[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fIgKuRCqqnyiMeig0VvslU6xrjDq4meEEx2x3PoaXk9c":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":37,"analysis":130,"fingerprints":569},"avif-express","Avif Express","2025.08.29","Pijush Gupta","https:\u002F\u002Fprofiles.wordpress.org\u002Fpijush_gupta\u002F","\u003Cp>On upload, images like jpg, png and WebP gets converted to avif format. Converted images get served on web pages.\u003C\u002Fp>\n\u003Ch4>Feature list\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Images get converted on upload.\u003C\u002Fli>\n\u003Cli>Bulk convert previously uploaded images.\u003C\u002Fli>\n\u003Cli>Schedule Bulk convert in the background. \u003C\u002Fli>\n\u003Cli>Bulk convert theme images.\u003C\u002Fli>\n\u003Cli>Local Conversion\u003C\u002Fli>\n\u003Cli>Cloud Conversion (Freemium)\u003C\u002Fli>\n\u003Cli>Serve Webpage with altered avif images.\u003C\u002Fli>\n\u003Cli>Fully CDN compatible.\u003C\u002Fli>\n\u003Cli>Backward compatibility – Browsers that don’t support Avif images will get Original images served on-the-fly.\u003C\u002Fli>\n\u003Cli>Native Language Support for German, Spanish, Russian, French, Hindi and Bengali.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Official documentation of Avif Express\u003C\u002Fh4>\n\u003Cp>For a more detailed description of options and features of Avif Express, please read the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FPijushgupta\u002Favif-express\" title=\"Avif Express official documentation\" rel=\"nofollow ugc\">official documentation\u003C\u002Fa>.\u003C\u002Fp>\n","Autogenerate avif image on image upload and serve autogenerated Avif images instead of jpeg\u002Fpng to browsers that supports Avif.",400,10647,76,9,"2025-10-05T14:18:00.000Z","6.8.5","6.0","7.3",[20,21,22],"avif","images","performance","https:\u002F\u002Fwww.aavoya.co\u002Favif-express","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Favif-express.2025.08.29.zip",100,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":11,"avg_security_score":33,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"pijush_gupta",3,90,30,87,"2026-04-04T20:58:19.175Z",[38,59,77,94,109],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":53,"tags":54,"homepage":57,"download_link":58,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"webp-uploads","Modern Image Formats","2.6.1","WordPress Performance Team","https:\u002F\u002Fprofiles.wordpress.org\u002Fperformanceteam\u002F","\u003Cp>This plugin adds WebP and AVIF support for media uploads within the WordPress application. By default, AVIF images will be generated if supported on the hosting server, otherwise WebP will be used as the output format. When both formats are available, the output format can be selected under \u003Ccode>Settings > Media\u003C\u002Fcode>. Modern images will be generated only for new uploads, pre-existing images will only converted to a modern format if images are regenerated. Images can be regenerated with a plugin like \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fregenerate-thumbnails\u002F\" rel=\"ugc\">Regenerate Thumbnails\u003C\u002Fa> or via WP-CLI with the \u003Ccode>wp media regenerate\u003C\u002Fcode> \u003Ca href=\"https:\u002F\u002Fdeveloper.wordpress.org\u002Fcli\u002Fcommands\u002Fmedia\u002Fregenerate\u002F\" rel=\"nofollow ugc\">command\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>By default, only modern image format sub-sizes will be generated for JPEG or PNG uploads – only the original uploaded file will still exist as a JPEG\u002FPNG image, generated image sizes will be WebP or AVIF files. To change this behavior, there is a checkbox in \u003Ccode>Settings > Media\u003C\u002Fcode> “Output fallback images” that – when checked – will result in the plugin generating both the original format as well as WebP or AVIF images for every sub-size (noting again that this will only affect newly uploaded images, i.e. after making said change).\u003C\u002Fp>\n\u003Cp>\u003Cem>This plugin was formerly known as WebP Uploads.\u003C\u002Fem>\u003C\u002Fp>\n","Converts images to more modern formats such as WebP or AVIF during upload.",100000,969903,64,22,"2026-01-09T00:12:00.000Z","6.9.4","6.6","7.2",[20,21,55,22,56],"modern-image-formats","webp","https:\u002F\u002Fgithub.com\u002FWordPress\u002Fperformance\u002Ftree\u002Ftrunk\u002Fplugins\u002Fwebp-uploads","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwebp-uploads.2.6.1.zip",{"slug":60,"name":61,"version":62,"author":63,"author_profile":64,"description":65,"short_description":66,"active_installs":67,"downloaded":68,"rating":26,"num_ratings":26,"last_updated":69,"tested_up_to":51,"requires_at_least":70,"requires_php":71,"tags":72,"homepage":75,"download_link":76,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"avif-local-support","AVIF Local Support","0.6.3","David Degner","https:\u002F\u002Fprofiles.wordpress.org\u002Fddegner\u002F","\u003Cp>Built by a \u003Ca href=\"https:\u002F\u002Fwww.daviddegner.com\" rel=\"nofollow ugc\">Boston photographer\u003C\u002Fa> for site owners who care about visual quality and full control. This plugin prioritizes \u003Cstrong>image quality\u003C\u002Fstrong> over everything else — no subscriptions, no external services.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Local Processing\u003C\u002Fstrong> — All conversion happens on your server. No subscriptions or external API calls. Works great on a shared CPU with 2GB RAM.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Quality First\u003C\u002Fstrong> — Uses LANCZOS resizing, preserves ICC color profiles, and keeps EXIF\u002FXMP\u002FIPTC metadata intact.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Fully Tunable\u003C\u002Fstrong> — Control quality (0–100), speed (0–10), chroma subsampling (4:2:0, 4:2:2, 4:4:4), and bit depth (8\u002F10\u002F12-bit).