[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f92ZZb_CGitlNrd9aiW2OX6AtnVvMns-ezcxPJjun76I":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":22,"download_link":23,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":42,"crawl_stats":33,"alternatives":50,"analysis":159,"fingerprints":354},"captionpix","CaptionPix","1.8","Russell Jamieson","https:\u002F\u002Fprofiles.wordpress.org\u002Fpowerblogservice\u002F","\u003Cul>\n\u003Cli>Places a caption beneath your image\u003C\u002Fli>\n\u003Cli>Allows you to align your image to the left, right or center of a page or post.\u003C\u002Fli>\n\u003Cli>In the case of left or right alignment, text wraps neatly around your image.\u003C\u002Fli>\n\u003Cli>Has a variety of different border\u002Fframes, colors and font sizes\u003C\u002Fli>\n\u003Cli>You do not need knowledge of HTML or CSS to use the plugin\u003C\u002Fli>\n\u003Cli>Now works with mobile responsive themes\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>How to Use The Plugin\u003C\u002Fh3>\n\u003Cp>The captioned image is inserted into a post or a widget using the captionpix short code.\u003C\u002Fp>\n\u003Cp>For example: [captionpix imgsrc=”http:\u002F\u002Fimages.captionpix.com\u002Fposts\u002Fexample.jpg” captiontext=”This is a caption”]\u003C\u002Fp>\n\u003Ch3>Links\u003C\u002Fh3>\n\u003Cp>Here are some of the useful CaptionPix WordPress Plugin links\u003C\u002Fp>\n\u003Cul>\n\u003Cli>CaptionPix Plugin Home Page https:\u002F\u002Fwww.captionpix.com\u002F\u003C\u002Fli>\n\u003Cli>How To Use CaptionPix https:\u002F\u002Fwww.captionpix.com\u002Fhow-to-use-captionpix\u002F\u003C\u002Fli>\n\u003Cli>CaptionPix Features https:\u002F\u002Fwww.captionpix.com\u002Fimage-captions\u002Ffeatures\u002F\u003C\u002Fli>\n\u003Cli>CaptionPix Gallery https:\u002F\u002Fwww.captionpix.com\u002Fimage-captions\u002Fexamples\u002F\u003C\u002Fli>\n\u003Cli>CaptionPix FAQ https:\u002F\u002Fwww.captionpix.com\u002Fimage-captions\u002Ffaq\u002F\u003C\u002Fli>\n\u003Cli>CaptionPix Tutorials https:\u002F\u002Fwww.captionpix.com\u002Fimage-captions\u002Ftutorials\u002F\u003C\u002Fli>\n\u003Cli>CaptionPix Help and Support https:\u002F\u002Fwww.captionpix.com\u002Fhelp\u002F\u003C\u002Fli>\n\u003C\u002Ful>\n","A WordPress image captioning plugin which makes it easy to align a framed and captioned image to the left, right or center of the page.",100,16781,1,"2020-04-26T17:09:00.000Z","5.4.19","3.1","5.2.4",[19,20,21],"captioning","image-caption","photo-frame","https:\u002F\u002Fwww.captionpix.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcaptionpix.1.8.zip",63,"2025-07-23 00:00:00","2026-03-15T15:16:48.613Z",[28],{"id":29,"url_slug":30,"title":31,"description":32,"plugin_slug":4,"theme_slug":33,"affected_versions":34,"patched_in_version":33,"severity":35,"cvss_score":36,"cvss_vector":37,"vuln_type":38,"published_date":25,"updated_date":39,"references":40,"days_to_patch":33},"CVE-2025-52788","captionpix-reflected-cross-site-scripting","CaptionPix \u003C= 1.8 - Reflected Cross-Site Scripting","The CaptionPix plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 1.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",null,"\u003C=1.8","medium",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-07-28 20:37:08",[41],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F528a00f3-13dd-499d-9814-b772f535a07c?source=api-prod",{"slug":43,"display_name":7,"profile_url":8,"plugin_count":44,"total_installs":45,"avg_security_score":46,"avg_patch_time_days":47,"trust_score":48,"computed_at":49},"powerblogservice",4,4010,74,30,76,"2026-04-04T13:54:14.098Z",[51,76,100,122,141],{"slug":52,"name":53,"version":54,"author":55,"author_profile":56,"description":57,"short_description":58,"active_installs":59,"downloaded":60,"rating":61,"num_ratings":62,"last_updated":63,"tested_up_to":64,"requires_at_least":65,"requires_php":66,"tags":67,"homepage":72,"download_link":73,"security_score":11,"vuln_count":13,"unpatched_count":74,"last_vuln_date":75,"fetched_at":26},"media-library-helper","Media