[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$focFKvC88nehofdsDnLhY0vuw3pt_Dx82vF2RXzSyfBc":3,"$f0aCY7KrfVbspPc_0K8Kn5WuDfbtpNhekS7BGpHpz-Zc":334,"$fHrQU2dew3e_AY1wrHNVG-heYjN_yUgNflzO8iU1Qu74":339},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"discovery_status":32,"vulnerabilities":33,"developer":95,"crawl_stats":39,"alternatives":102,"analysis":208,"fingerprints":305},"category-icon","Category Icon","1.0.3","pixelgrade","https:\u002F\u002Fprofiles.wordpress.org\u002Fpixelgrade\u002F","\u003Cp>A WordPress plugin to easily attach an icon to a category, tag or any other taxonomy term.\u003C\u002Fp>\n\u003Cp>** Now supports a category, tag or any other taxonomy image field, also.\u003C\u002Fp>\n\u003Cp>Please note that this plugin will not automatically output the icon or the image on the frontend of our site.\u003C\u002Fp>\n\u003Cp>It is up to you to query and output in your theme using the provided getter functions: \u003Ccode>get_term_icon_id()\u003C\u002Fcode>, \u003Ccode>get_term_icon_url()\u003C\u002Fcode>, \u003Ccode>get_term_image_id()\u003C\u002Fcode>, \u003Ccode>get_term_image_url()\u003C\u002Fcode>.\u003C\u002Fp>\n","A WordPress plugin to easily attach an icon to a category, tag or any other taxonomy term.",2000,89913,20,3,"2025-12-13T12:12:00.000Z","6.8.5","4.9.19","5.6.40",[20,21,22,23,24],"category","icon","image","taxonomy","term","http:\u002F\u002Fpixelgrade.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcategory-icon.1.0.3.zip",72,4,1,"2025-12-25 00:00:00","2026-04-16T10:56:18.058Z","no_bundle",[34,52,65,81],{"id":35,"url_slug":36,"title":37,"description":38,"plugin_slug":4,"theme_slug":39,"affected_versions":40,"patched_in_version":6,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48,"patch_diff_files":49,"patch_trac_url":39,"research_status":39,"research_verified":50,"research_rounds_completed":51,"research_plan":39,"research_summary":39,"research_vulnerable_code":39,"research_fix_diff":39,"research_exploit_outline":39,"research_model_used":39,"research_started_at":39,"research_completed_at":39,"research_error":39,"poc_status":39,"poc_video_id":39,"poc_summary":39,"poc_steps":39,"poc_tested_at":39,"poc_wp_version":39,"poc_php_version":39,"poc_playwright_script":39,"poc_exploit_code":39,"poc_has_trace":50,"poc_model_used":39,"poc_verification_depth":39},"CVE-2025-68525","category-icon-authenticated-editor-stored-cross-site-scripting","Category Icon \u003C= 1.0.2 - Authenticated (Editor+) Stored Cross-Site Scripting","The Category Icon plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.0.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with editor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.",null,"\u003C=1.0.2","medium",4.4,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2026-01-05 18:48:01",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F90e4fb13-e007-4278-aee4-c61b6612544d?source=api-prod",12,[],false,0,{"id":53,"url_slug":54,"title":55,"description":56,"plugin_slug":4,"theme_slug":39,"affected_versions":40,"patched_in_version":39,"severity":41,"cvss_score":57,"cvss_vector":58,"vuln_type":59,"published_date":60,"updated_date":61,"references":62,"days_to_patch":39,"patch_diff_files":64,"patch_trac_url":39,"research_status":39,"research_verified":50,"research_rounds_completed":51,"research_plan":39,"research_summary":39,"research_vulnerable_code":39,"research_fix_diff":39,"research_exploit_outline":39,"research_model_used":39,"research_started_at":39,"research_completed_at":39,"research_error":39,"poc_status":39,"poc_video_id":39,"poc_summary":39,"poc_steps":39,"poc_tested_at":39,"poc_wp_version":39,"poc_php_version":39,"poc_playwright_script":39,"poc_exploit_code":39,"poc_has_trace":50,"poc_model_used":39,"poc_verification_depth":39},"CVE-2025-31039","category-icon-authenticated-author-xml-external-entity-injection","Category Icon \u003C= 1.0.2 - Authenticated (Author+) XML External Entity Injection","The Category Icon plugin for WordPress is vulnerable to XML External Entity Injection (XXE) in versions up to, and including, 1.0.2. This may make it possible for allow authenticated attackers, with author-level access and above, to extract sensitive data or achieve code execution in vulnerable configurations.",6.