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Smart Fallback\u003C\u002Fstrong> — Serves AVIF to supported browsers, JPEG to everyone else via picture elements.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic Conversion\u003C\u002Fstrong> — Convert on upload or via daily scheduled background scans.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>LQIP Placeholders\u003C\u002Fstrong> — Generate ThumbHash-based low-quality image placeholders for smooth loading.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>How It Works\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Front end:\u003C\u002Fstrong> The plugin wraps your img tags in picture elements with an AVIF source. Browsers that support AVIF load the smaller, higher-quality file — others gracefully fall back to JPEG.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Conversion:\u003C\u002Fstrong> Uses ImageMagick CLI (fastest), Imagick PHP extension (high quality), or GD Library (fallback) to convert JPEGs to AVIF on upload or via background jobs.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>LQIP:\u003C\u002Fstrong> Generates compact (~30 byte) ThumbHash placeholders that display instantly while images load.\u003C\u002Fp>\n\u003Ch3>Server Setup\u003C\u002Fh3>\n\u003Cp>The plugin supports three conversion engines, in order of preference:\u003C\u002Fp>\n\u003Ch4>ImageMagick CLI (Fastest, Recommended)\u003C\u002Fh4>\n\u003Cp>Uses the ImageMagick command-line binary directly:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>System binary:\u003C\u002Fstrong> ImageMagick 7.x built with HEIF\u002FAVIF support (via libheif)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>No PHP extension required\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Benefits:\u003C\u002Fstrong> Fastest performance, LANCZOS resizing, full metadata preservation (EXIF, XMP, IPTC, ICC)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Typical paths:\u003C\u002Fstrong> \u003Ccode>\u002Fusr\u002Fbin\u002Fmagick\u003C\u002Fcode>, \u003Ccode>\u002Fusr\u002Flocal\u002Fbin\u002Fmagick\u003C\u002Fcode>, or Homebrew on macOS\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>To verify AVIF support:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>magick -list format | grep -i avif\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Imagick PHP Extension (High Quality)\u003C\u002Fh4>\n\u003Cp>Uses the PHP Imagick extension:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>PHP extension:\u003C\u002Fstrong> imagick\u003C\u002Fli>\n\u003Cli>\u003Cstrong>System libraries:\u003C\u002Fstrong> ImageMagick built with HEIF\u002FAVIF support (via libheif)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Benefits:\u003C\u002Fstrong> LANCZOS resizing, full metadata preservation (EXIF, XMP, IPTC, ICC), color profile handling\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>To install on Ubuntu\u002FDebian:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>apt install php-imagick imagemagick libheif-dev\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>GD Library (Fallback)\u003C\u002Fh4>\n\u003Cp>Uses PHP’s built-in GD library:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>PHP extension:\u003C\u002Fstrong> gd built with AVIF support (provides imageavif on PHP 8.1+)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Note:\u003C\u002Fstrong> Some distro builds omit AVIF support; limited metadata preservation\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>MIME Type Configuration\u003C\u002Fh4>\n\u003Cp>Ensure your web server is configured to serve .avif files as image\u002Favif.\u003C\u002Fp>\n\u003Ch4>Documentation\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fimagemagick.org\u002Fscript\u002Fdownload.php\" rel=\"nofollow ugc\">ImageMagick installation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.php.net\u002Fimagick\" rel=\"nofollow ugc\">PHP Imagick installation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.php.net\u002Fmanual\u002Fen\u002Fimage.installation.php\" rel=\"nofollow ugc\">PHP GD installation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fimagemagick.org\u002Fscript\u002Fformats.php\" rel=\"nofollow ugc\">ImageMagick format support\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Need help with setup?\u003C\u002Fh4>\n\u003Cp>If you’re not sure what to install or upgrade, copy your \u003Cstrong>Server Diagnostics\u003C\u002Fstrong> from the plugin status\u002Ftools screen (or run \u003Ccode>wp avif status --format=json\u003C\u002Fcode>) and paste it into an LLM.\u003C\u002Fp>\n\u003Cp>Example prompt:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>I need AVIF support for WordPress. Based on this diagnostics output, give me step-by-step commands to install or upgrade ImageMagick, libheif, and PHP Imagick on my server.\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>After applying changes, verify with:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>wp avif status\nmagick -list format | grep -i avif\u003Ch3>WP-CLI Commands\u003C\u002Fh3>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Manage AVIF conversions from the command line.