Library Helper — Bulk edit image ALT, caption & description","1.3.2","Codexin Technologies","https:\u002F\u002Fprofiles.wordpress.org\u002Fcxntech\u002F","\u003Cp>If you have a large number of images in your WordPress media library and are concerned about updating their ALT tags, captions, descriptions or titles, worry no more. This plugin allows you to easily modify, delete, or update these elements with just a few clicks directly from the media library page in your WordPress dashboard.\u003C\u002Fp>\n\u003Cp>This plugin is the perfect solution to update metadata for multiple images without visiting each edit page. Accessing the WordPress media library page lets you easily view the existing images’ alt tags, captions, descriptions and titles. The plugin also identifies the images without an assigned ALT tag, caption, or description, enabling you to update them quickly and easily with just a few clicks.\u003C\u002Fp>\n\u003Cp>On-page SEO is crucial in boosting your website’s SEO score, and assigning proper image ALT tags to every image on your website is critical. With the help of this plugin, you can quickly identify images with empty or blank ALT tags, blank captions or descriptions in your media library and update them to enhance your SEO score.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Add\u002Fedit\u002Fupdate the image titles, ALT tag, caption & description with one click directly from WordPress Media Library\u003C\u002Fli>\n\u003Cli>Search for a specific SEO keyword assigned to your images as an alt tag, caption or description.\u003C\u002Fli>\n\u003Cli>Search for blank or empty ALT tags, captions and descriptions and update\u002Fedit as needed.\u003C\u002Fli>\n\u003Cli>Sort media library images by ALT tag, image caption or image Description.\u003C\u002Fli>\n\u003Cli>Bulk edit image ALT tag or alt attribute\u003C\u002Fli>\n\u003Cli>Bulk edit image title\u003C\u002Fli>\n\u003Cli>Bulk edit image caption\u003C\u002Fli>\n\u003Cli>Bulk edit image description\u003C\u002Fli>\n\u003Cli>Improve SEO score by assigning the proper image metadata.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>How does this plugin work or How to edit image metadata\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Install the plugin “Media Library Helper by Codexin”\u003C\u002Fli>\n\u003Cli>From Dashboard, go to media –> Library –> Open the “List View”\u003C\u002Fli>\n\u003Cli>Unlock the edit mode. (You will see a button at the top, named “Edit mode is locked”)\u003C\u002Fli>\n\u003Cli>Continue updating image ALT text, caption and description as you need.\u003C\u002Fli>\n\u003Cli>Once finished, keep the edit mode Locked again.\u003C\u002Fli>\n\u003C\u002Fol>\n","Add or edit or bulk edit image ALT tag, caption & description with one click straight from the WordPress media library to improve your SEO score.",10000,150143,98,55,"2025-12-03T14:05:00.000Z","6.8.5","4.8","5.6.39",[68,69,20,70,71],"alt-tag","bulk-edit","media-library","seo","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmedia-library-helper\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmedia-library-helper.1.3.2.zip",0,"2023-07-05 00:00:00",{"slug":77,"name":78,"version":79,"author":80,"author_profile":81,"description":82,"short_description":83,"active_installs":84,"downloaded":85,"rating":11,"num_ratings":86,"last_updated":87,"tested_up_to":88,"requires_at_least":89,"requires_php":90,"tags":91,"homepage":96,"download_link":97,"security_score":98,"vuln_count":13,"unpatched_count":13,"last_vuln_date":99,"fetched_at":26},"tgg-wp-optimizer","TGG – WP Optimizer","1.25","preetindersodhi","https:\u002F\u002Fprofiles.wordpress.org\u002Fpreetindersodhi\u002F","\u003Cp>This plugin is a collection of various WP tweaks like controlling number of post revisions, cleaning up wp_head(), disabling block editor, emojis, trash, XML-RPC etc. Simply change the settings as per your requirements.