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:L\u002FI:L\u002FA:L","Improper Restriction of XML External Entity Reference","2025-06-03 00:00:00","2025-06-12 13:26:22",[63],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fd937cacb-eb80-4c7c-9105-4ac4bd5c48cd?source=api-prod",[],{"id":66,"url_slug":67,"title":68,"description":69,"plugin_slug":4,"theme_slug":39,"affected_versions":70,"patched_in_version":71,"severity":41,"cvss_score":72,"cvss_vector":73,"vuln_type":74,"published_date":75,"updated_date":76,"references":77,"days_to_patch":79,"patch_diff_files":80,"patch_trac_url":39,"research_status":39,"research_verified":50,"research_rounds_completed":51,"research_plan":39,"research_summary":39,"research_vulnerable_code":39,"research_fix_diff":39,"research_exploit_outline":39,"research_model_used":39,"research_started_at":39,"research_completed_at":39,"research_error":39,"poc_status":39,"poc_video_id":39,"poc_summary":39,"poc_steps":39,"poc_tested_at":39,"poc_wp_version":39,"poc_php_version":39,"poc_playwright_script":39,"poc_exploit_code":39,"poc_has_trace":50,"poc_model_used":39,"poc_verification_depth":39},"CVE-2025-31825","category-icon-authenticated-author-arbitrary-file-download","Category Icon \u003C= 1.0.1 - Authenticated (Author+) Arbitrary File Download","The Category Icon plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.0.1. This makes it possible for authenticated attackers, with Author-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.","\u003C=1.0.1","1.0.2",6.5,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:H\u002FI:N\u002FA:N","Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')","2025-04-03 00:00:00","2025-05-21 13:44:35",[78],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Ffab4db72-e8d6-4417-ba40-a55f395beb35?source=api-prod",49,[],{"id":82,"url_slug":83,"title":84,"description":85,"plugin_slug":4,"theme_slug":39,"affected_versions":86,"patched_in_version":87,"severity":41,"cvss_score":88,"cvss_vector":89,"vuln_type":44,"published_date":90,"updated_date":91,"references":92,"days_to_patch":29,"patch_diff_files":94,"patch_trac_url":39,"research_status":39,"research_verified":50,"research_rounds_completed":51,"research_plan":39,"research_summary":39,"research_vulnerable_code":39,"research_fix_diff":39,"research_exploit_outline":39,"research_model_used":39,"research_started_at":39,"research_completed_at":39,"research_error":39,"poc_status":39,"poc_video_id":39,"poc_summary":39,"poc_steps":39,"poc_tested_at":39,"poc_wp_version":39,"poc_php_version":39,"poc_playwright_script":39,"poc_exploit_code":39,"poc_has_trace":50,"poc_model_used":39,"poc_verification_depth":39},"CVE-2024-8915","category-icon-authenticated-author-stored-cross-site-scripting-via-svg-file-upload","Category Icon \u003C= 1.0.0 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload","The Category Icon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.","\u003C=1.0.0","1.0.1",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","2024-10-11 20:10:19","2024-10-12 08:41:03",[93],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F1dc4acdc-754f-4ee0-947d-ff0c277e8181?source=api-prod",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":96,"total_installs":97,"avg_security_score":98,"avg_patch_time_days":99,"trust_score":100,"computed_at":101},8,36900,88,214,71,"2026-05-19T16:32:47.975Z",[103,123,149,167,185],{"slug":104,"name":105,"version":106,"author":107,"author_profile":108,"description":109,"short_description":110,"active_installs":111,"downloaded":112,"rating":98,"num_ratings":113,"last_updated":114,"tested_up_to":115,"requires_at_least":116,"requires_php":117,"tags":118,"homepage":120,"download_link":121,"security_score":122,"vuln_count":51,"unpatched_count":51,"last_vuln_date":39,"fetched_at":31},"taxonomy-images","Taxonomy Images","1.0","Ben Huson","https:\u002F\u002Fprofiles.wordpress.org\u002Fhusobj\u002F","\u003Ch4>Displaying Your Images in Your Theme\u003C\u002Fh4>\n\u003Cp>There are a few filters that you can use in your theme to display the image associations created by this plugin. Please read below for detailed information.