\u003C\u002Fp>\n\u003Ch4>Status\u003C\u002Fh4>\n\u003Cp>Show system status and AVIF support diagnostics:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>wp avif status\nwp avif status --format=json\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Convert\u003C\u002Fh4>\n\u003Cp>Convert JPEG images to AVIF format:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>wp avif convert --all\nwp avif convert 123\nwp avif convert --all --dry-run\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Options:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>\u003Cattachment-id>\u003C\u002Fcode> — Specific attachment ID to convert\u003C\u002Fli>\n\u003Cli>\u003Ccode>--all\u003C\u002Fcode> — Convert all attachments missing AVIF versions\u003C\u002Fli>\n\u003Cli>\u003Ccode>--dry-run\u003C\u002Fcode> — Show what would be converted without actually converting\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Statistics\u003C\u002Fh4>\n\u003Cp>Show AVIF conversion statistics:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>wp avif stats\nwp avif stats --format=json\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Logs\u003C\u002Fh4>\n\u003Cp>View or clear conversion logs:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>wp avif logs\nwp avif logs --limit=50\nwp avif logs --clear\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Options:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>--clear\u003C\u002Fcode> — Clear all logs\u003C\u002Fli>\n\u003Cli>\u003Ccode>--limit=\u003Cnumber>\u003C\u002Fcode> — Number of logs to show (default: 20)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Delete\u003C\u002Fh4>\n\u003Cp>Delete AVIF files for an attachment or all attachments:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>wp avif delete 123\nwp avif delete --all --yes\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Options:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>\u003Cattachment-id>\u003C\u002Fcode> — Attachment ID to delete AVIF files for\u003C\u002Fli>\n\u003Cli>\u003Ccode>--all\u003C\u002Fcode> — Delete all AVIF files in the media library\u003C\u002Fli>\n\u003Cli>\u003Ccode>--yes\u003C\u002Fcode> — Skip confirmation prompt when using –all\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>LQIP Commands\u003C\u002Fh4>\n\u003Cp>Manage LQIP (ThumbHash) placeholders:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>wp lqip stats\nwp lqip generate --all --force\nwp lqip generate 123\nwp lqip delete --all --yes\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>For more information, visit \u003Ca href=\"https:\u002F\u002Fwp-cli.org\u002F\" rel=\"nofollow ugc\">wp-cli.org\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Contributing\u003C\u002Fh3>\n\u003Cp>Contributions welcome! Please submit issues and pull requests on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fddegner\u002Favif-local-support\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>GPL v2 or later — \u003Ca href=\"https:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html\" rel=\"nofollow ugc\">View License\u003C\u002Fa>\u003C\u002Fp>\n","High-quality AVIF image conversion for WordPress — local, quality-first.",10,1537,"2026-03-09T04:05:00.000Z","6.8","8.3",[20,21,73,74,22],"media","optimization","https:\u002F\u002Fgithub.com\u002Fddegner\u002Favif-local-support","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Favif-local-support.0.6.3.zip",{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":67,"downloaded":85,"rating":86,"num_ratings":87,"last_updated":88,"tested_up_to":16,"requires_at_least":17,"requires_php":89,"tags":90,"homepage":92,"download_link":93,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"convert-to-avif-and-optimise","Convert to AVIF and Optimise","1.0.0","Bicknell Digital","https:\u002F\u002Fprofiles.wordpress.org\u002Fbicknelldigital\u002F","\u003Cp>Convert to AVIF and Optimise automatically converts media library images to AVIF, stripping metadata, keeping your original uploads alongside the new files and updating all of your content to reference the optimised versions. The plugin keeps featured images, site logos, page builders, widgets and other stored URLs aligned with the converted image paths.\u003C\u002Fp>\n\u003Ch4>Key features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Automatic optimisation of newly uploaded JPEG, PNG and WebP files into AVIF.\u003C\u002Fli>\n\u003Cli>Bulk optimisation tool that updates every post, page, featured image and option referencing your media.\u003C\u002Fli>\n\u003Cli>Adjustable quality target so you can choose the balance between fidelity and file size.\u003C\u002Fli>\n\u003Cli>Optional metadata stripping and original files retained beside the AVIF copies to keep your workflow flexible.\u003C\u002Fli>\n\u003Cli>British English interface copy to keep everything consistent for UK sites.\u003C\u002Fli>\n\u003C\u002Ful>\n","Convert and optimise your WordPress media library to AVIF while keeping every reference to your images in sync.",165,20,1,"2025-11-12T14:15:00.000Z","7.4",[20,21,91,22],"optimisation","https:\u002F\u002Fdigital.bicknell.uk\u002Fproducts\u002Fconvert-to-avif-and-optimise\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fconvert-to-avif-and-optimise.1.0.0.zip",{"slug":95,"name":96,"version":97,"author":98,"author_profile":99,"description":100,"short_description":101,"active_installs":26,"downloaded":102,"rating":26,"num_ratings":26,"last_updated":103,"tested_up_to":16,"requires_at_least":104,"requires_php":89,"tags":105,"homepage":107,"download_link":108,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"imgsmaller","ImgSmaller – Optimize Images | Compress Images | Convert WebP & AVIF","1.0.1","Subarnadip Pal","https:\u002F\u002Fprofiles.wordpress.org\u002Fsubarnadip\u002F","\u003Cp>ImgSmaller integrates with the ImgSmaller API to compress images in your Media Library. It supports WEBP and AVIF output, runs in the background via WP-Cron or external cron, and includes robust backups and one-click restore. It also provides an exclusions browser, export\u002Fimport of backups and replacements, and plan\u002Fquota awareness.