\u003C\u002Fp>\n\u003Ch3>Plugin Options\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Disable Emojis\u003C\u002Fstrong>\u003Cbr \u002F>\nStops js\u002Fcss code related to emojis.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Remove Blocks CSS\u003C\u002Fstrong>\u003Cbr \u002F>\nTurn it on if you don’t use blocks editor.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Remove Gutenberg Duotone CSS\u003C\u002Fstrong>\u003Cbr \u002F>\nRemoves the inline CSS added by WP recently.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Remove WLW Manifest Link\u003C\u002Fstrong>\u003Cbr \u002F>\nRemove the link link to the Windows Live Writer manifest file.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Remove RSD Link\u003C\u002Fstrong>\u003Cbr \u002F>\nRemove the link to the Really Simple Discovery service endpoint.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Remove WordPress Generator Tag\u003C\u002Fstrong>\u003Cbr \u002F>\nRemove WP Generator Meta Tag\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Remove Feed Links\u003C\u002Fstrong>\u003Cbr \u002F>\nRemove RSS feed links.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Remove REST Link\u003C\u002Fstrong>\u003Cbr \u002F>\nRemove WordPress REST API link.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Remove OEmbed Links\u003C\u002Fstrong>\u003Cbr \u002F>\nRemove oEmbed discovery code.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Remove Shortlink\u003C\u002Fstrong>\u003Cbr \u002F>\nRemove short links of posts.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Remove DNS Prefetch Links\u003C\u002Fstrong>\u003Cbr \u002F>\nRemove DNS prefetch code.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Disable Autosave\u003C\u002Fstrong>\u003Cbr \u002F>\nDisable auto saving of posts.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Show Post\u002FComment Actions Links\u003C\u002Fstrong>\u003Cbr \u002F>\nShow comment\u002Fpost actions links without hovering over the item.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Redirect to post\u002Fpage on publish\u002Fupdate\u003C\u002Fstrong>\u003Cbr \u002F>\nGet redirect to front end after you save\u002Fpublish a post.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Enable Classic Editor\u003C\u002Fstrong>\u003Cbr \u002F>\nDisable block editor and use classic editor instead.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Enable Classic Widgets\u003C\u002Fstrong>\u003Cbr \u002F>\nRevert to old classic widgets.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Disable XML RPC\u003C\u002Fstrong>\u003Cbr \u002F>\nDisable XML RPC, a security risk.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Remove URL field from comment form\u003C\u002Fstrong>\u003Cbr \u002F>\nRemove URL field from comment form. May not work with some themes.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Disable author sitemap\u003C\u002Fstrong>\u003Cbr \u002F>\nDisable sitemap of site authors.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Disable category sitemap\u003C\u002Fstrong>\u003Cbr \u002F>\nDisable sitemap for post categories.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Set image caption on upload\u003C\u002Fstrong>\u003Cbr \u002F>\nAuto set caption after image upload. File name will be used as caption.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Disable WordPress Email Verification Prompts\u003C\u002Fstrong>\u003Cbr \u002F>\nStop WordPress from confirming your current site email.