276,"sanitized":235},5,{"summary":286,"deductions":287},"The 'autothumb' v0.6.1 plugin presents a mixed security posture.  On one hand, the absence of known vulnerabilities and a clean vulnerability history are positive indicators. The static analysis reveals no direct attack vectors through AJAX, REST API, shortcodes, or cron events, and importantly, all SQL queries utilize prepared statements, which is a strong security practice. Furthermore, the majority of output is properly escaped, mitigating risks of cross-site scripting (XSS) vulnerabilities.\n\nHowever, significant concerns arise from the presence of dangerous functions like `create_function` and `exec`. The `exec` function, in particular, can be a major security risk if used with user-supplied input, allowing for arbitrary command execution on the server. The taint analysis, while showing no critical or high severity flows, indicates that 100% of the analyzed flows involved unsanitized paths, which is a concerning pattern and suggests potential for vulnerabilities if these paths are ever exposed to user input or interaction.\n\nWhile the plugin currently has no known CVEs, the findings from the static analysis, especially the use of `exec` and unsanitized paths, suggest a latent risk. The complete lack of nonce and capability checks on any potential entry points, although the analysis found zero such points, signifies a potential weakness if the attack surface were to expand in future versions or if an overlooked entry point exists. The plugin's strengths lie in its clean history and secure SQL usage, but the identified code signals and taint flow patterns demand caution.",[288,290,292,294,296,298],{"reason":289,"points":88},"Dangerous function `exec` used",{"reason":291,"points":33},"Dangerous function `create_function` used",{"reason":293,"points":105},"All analyzed taint flows have unsanitized paths",{"reason":295,"points":284},"No nonce checks found",{"reason":297,"points":284},"No capability checks found",{"reason":299,"points":300},"Some output not properly escaped (15%)",4,"2026-03-16T21:24:51.285Z",{"wat":303,"direct":310},{"assetPaths":304,"generatorPatterns":306,"scriptPaths":307,"versionParams":308},[305],"\u002Fwp-content\u002Fplugins\u002Fautothumb\u002Fautothumb.php",[],[],[309],"autothumb\u002Fautothumb.php?ver=",{"cssClasses":311,"htmlComments":312,"htmlAttributes":313,"restEndpoints":314,"jsGlobals":315,"shortcodeOutput":316},[],[],[],[],[],[]]