\u003C\u002Fp>\n\u003Cp>Key features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Background image optimization with batching\u003C\u002Fli>\n\u003Cli>WEBP and AVIF output formats\u003C\u002Fli>\n\u003Cli>Automated backup of originals and one-click restore (all or selected)\u003C\u002Fli>\n\u003Cli>Export\u002Fimport backups ZIP; import optimized replacements ZIP\u003C\u002Fli>\n\u003Cli>Exclusions browser with search, filters, and infinite scroll\u003C\u002Fli>\n\u003Cli>Quota-aware processing with countdown and auto-resume\u003C\u002Fli>\n\u003Cli>Secure tokenized public endpoints and file proxy for private media\u003C\u002Fli>\n\u003Cli>Dashboard metrics, logs, and plan\u002Fallowed domains management\u003C\u002Fli>\n\u003Cli>External cron support with copyable URL and token regeneration\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Cp>This plugin connects to the ImgSmaller API to compress images and retrieve plan\u002Fquota information.\u003C\u002Fp>\n\u003Cp>What is the service and what is it used for?\u003Cbr \u002F>\n– The ImgSmaller API (https:\u002F\u002Fimgsmaller.com) provides image compression and account information used by this plugin to optimize your Media Library and display plan\u002Fquota details.\u003C\u002Fp>\n\u003Cp>What data is sent and when?\u003Cbr \u002F>\n– When you start compression, the plugin sends the public URL of each selected attachment (or a secure, tokenized proxy URL if the file is not publicly accessible) along with your API key to request compression. After polling completes, the plugin downloads the optimized image bytes.\u003Cbr \u002F>\n– When viewing plan info, the plugin requests your current plan usage and limits using your API key.\u003C\u002Fp>\n\u003Cp>Where can I find the service policies?\u003Cbr \u002F>\n– Terms of Service: https:\u002F\u002Fimgsmaller.com\u002Fterms\u003Cbr \u002F>\n– Privacy Policy: https:\u002F\u002Fimgsmaller.com\u002Fprivacy\u003C\u002Fp>\n\u003Cp>Notes:\u003Cbr \u002F>\n– You can disable background processing at any time from the dashboard. If you prefer not to send any files or metadata, do not start compression and do not enter an API key.\u003C\u002Fp>\n","Compress and optimize your WordPress media library images using the ImgSmaller API with automated backups and restore controls.",172,"2025-10-19T17:45:00.000Z","5.8",[20,21,106,22,56],"media-library","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fimgsmaller.1.0.1.zip",{"slug":110,"name":111,"version":112,"author":113,"author_profile":114,"description":115,"short_description":116,"active_installs":117,"downloaded":118,"rating":119,"num_ratings":120,"last_updated":121,"tested_up_to":51,"requires_at_least":52,"requires_php":89,"tags":122,"homepage":126,"download_link":127,"security_score":128,"vuln_count":87,"unpatched_count":26,"last_vuln_date":129,"fetched_at":28},"image-optimization","Image Optimizer – Optimize Images and Convert to WebP or AVIF","1.7.3","Elementor","https:\u002F\u002Fprofiles.wordpress.org\u002Felemntor\u002F","\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FFco5omeF50w?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>Image Optimizer is an easy-to-use WordPress plugin that reduces image size through various compression and resizing techniques – all of which preserve the highest possible image quality. Image Optimizer supports many popular formats, including  JPEG, PNG, WebP, AVIF, and GIF.\u003C\u002Fp>\n\u003Ch4>REDUCED FILE SIZES FOR BOOSTED PERFORMANCE\u003C\u002Fh4>\n\u003Cp>Image Optimizer ensures faster loading times, enhanced user experience, and overall boosted website performance by reducing the size of your website’s images, resulting in improved Core Web Vitals and search engine rankings. With the Image Optimizer’s exceptional capabilities and unique algorithms, you can fine tune images and reduce their file sizes while retaining quality with lossless or lossy compression.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>FEATURES\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Image formats supported\u003C\u002Fstrong> include JPEG, PNG, WebP, AVIF and GIF.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Works in the background\u003C\u002Fstrong>: The only plugin in the category that optimizes your images in the background, without you having to stay on the page during optimization.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Resize large images\u003C\u002Fstrong>: The user can set a maximum pixel width, after which images will automatically be resized. (default value set to 1920px)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>2 compression levels\u003C\u002Fstrong>:  Lossless – highest quality with minimal compression; Lossy – maximum compression with somewhat reduced quality.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Optimize on upload\u003C\u002Fstrong>: Automatically optimizes images when you upload them.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Bulk or individual optimization\u003C\u002Fstrong>: Flexible image optimization options, whether it’s on-demand scaling and compression, or bulk optimization for your entire image library.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>EXIF Metadata\u003C\u002Fstrong>: Select whether to clear image metadata to reduce size even further without impacting image quality.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Backup original images\u003C\u002Fstrong>: Ability to delete backups permanently to save space. (We recommend backing up your website beforehand.)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Restore original images\u003C\u002Fstrong> (all sizes) for selected media files if needed.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Convert to WebP and AVIF\u003C\u002Fstrong>: Get efficient and faster-loading formats with WebP  and AVIF for even better web performance.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Image thumbnails\u003C\u002Fstrong>: Resize all image sizes by default. Allow the user to choose specific image sizes based on WordPress-registered thumbnail sizes.