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Change excerpt ellipsis to ‘…’\u003C\u002Fstrong>\u003Cbr \u002F>\nReplace […] with ‘…’ for excerpt.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Excerpt length (Number of words)\u003C\u002Fstrong>\u003Cbr \u002F>\nChange length of post excerpt.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Empty Trash Time\u003C\u002Fstrong>\u003Cbr \u002F>\nChange trash time or disable trash.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Number of Post Revisions\u003C\u002Fstrong>\u003Cbr \u002F>\nSet number of post revisions or disable post revisions.\u003C\u002Fp>\n","This plugin is a collection of various WP tweaks.",600,3675,2,"2025-04-04T04:29:00.000Z","6.7.5","5.0","7.0",[92,93,20,94,95],"auto-save","emojis","optimizer","trash","https:\u002F\u002Fwww.geminigeeks.com\u002Fwordpress-plugin-wp-optimizer-tgg\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftgg-wp-optimizer.zip",79,"2025-03-28 00:00:00",{"slug":101,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":108,"downloaded":109,"rating":11,"num_ratings":13,"last_updated":110,"tested_up_to":111,"requires_at_least":112,"requires_php":113,"tags":114,"homepage":119,"download_link":120,"security_score":121,"vuln_count":74,"unpatched_count":74,"last_vuln_date":33,"fetched_at":26},"imagecomply","ImageComply – Alt Text Generator","1.5.5","Isaac","https:\u002F\u002Fprofiles.wordpress.org\u002Ftorchsmith\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.imagecomply.com\u002F\" title=\"The best image alt text generator\" rel=\"nofollow ugc\">ImageComply\u003C\u002Fa> can generate alt text for your \u003Cem>entire media gallery\u003C\u002Fem> of images in the \u003Cstrong>click of a button\u003C\u002Fstrong>. Time saved, money saved. Happy you, happy boss, happy website.\u003C\u002Fp>\n\u003Cp>Have you ever needed to write dozens, hundreds, or even thousands (thoughts & prayers) of image alt text? Did it cost you good money, or worse – your valuable time?\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Try it for FREE:\u003C\u002Fstrong> We’ll give you 30 free credits to start! No credit card needed. Sign up now at \u003Ca href=\"https:\u002F\u002Fwww.imagecomply.com\u002F\" title=\"The best image alt text generator\" rel=\"nofollow ugc\">ImageComply\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Have you ever needed to write dozens, hundreds, or even thousands (thoughts & prayers) of image alt text? Did it cost you good money, or worse – your valuable time?\u003C\u002Fp>\n\u003Ch3>ImageComply – Generate alt text for SEO, accessibility and ADA compliance\u003C\u002Fh3>\n\u003Ch3>How to Use ImageComply\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Click on the “ImageComply” link under the “Media” menu in your dashboard.\u003C\u002Fli>\n\u003Cli>Enter your license key and click “Save Changes”.\u003C\u002Fli>\n\u003Cli>Click on “Generate ALT text for all images” to generate alt text for all images in your media library.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>For more information, check out our \u003Ca href=\"https:\u002F\u002Fwww.imagecomply.com\u002Fdocs\u002F\" title=\"Detailed Guide on ImageComply\" rel=\"nofollow ugc\">ImageComply Documentation\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>3rd Party Services Used\u003C\u002Fh3>\n\u003Cp>Google Fonts\u003Cbr \u002F>\n– Terms of Service: https:\u002F\u002Fpolicies.google.com\u002Fterms?hl=en\u003Cbr \u002F>\n– Privacy: https:\u002F\u002Fpolicies.google.com\u002Fprivacy?hl=en\u003C\u002Fp>\n\u003Cp>ImageComply API (this one is ours)\u003Cbr \u002F>\n– Terms of Service: https:\u002F\u002Fwww.imagecomply.com\u002Fterms-and-conditions\u003Cbr \u002F>\n– Privacy