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>BULK OR SINGLE IMAGE OPTIMIZATION\u003C\u002Fh4>\n\u003Cp>Image Optimizer by Elementor lets you optimize all images in your library either one at a time, or in a batch according to your preferences and settings. Easily configure the plugin to scale or compress your images on-demand, or automatically have them triggered as they are being uploaded. Or, if you have a large number of images already uploaded, the bulk optimization feature allows you to resize and\u002For compress your entire library of existing images in just a few clicks.\u003C\u002Fp>\n\u003Ch4>2 COMPRESSION LEVELS\u003C\u002Fh4>\n\u003Cp>With Image Optimizer’s advanced algorithms, you can compress images and reduce their file size at the level that makes the most sense for you. We offer 2 types of compression where images will be processed, giving you the perfect balance of compression and quality.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Lossless Compression\u003C\u002Fstrong>: Lossless compression reduces image file sizes without sacrificing or diminishing the quality of your images. This type of compression reduces file sizes by removing unused or unnecessary data so that no image details are lost along the way.  Hence, you are able to reduce the file size and still maintain the quality of your image.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Lossy Compression\u003C\u002Fstrong>: Lossy compression performs maximum compression resulting in lightweight images and smaller file sizes. It reduces image size by removing image data that is generally invisible to the human eye and minimizes any compromise in image quality.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Convert to WebP and AVIF\u003C\u002Fstrong>: Convert images to the slimmer WebP or AVIF formats for even better optimization with a 25-30% savings over JPEG and PNG. Most browsers support WebP, however if they don’t, you can have fallback versions of the image available in the same format as the original image.\u003C\u002Fp>\n\u003Cp>By tailoring compression to the level you need, your visitors will enjoy faster load times, improved responsiveness, and a seamless browsing experience. Our approach also enables your website to rank higher in search results. Since a search engine’s ranking is heavily influenced by speed, user experience, and Core Web Vitals, Image Optimizer by Elementor is an invaluable tool for any website, especially one that’s abundant with images.\u003C\u002Fp>\n\u003Ch4>Get Started Today\u003C\u002Fh4>\n\u003Cp>For more information about Image Optimizer, visit our \u003Ca href=\"https:\u002F\u002Fgo.elementor.com\u002Fwp-repo-description-tab-io-product-page\u002F\" rel=\"nofollow ugc\">official website\u003C\u002Fa> or \u003Ca href=\"https:\u002F\u002Fgo.elementor.com\u002Fwp-repo-description-tab-io-free-trial\u002F\" rel=\"nofollow ugc\">Try It Now\u003C\u002Fa>.\u003Cbr \u002F>\nIf you have any questions or need support, feel free to \u003Ca href=\"https:\u002F\u002Fgo.elementor.com\u002Fwp-repo-description-tab-io-contact-us\u002F\" rel=\"nofollow ugc\">contact us\u003C\u002Fa> or visit our \u003Ca href=\"https:\u002F\u002Fgo.elementor.com\u002Fwp-repo-description-tab-io-help-center\u002F\" rel=\"nofollow ugc\">help center\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>This plugin requires a connection to an active Elementor account in order to identify the user and provide the user with the purchased service. This connection is triggered manually by the user via the plugin’s settings panel.\u003Cbr \u002F>\nThis plugin uses a 3rd party service operated by Elementor, which accepts a standard image in JPG, PNG, GIF or WEBP format and returns a web optimized image based on the selected settings. This flow is triggered by the user or automatically (based on the selected plugin settings) on compatible image upload or by manually initiating optimize process.\u003C\u002Fp>\n\u003Ch3>Related Plugins\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsite-mailer\u002F\" rel=\"ugc\">Site Mailer\u003C\u002Fa>: Effortlessly manage transactional emails with Site Mailer. High deliverability, logs and statistics, and no SMTP plugins needed.\u003C\u002Fp>\n","Automatically resize, optimize, and convert images to WebP and AVIF. Compress images in bulk or on upload to boost your WordPress site performance.",1000000,13094645,32,72,"2026-02-17T13:59:00.000Z",[123,124,125,110,22],"convert-avif","convert-webp","image-compression","https:\u002F\u002Fgo.elementor.com\u002Fwp-repo-description-tab-io-product-page\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fimage-optimization.1.7.3.zip",99,"2026-02-20 00:00:00",{"attackSurface":131,"codeSignals":288,"taintFlows":376,"riskAssessment":556,"analyzedAt":568},{"hooks":132,"ajaxHandlers":164,"restRoutes":285,"shortcodes":286,"cronEvents":287,"entryPointCount":234,"unprotectedCount":234},[133,139,144,149,154,158],{"type":134,"name":135,"callback":136,"file":137,"line":138},"action","plugins_loaded","initiate_plugin","avif-express.php",133,{"type":134,"name":140,"callback":141,"file":142,"line":143},"admin_enqueue_scripts","add","core\\app\\backend\\Enqueue.php",14,{"type":134,"name":145,"callback":146,"file":147,"line":148},"admin_menu","create","core\\app\\backend\\Ui.php",15,{"type":134,"name":150,"callback":151,"priority":67,"file":152,"line":153},"wp_generate_attachment_metadata","beforeConvert","core\\app\\common\\Image.php",23,{"type":134,"name":155,"callback":156,"priority":67,"file":152,"line":157},"delete_attachment","delete",26,{"type":134,"name":159,"callback":160,"priority":161,"file":162,"line":163},"template_redirect","checkConditions",9999,"core\\app\\frontend\\Html.php",48,[165,170,172,174,177,180,183,186,188,191,193,195,198,201,203,206,209,212,214,216,219,222,225,228,231,235,239,243,247,250,252,255,258,261,264,267,270,273,276,279,282],{"action":166,"nopriv":167,"callback":166,"hasNonce":167,"hasCapCheck":167,"file":168,"line":169},"ajaxGetAutoConvtStatus",false,"core\\app\\Routes.php",13,{"action":171,"nopriv":167,"callback":171,"hasNonce":167,"hasCapCheck":167,"file":168,"line":143},"ajaxSetAutoConvtStatus",{"action":173,"nopriv":167,"callback":173,"hasNonce":167,"hasCapCheck":167,"file":168,"line":148},"ajaxGetOperationMode",{"action":175,"nopriv":167,"callback":175,"hasNonce":167,"hasCapCheck":167,"file":168,"line":176},"ajaxSetOperationMode",16,{"action":178,"nopriv":167,"callback":178,"hasNonce":167,"hasCapCheck":167,"file":168,"line":179},"ajaxGetImgQuality",17,{"action":181,"nopriv":167,"callback":181,"hasNonce":167,"hasCapCheck":167,"file":168,"line":182},"ajaxSetImgQuality",18,{"action":184,"nopriv":167,"callback":184,"hasNonce":167,"hasCapCheck":167,"file":168,"line":185},"ajaxGetComSpeed",19,{"action":187,"nopriv":167,"callback":187,"hasNonce":167,"hasCapCheck":167,"file":168,"line":86},"ajaxSetComSpeed",{"action":189,"nopriv":167,"callback":189,"hasNonce":167,"hasCapCheck":167,"file":168,"line":190},"ajaxGetConversionEngine",21,{"action":192,"nopriv":167,"callback":192,"hasNonce":167,"hasCapCheck":167,"file":168,"line":49},"ajaxSetConversionEngine",{"action":194,"nopriv":167,"callback":194,"hasNonce":167,"hasCapCheck":167,"file":168,"line":153},"ajaxGetOnTheFlyAvif",{"action":196,"nopriv":167,"callback":196,"hasNonce":167,"hasCapCheck":167,"file":168,"line":197},"ajaxSetOnTheFlyAvif",24,{"action":199,"nopriv":167,"callback":199,"hasNonce":167,"hasCapCheck":167,"file":168,"line":200},"ajaxGetEnableLogging",25,{"action":202,"nopriv":167,"callback":202,"hasNonce":167,"hasCapCheck":167,"file":168,"line":157},"ajaxSetEnableLogging",{"action":204,"nopriv":167,"callback":204,"hasNonce":167,"hasCapCheck":167,"file":168,"line":205},"ajaxGetApiKey",27,{"action":207,"nopriv":167,"callback":207,"hasNonce":167,"hasCapCheck":167,"file":168,"line":208},"ajaxSetApiKey",28,{"action":210,"nopriv":167,"callback":210,"hasNonce":167,"hasCapCheck":167,"file":168,"line":211},"ajaxGetFallbackMode",29,{"action":213,"nopriv":167,"callback":213,"hasNonce":167,"hasCapCheck":167,"file":168,"line":34},"ajaxSetFallbackMode",{"action":215,"nopriv":167,"callback":215,"hasNonce":167,"hasCapCheck":167,"file":168,"line":119},"ajaxGetLazyLoad",{"action":217,"nopriv":167,"callback":217,"hasNonce":167,"hasCapCheck":167,"file":168,"line":218},"ajaxSetLazyLoad",33,{"action":220,"nopriv":167,"callback":220,"hasNonce":167,"hasCapCheck":167,"file":168,"line":221},"ajaxGetLazyLoadJsRootMargin",35,{"action":223,"nopriv":167,"callback":223,"hasNonce":167,"hasCapCheck":167,"file":168,"line":224},"ajaxSetLazyLoadJsRootMargin",36,{"action":226,"nopriv":167,"callback":226,"hasNonce":167,"hasCapCheck":167,"file":168,"line":227},"ajaxGetLazyLoadJsThreshold",38,{"action":229,"nopriv":167,"callback":229,"hasNonce":167,"hasCapCheck":167,"file":168,"line":230},"ajaxSetLazyLoadJsThreshold",39,{"action":232,"nopriv":167,"callback":233,"hasNonce":167,"hasCapCheck":167,"file":168,"line":234},"ajaxGetLazyBackground","ajaxGetLazyLoadBackground",41,{"action":236,"nopriv":167,"callback":237,"hasNonce":167,"hasCapCheck":167,"file":168,"line":238},"ajaxSetLazyBackground","ajaxSetLazyLoadBackground",42,{"action":240,"nopriv":167,"callback":241,"hasNonce":167,"hasCapCheck":167,"file":168,"line":242},"ajaxGetBackgroudConv","ajaxGetBackgroundConv",44,{"action":244,"nopriv":167,"callback":245,"hasNonce":167,"hasCapCheck":167,"file":168,"line":246},"ajaxSetBackgroudConv","ajaxSetBackgroundConv",45,{"action":248,"nopriv":167,"callback":248,"hasNonce":167,"hasCapCheck":167,"file":168,"line":249},"ajaxGetBackgroundConvEvent",47,{"action":251,"nopriv":167,"callback":251,"hasNonce":167,"hasCapCheck":167,"file":168,"line":163},"ajaxSetBackgroundConvEvent",{"action":253,"nopriv":167,"callback":253,"hasNonce":167,"hasCapCheck":167,"file":168,"line":254},"ajaxCountMedia",50,{"action":256,"nopriv":167,"callback":256,"hasNonce":167,"hasCapCheck":167,"file":168,"line":257},"ajaxConvertRemaining",51,{"action":259,"nopriv":167,"callback":259,"hasNonce":167,"hasCapCheck":167,"file":168,"line":260},"ajaxDeleteAll",52,{"action":262,"nopriv":167,"callback":262,"hasNonce":167,"hasCapCheck":167,"file":168,"line":263},"ajaxGetCurrentTheme",54,{"action":265,"nopriv":167,"callback":265,"hasNonce":167,"hasCapCheck":167,"file":168,"line":266},"ajaxThemeFilesConvert",55,{"action":268,"nopriv":167,"callback":268,"hasNonce":167,"hasCapCheck":167,"file":168,"line":269},"ajaxThemeFilesDelete",56,{"action":271,"nopriv":167,"callback":271,"hasNonce":167,"hasCapCheck":167,"file":168,"line":272},"ajaxGetGdInfo",58,{"action":274,"nopriv":167,"callback":274,"hasNonce":167,"hasCapCheck":167,"file":168,"line":275},"ajaxGetImagickInfo",59,{"action":277,"nopriv":167,"callback":277,"hasNonce":167,"hasCapCheck":167,"file":168,"line":278},"ajaxGetPhpInfo",60,{"action":280,"nopriv":167,"callback":280,"hasNonce":167,"hasCapCheck":167,"file":168,"line":281},"ajaxDeleteLogFile",62,{"action":283,"nopriv":167,"callback":283,"hasNonce":167,"hasCapCheck":167,"file":168,"line":284},"ajaxIsLogFileExists",63,[],[],[],{"dangerousFunctions":289,"sqlUsage":290,"outputEscaping":292,"fileOperations":32,"externalRequests":374,"nonceChecks":234,"capabilityChecks":87,"bundledLibraries":375},[],{"prepared":26,"raw":26,"locations":291},[],{"escaped":153,"rawEcho":293,"locations":294},43,[295,298,300,302,305,306,308,309,311,313,315,317,319,320,322,324,326,328,330,332,334,336,338,340,342,344,346,348,350,352,354,356,358,360,362,363,364,366,367,368,369,371,372],{"file":296,"line":86,"context":297},"core\\app\\common\\Media.php","raw