Policy: https:\u002F\u002Fwww.imagecomply.com\u002Fprivacy\u003C\u002Fp>\n","ImageComply can generate alt text for your entire media gallery of images in the click of a button. Time saved, money saved.",200,4061,"2024-05-07T13:07:00.000Z","6.5.8","5.2","7.4",[115,116,117,20,118],"accessibility","alternative-text","compliance","image-title","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fimagecomply.1.5.5.zip",92,{"slug":123,"name":124,"version":125,"author":126,"author_profile":127,"description":128,"short_description":129,"active_installs":130,"downloaded":85,"rating":61,"num_ratings":131,"last_updated":132,"tested_up_to":133,"requires_at_least":134,"requires_php":119,"tags":135,"homepage":138,"download_link":139,"security_score":140,"vuln_count":74,"unpatched_count":74,"last_vuln_date":33,"fetched_at":26},"better-media-library-fields","Better Media Library Fields","1.0.0","bradvin","https:\u002F\u002Fprofiles.wordpress.org\u002Fbradvin\u002F","\u003Cp>Displays extra columns (Alternative Text, Caption, Description, Permalink and File URL) in the media library view. You can choose to hide or show these new columns using the Screen Options dropdown on the media library page.\u003C\u002Fp>\n\u003Cp>There are no settings for this plugin. Simply activate and enjoy!\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>Read more about why we made this plugin over at \u003Ca href=\"http:\u002F\u002Ffooplugins.com\u002Fwp-media-library-fields-plugin\u002F\" rel=\"nofollow ugc\">fooplugins.com\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n","Displays extra columns (Alternative Text, Caption, Description, Permalink and File URL) in the media library view",90,7,"2015-01-11T06:26:00.000Z","4.1.42","3.8",[136,20,137,70],"image-alt","media","https:\u002F\u002Fgithub.com\u002Ffooplugins\u002FBetter-Media-Library-Fields","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbetter-media-library-fields.zip",85,{"slug":142,"name":143,"version":144,"author":145,"author_profile":146,"description":147,"short_description":148,"active_installs":149,"downloaded":150,"rating":74,"num_ratings":74,"last_updated":151,"tested_up_to":111,"requires_at_least":152,"requires_php":153,"tags":154,"homepage":157,"download_link":158,"security_score":121,"vuln_count":74,"unpatched_count":74,"last_vuln_date":33,"fetched_at":26},"auto-update-image-attributes-from-filename","Auto Update Image Attributes From Filename","1.0.1","Chetan Vaghela","https:\u002F\u002Fprofiles.wordpress.org\u002Fthechetanvaghela\u002F","\u003Cp>The plugin provides a funcationality to automatically update Image attributes(Image Title, Alt Text, Image Caption, Description) from Image Filename when upload.\u003C\u002Fp>\n\u003Ch3>Features And Options:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Update Image attributes when image upload\u003C\u002Fli>\n\u003Cli>Options for remove characters, numbers and exta spaces\u003C\u002Fli>\n\u003C\u002Ful>\n","Automatically add\u002Fupdate Image attributes(Image Title, Alt Text, Image Caption, Description) from Image Filename.",20,877,"2024-05-01T13:38:00.000Z","6.2.2","7.2",[155,136,156,20,118],"image-description","image-attributes","https:\u002F\u002Fgithub.com\u002Fthechetanvaghela\u002Fauto-update-image-attributes-from-filename","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fauto-update-image-attributes-from-filename.zip",{"attackSurface":160,"codeSignals":242,"taintFlows":312,"riskAssessment":340,"analyzedAt":353},{"hooks":161,"ajaxHandlers":236,"restRoutes":237,"shortcodes":238,"cronEvents":241,"entryPointCount":13,"unprotectedCount":74},[162,168,172,175,178,182,186,191,194,197,200,203,208,211,214,216,217,219,223,225,226,228,229,230,234],{"type":163,"name":164,"callback":165,"file":166,"line":167},"action","admin_notices