output",{"file":296,"line":299,"context":297},65,{"file":296,"line":301,"context":297},140,{"file":303,"line":304,"context":297},"core\\app\\common\\Options.php",12,{"file":303,"line":197,"context":297},{"file":303,"line":307,"context":297},37,{"file":303,"line":263,"context":297},{"file":303,"line":310,"context":297},67,{"file":303,"line":312,"context":297},79,{"file":303,"line":314,"context":297},92,{"file":303,"line":316,"context":297},104,{"file":303,"line":318,"context":297},117,{"file":303,"line":138,"context":297},{"file":303,"line":321,"context":297},146,{"file":303,"line":323,"context":297},158,{"file":303,"line":325,"context":297},171,{"file":303,"line":327,"context":297},183,{"file":303,"line":329,"context":297},196,{"file":303,"line":331,"context":297},208,{"file":303,"line":333,"context":297},235,{"file":303,"line":335,"context":297},250,{"file":303,"line":337,"context":297},264,{"file":303,"line":339,"context":297},281,{"file":303,"line":341,"context":297},293,{"file":303,"line":343,"context":297},305,{"file":303,"line":345,"context":297},316,{"file":303,"line":347,"context":297},328,{"file":303,"line":349,"context":297},340,{"file":303,"line":351,"context":297},352,{"file":303,"line":353,"context":297},365,{"file":303,"line":355,"context":297},377,{"file":303,"line":357,"context":297},393,{"file":303,"line":359,"context":297},405,{"file":361,"line":169,"context":297},"core\\app\\common\\PhpInfo.php",{"file":361,"line":157,"context":297},{"file":361,"line":238,"context":297},{"file":365,"line":200,"context":297},"core\\app\\common\\Setting.php",{"file":365,"line":205,"context":297},{"file":365,"line":260,"context":297},{"file":365,"line":263,"context":297},{"file":370,"line":179,"context":297},"core\\app\\common\\Theme.php",{"file":370,"line":257,"context":297},{"file":370,"line":373,"context":297},120,4,[],[377,394,403,412,421,430,439,448,457,466,475,484,493],{"entryPoint":378,"graph":379,"unsanitizedCount":26,"severity":393},"ajaxSetOperationMode (core\\app\\common\\Options.php:51)",{"nodes":380,"edges":390},[381,385],{"id":382,"type":383,"label":384,"file":303,"line":263},"n0","source","$_POST['mode']",{"id":386,"type":387,"label":388,"file":303,"line":263,"wp_function":389},"n1","sink","echo() [XSS]","echo",[391],{"from":382,"to":386,"sanitized":392},true,"low",{"entryPoint":395,"graph":396,"unsanitizedCount":26,"severity":393},"ajaxSetImgQuality (core\\app\\common\\Options.php:76)",{"nodes":397,"edges":401},[398,400],{"id":382,"type":383,"label":399,"file":303,"line":312},"$_POST['quality']",{"id":386,"type":387,"label":388,"file":303,"line":312,"wp_function":389},[402],{"from":382,"to":386,"sanitized":392},{"entryPoint":404,"graph":405,"unsanitizedCount":26,"severity":393},"ajaxSetComSpeed (core\\app\\common\\Options.php:101)",{"nodes":406,"edges":410},[407,409],{"id":382,"type":383,"label":408,"file":303,"line":316},"$_POST['speed']",{"id":386,"type":387,"label":388,"file":303,"line":316,"wp_function":389},[411],{"from":382,"to":386,"sanitized":392},{"entryPoint":413,"graph":414,"unsanitizedCount":26,"severity":393},"ajaxSetConversionEngine (core\\app\\common\\Options.php:130)",{"nodes":415,"edges":419},[416,418],{"id":382,"type":383,"label":417,"file":303,"line":138},"$_POST['engine']",{"id":386,"type":387,"label":388,"file":303,"line":138,"wp_function":389},[420],{"from":382,"to":386,"sanitized":392},{"entryPoint":422,"graph":423,"unsanitizedCount":26,"severity":393},"ajaxSetApiKey (core\\app\\common\\Options.php:205)",{"nodes":424,"edges":428},[425,427],{"id":382,"type":383,"label":426,"file":303,"line":331},"$_POST['apiKey']",{"id":386,"type":387,"label":388,"file":303,"line":331,"wp_function":389},[429],{"from":382,"to":386,"sanitized":392},{"entryPoint":431,"graph":432,"unsanitizedCount":26,"severity":393},"ajaxSetFallbackMode (core\\app\\common\\Options.php:247)",{"nodes":433,"edges":437},[434,436],{"id":382,"type":383,"label":435,"file":303,"line":335},"$_POST['fallbackMode']",{"id":386,"type":387,"label":388,"file":303,"line":335,"wp_function":389},[438],{"from":382,"to":386,"sanitized":392},{"entryPoint":440,"graph":441,"unsanitizedCount":26,"severity":393},"ajaxSetLazyLoad (core\\app\\common\\Options.php:278)",{"nodes":442,"edges":446},[443,445],{"id":382,"type":383,"label":444,"file":303,"line":339},"$_POST['aviflazyload']",{"id":386,"type":387,"label":388,"file":303,"line":339,"wp_function":389},[447],{"from":382,"to":386,"sanitized":392},{"entryPoint":449,"graph":450,"unsanitizedCount":26,"severity":393},"ajaxSetLazyLoadJsRootMargin (core\\app\\common\\Options.php:302)",{"nodes":451,"edges":455},[452,454],{"id":382,"type":383,"label":453,"file":303,"line":343},"$_POST['aviflazyloadrootmargin']",{"id":386,"type":387,"label":388,"file":303,"line":343,"wp_function":389},[456],{"from":382,"to":386,"sanitized":392},{"entryPoint":458,"graph":459,"unsanitizedCount":26,"severity":393},"ajaxSetLazyLoadJsThreshold (core\\app\\common\\Options.php:325)",{"nodes":460,"edges":464},[461,463],{"id":382,"type":383,"label":462,"file":303,"line":347},"$_POST['aviflazyloadjsthreshold']",{"id":386,"type":387,"label":388,"file":303,"line":347,"wp_function":389},[465],{"from":382,"to":386,"sanitized":392},{"entryPoint":467,"graph":468,"unsanitizedCount":26,"severity":393},"ajaxSetLazyLoadBackground (core\\app\\common\\Options.php:349)",{"nodes":469,"edges":473},[470,472],{"id":382,"type":383,"label":471,"file":303,"line":351},"$_POST['aviflazyloadbackground']",{"id":386,"type":387,"label":388,"file":303,"line":351,"wp_function":389},[474],{"from":382,"to":386,"sanitized":392},{"entryPoint":476,"graph":477,"unsanitizedCount":26,"severity":393},"ajaxSetBackgroundConv (core\\app\\common\\Options.php:374)",{"nodes":478,"edges":482},[479,481],{"id":382,"type":383,"label":480,"file":303,"line":355},"$_POST['avifbackgroundConv']",{"id":386,"type":387,"label":388,"file":303,"line":355,"wp_function":389},[483],{"from":382,"to":386,"sanitized":392},{"entryPoint":485,"graph":486,"unsanitizedCount":26,"severity":393},"ajaxSetBackgroundConvEvent (core\\app\\common\\Options.php:402)",{"nodes":487,"edges":491},[488,490],{"id":382,"type":383,"label":489,"file":303,"line":359},"$_POST['avifbackgroundevents']",{"id":386,"type":387,"label":388,"file":303,"line":359,"wp_function":389},[492],{"from":382,"to":386,"sanitized":392},{"entryPoint":494,"graph":495,"unsanitizedCount":26,"severity":393},"\u003COptions> (core\\app\\common\\Options.php:0)",{"nodes":496,"edges":543},[497,498,499,501,503,505,507,509,511,513,515,517,519,521,523,525,527,529,531,533,535,537,539,541],{"id":382,"type":383,"label":384,"file":303,"line":263},{"id":386,"type":387,"label":388,"file":303,"line":263,"wp_function":389},{"id":500,"type":383,"label":399,"file":303,"line":312},"n2",{"id":502,"type":387,"label":388,"file":303,"line":312,"wp_function":389},"n3",{"id":504,"type":383,"label":408,"file":303,"line":316},"n4",{"id":506,"type":387,"label":388,"file":303,"line":316,"wp_function":389},"n5",{"id":508,"type":383,"label":417,"file":303,"line":138},"n6",{"id":510,"type":387,"label":388,"file":303,"line":138,"wp_function":389},"n7",{"id":512,"type":383,"label":426,"file":303,"line":331},"n8",{"id":514,"type":387,"label":388,"file":303,"line":331,"wp_function":389},"n9",{"id":516,"type":383,"label":435,"file":303,"line":335},"n10",{"id":518,"type":387,"label":388,"file":303,"line":335,"wp_function":389},"n11",{"id":520,"type":383,"label":444,"file":303,"line":339},"n12",{"id":522,"type":387,"label":388,"file":303,"line":339,"wp_function":389},"n13",{"id":524,"type":383,"label":453,"file":303,"line":343},"n14",{"id":526,"type":387,"label":388,"file":303,"line":343,"wp_function":389},"n15",{"id":528,"type":383,"label":462,"file":303,"line":347},"n16",{"id":530,"type":387,"label":388,"file":303,"line":347,"wp_function":389},"n17",{"id":532,"type":383,"label":471,"file":303,"line":351},"n18",{"id":534,"type":387,"label":388,"file":303,"line":351,"wp_function":389},"n19",{"id":536,"type":383,"label":480,"file":303,"line":355},"n20",{"id":538,"type":387,"label":388,"file":303,"line":355,"wp_function":389},"n21",{"id":540,"type":383,"label":489,"file":303,"line":359},"n22",{"id":542,"type":387,"label":388,"file":303,"line":359,"wp_function":389},"n23",[544,545,546,547,548,549,550,551,552,553,554,555],{"from":382,"to":386,"sanitized":392},{"from":500,"to":502,"sanitized":392},{"from":504,"to":506,"sanitized":392},{"from":508,"to":510,"sanitized":392},{"from":512,"to":514,"sanitized":392},{"from":516,"to":518,"sanitized":392},{"from":520,"to":522,"sanitized":392},{"from":524,"to":526,"sanitized":392},{"from":528,"to":530,"sanitized":392},{"from":532,"to":534,"sanitized":392},{"from":536,"to":538,"sanitized":392},{"from":540,"to":542,"sanitized":392},{"summary":557,"deductions":558},"The 'avif-express' plugin exhibits a significant security concern due to its large number of unprotected AJAX handlers. While the plugin demonstrates good practices in other areas, such as using prepared statements for all SQL queries and having no recorded vulnerabilities, the 41 unprotected AJAX entry points present a substantial attack surface. This means that any user, authenticated or not, could potentially trigger these handlers, leading to unintended actions or information exposure if the handlers themselves contain logic flaws.  The lack of proper nonce checks on all AJAX handlers further exacerbates this risk, making it easier for attackers to craft requests to these endpoints.\n\nDespite the positive signs of secure SQL handling and a clean vulnerability history, the sheer volume of unprotected AJAX handlers is a critical weakness. This oversight could allow for various vulnerabilities, including Cross-Site Request Forgery (CSRF) or information disclosure, depending on the functionality of these handlers. The plugin's limited capability checks also contribute to this concern, as it suggests that access control might not be sufficiently granular.\n\nIn conclusion, while 'avif-express' has strengths in areas like database interaction and a lack of historical vulnerabilities, its security posture is severely compromised by the widespread absence of authentication and nonce checks on its AJAX endpoints. This requires immediate attention to mitigate the significant risks posed by this large, unprotected attack surface.",[559,561,563,565],{"reason":560,"points":67},"Unprotected AJAX handlers",{"reason":562,"points":67},"Missing nonce checks on AJAX handlers",{"reason":564,"points":32},"Insufficient capability checks",{"reason":566,"points":567},"Low percentage of properly escaped output",5,"2026-03-16T19:44:32.584Z",{"wat":570,"direct":581},{"assetPaths":571,"generatorPatterns":575,"scriptPaths":576,"versionParams":577},[572,573,574],"\u002Fwp-content\u002Fplugins\u002Favif-express\u002Fcore\u002Fapp\u002Fbackend\u002Fassets\u002Fdist\u002Fapp.js","\u002Fwp-content\u002Fplugins\u002Favif-express\u002Fcore\u002Fapp\u002Fbackend\u002Fassets\u002Fdist\u002Fapp.css","\u002Fwp-content\u002Fplugins\u002Favif-express\u002Fcore\u002Fapp\u002Fbackend\u002Fassets\u002Ffonts\u002Ffonts.css",[],[572],[578,579,580],"avife-vue-script","avife-tailwind-style","avife-font-style",{"cssClasses":582,"htmlComments":583,"htmlAttributes":584,"restEndpoints":585,"jsGlobals":586,"shortcodeOutput":601},[],[],[],[],[587,588,589,590,591,592,593,594,595,596,597,598,599,600],"AVIFE_TEXT_DOMAIN","AVIFE_ADMIN_MENU_TITLE","AVIFE_ADMIN_MENU_NAME","AVIFE_SPA_SLUG","AVIFE_REL","AVIFE_ABS","AVIFE_VUE_ROOT_ID","IS_IMAGICK_AVIF","IS_IMAGICK_WEBP","IS_GD_AVIF","IS_GD_WEBP","AVIF_CLOUD_ADDRESS","AVIF_LOG_FILE","AVIF_LOG_FILE_REL",[]]