","print_admin_notices","classes\\class-admin.php",99,{"type":163,"name":169,"callback":170,"file":166,"line":171},"admin_enqueue_scripts","enqueue_tooltip_styles",117,{"type":163,"name":169,"callback":173,"file":166,"line":174},"enqueue_color_picker_styles",118,{"type":163,"name":169,"callback":176,"file":166,"line":177},"enqueue_color_picker_scripts",119,{"type":163,"name":179,"callback":180,"file":166,"line":181},"admin_print_footer_scripts","enable_color_picker",152,{"type":163,"name":183,"callback":183,"file":184,"line":185},"admin_menu","classes\\class-api-admin.php",8,{"type":187,"name":188,"callback":188,"priority":189,"file":184,"line":190},"filter","screen_layout_columns",10,25,{"type":163,"name":169,"callback":192,"file":184,"line":193},"enqueue_styles",26,{"type":163,"name":169,"callback":195,"file":184,"line":196},"enqueue_postbox_scripts",27,{"type":163,"name":183,"callback":183,"file":198,"line":199},"classes\\class-core-admin.php",15,{"type":163,"name":169,"callback":201,"file":198,"line":202},"enqueue_admin",35,{"type":187,"name":204,"callback":205,"priority":206,"file":207,"line":131},"widget_text","do_shortcode",11,"classes\\class-core.php",{"type":163,"name":183,"callback":183,"file":209,"line":210},"classes\\class-dashboard.php",5,{"type":163,"name":169,"callback":212,"file":209,"line":213},"register_tooltip_styles",6,{"type":163,"name":169,"callback":215,"file":209,"line":131},"register_admin_styles",{"type":187,"name":188,"callback":188,"priority":189,"file":209,"line":190},{"type":163,"name":169,"callback":218,"file":209,"line":193},"enqueue_admin_styles",{"type":163,"name":220,"callback":221,"file":222,"line":130},"admin_init","upgrade","classes\\class-plugin.php",{"type":163,"name":224,"callback":224,"priority":74,"file":222,"line":61},"init",{"type":163,"name":224,"callback":220,"priority":74,"file":222,"line":167},{"type":163,"name":183,"callback":183,"file":227,"line":206},"classes\\class-theme-admin.php",{"type":163,"name":169,"callback":192,"file":227,"line":190},{"type":163,"name":169,"callback":195,"file":227,"line":193},{"type":163,"name":231,"callback":212,"file":232,"line":233},"wp_enqueue_scripts","classes\\class-utils.php",467,{"type":163,"name":231,"callback":170,"file":232,"line":235},468,[],[],[239],{"tag":4,"callback":240,"file":207,"line":185},"display",[],{"dangerousFunctions":243,"sqlUsage":260,"outputEscaping":262,"fileOperations":74,"externalRequests":13,"nonceChecks":44,"capabilityChecks":13,"bundledLibraries":311},[244,249,253,255,258],{"fn":245,"file":246,"line":247,"context":248},"unserialize","classes\\class-api.php",216,"return false === $values ? false : @unserialize(@gzinflate(@base64_decode($values)));",{"fn":245,"file":250,"line":251,"context":252},"classes\\class-options.php",41,"$the_options = unserialize(strrev(base64_decode($the_options)));",{"fn":245,"file":232,"line":61,"context":254},"return isset($meta[$key]) ? (is_serialized($meta[$key]) ? @unserialize($meta[$key]) : $meta[$key]) :",{"fn":245,"file":232,"line":256,"context":257},120,"&& ($options = (is_serialized($meta) ? @unserialize($meta) : $meta))",{"fn":245,"file":232,"line":259,"context":257},174,{"prepared":74,"raw":74,"locations":261},[],{"escaped":131,"rawEcho":263,"locations":264},23,[265,268,270,272,274,276,278,280,282,283,285,287,289,291,293,296,297,299,301,303,305,307,309],{"file":166,"line":266,"context":267},94,"raw output",{"file":166,"line":269,"context":267},378,{"file":166,"line":271,"context":267},390,{"file":166,"line":273,"context":267},442,{"file":166,"line":275,"context":267},463,{"file":166,"line":277,"context":267},473,{"file":184,"line":279,"context":267},22,{"file":184,"line":281,"context":267},67,{"file":184,"line":121,"context":267},{"file":184,"line":284,"context":267},114,{"file":184,"line":286,"context":267},121,{"file":198,"line":288,"context":267},56,{"file":198,"line":290,"context":267},75,{"file":209,"line":292,"context":267},36,{"file":294,"line":295,"context":267},"classes\\class-news.php",68,{"file":227,"line":24,"context":267},{"file":227,"line":298,"context":267},86,{"file":227,"line":300,"context":267},101,{"file":232,"line":302,"context":267},484,{"file":232,"line":304,"context":267},495,{"file":232,"line":306,"context":267},509,{"file":232,"line":308,"context":267},526,{"file":232,"line":310,"context":267},544,[],[313,330],{"entryPoint":314,"graph":315,"unsanitizedCount":13,"severity":35},"controller (classes\\class-api-admin.php:106)",{"nodes":316,"edges":327},[317,322],{"id":318,"type":319,"label":320,"file":184,"line":321},"n0","source","$_SERVER",108,{"id":323,"type":324,"label":325,"file":184,"line":286,"wp_function":326},"n1","sink","echo() [XSS]","echo",[328],{"from":318,"to":323,"sanitized":329},false,{"entryPoint":331,"graph":332,"unsanitizedCount":74,"severity":339},"\u003Cclass-api-admin> (classes\\class-api-admin.php:0)",{"nodes":333,"edges":336},[334,335],{"id":318,"type":319,"label":320,"file":184,"line":321},{"id":323,"type":324,"label":325,"file":184,"line":286,"wp_function":326},[337],{"from":318,"to":323,"sanitized":338},true,"low",{"summary":341,"deductions":342},"The CaptionPix plugin v1.8 exhibits a mixed security posture. On the positive side, it demonstrates good practices by exclusively using prepared statements for SQL queries and implementing nonce checks and capability checks, indicating an awareness of common WordPress security pitfalls. The total entry points are minimal, with no unprotected handlers identified in the static analysis.\n\nHowever, significant concerns arise from the presence of the `unserialize` function, which is a known vector for remote code execution if not handled with extreme care and sanitization. The taint analysis, while limited in scope, revealed a flow with an unsanitized path, raising concerns about potential injection vulnerabilities. Furthermore, the output escaping is notably poor, with only 23% of outputs being properly escaped, suggesting a high likelihood of cross-site scripting (XSS) vulnerabilities.\n\nThe vulnerability history is particularly alarming. The plugin has a known CVE, which is currently unpatched and classified as medium severity. This, coupled with the previous vulnerability type being XSS, strongly suggests that the plugin has a recurring weakness in input sanitization and output encoding, making it susceptible to persistent attacks.",[343,345,347,349,351],{"reason":344,"points":199},"Unpatched medium severity CVE",{"reason":346,"points":189},"Presence of unserialize function",{"reason":348,"points":189},"Flow with unsanitized path",{"reason":350,"points":185},"Low percentage of properly escaped output",{"reason":352,"points":131},"Previous XSS vulnerability","2026-03-16T20:40:47.826Z",{"wat":355,"direct":368},{"assetPaths":356,"generatorPatterns":361,"scriptPaths":362,"versionParams":363},[357,358,359,360],"\u002Fwp-content\u002Fplugins\u002Fcaptionpix\u002Fstyles\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Fcaptionpix\u002Fstyles\u002Fmetabox.css","\u002Fwp-content\u002Fplugins\u002Fcaptionpix\u002Fstyles\u002Ftabs.css","\u002Fwp-content\u002Fplugins\u002Fcaptionpix\u002Fscripts\u002Fjquery.tabs.js",[],[],[364,365,366,367],"captionpix\u002Fstyles\u002Fadmin.css?ver=","captionpix\u002Fstyles\u002Fmetabox.css?ver=","captionpix\u002Fstyles\u002Ftabs.css?ver=","captionpix\u002Fscripts\u002Fjquery.tabs.js?ver=",{"cssClasses":369,"htmlComments":371,"htmlAttributes":372,"restEndpoints":374,"jsGlobals":375,"shortcodeOutput":377},[370],"captionpix-metabox",[],[373],"data-captionpix-url",[],[376],"Captionpix",[]]