\u003C\u002Fp>\n\u003Ch4>Display a single image representing the term archive\u003C\u002Fh4>\n\u003Cp>The following filter will display the image associated with the term asked for in the query string of the URL. This filter only works in views that naturally use templates like category.php, tag.php, taxonomy.php and all of their derivatives. Please read about \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FTemplate_Hierarchy\" rel=\"nofollow ugc\">template hierarchy\u003C\u002Fa> for more information about these templates. The simplest use of this filter looks like:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>print apply_filters( 'taxonomy-images-queried-term-image', '' );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>This code will generate and print an image tag. It’s output can be modifed by passing an optional third parameter to apply_filters(). This parameter is an array and the following keys may be set:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>after\u003C\u002Fstrong> \u003Cem>(string)\u003C\u002Fem> – Text to append to the image’s HTML.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>attr\u003C\u002Fstrong> \u003Cem>(array)\u003C\u002Fem> – Key \u002F value pairs representing the attributes of the \u003Ccode>img\u003C\u002Fcode> tag. Available options include: \u003Ccode>alt\u003C\u002Fcode>, \u003Ccode>class\u003C\u002Fcode>, \u003Ccode>src\u003C\u002Fcode> and \u003Ccode>title\u003C\u002Fcode>. This array will be passed as the fourth parameter to WordPress core function \u003Ccode>wp_get_attachment_image()\u003C\u002Fcode> without modification.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>before\u003C\u002Fstrong> \u003Cem>(string)\u003C\u002Fem> – Text to prepend to the image’s HTML.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>image_size\u003C\u002Fstrong> \u003Cem>(string)\u003C\u002Fem> – May be any image size registered with WordPress. If no image size is specified, ‘thumbnail’ will be used as a default value. In the event that an unregistered size is specified, this filter will return an empty string.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Here’s an example of what a fully customized version of this filter might look like:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>print apply_filters( 'taxonomy-images-queried-term-image', '', array(\n    'attr'       => array(\n        'alt'   => 'Custom alternative text',\n        'class' => 'my-class-list bunnies turtles',\n        'src'   => 'this-is-where-the-image-lives.png',\n        'title' => 'Custom Title',\n        ),\n    'before'     => '\u003Cdiv id=\"my-custom-div\">',\n    'after'      => '\u003C\u002Fdiv>',\n    'image_size' => 'medium'\n) );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Similar functionality\u003C\u002Fh4>\n\u003Cp>If you just need to get the database ID for the image, you may want to use:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>$image_id = apply_filters( 'taxonomy-images-queried-term-image-id', 0 );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>If you need to get the full object of the image, you may want to use:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>$image = apply_filters( 'taxonomy-images-queried-term-image-object', '' );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>If you need to get the URL to the image, you may want to use the following:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>$image_url = apply_filters( 'taxonomy-images-queried-term-image-url', '' );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>You can specify the size of the image in an option third parameter:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>$image_url = apply_filters( 'taxonomy-images-queried-term-image-url', '', array(\n    'image_size' => 'medium'\n) );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>If you need data about the image, you may want to use:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>$image_data = apply_filters( 'taxonomy-images-queried-term-image-data', '' );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>You can specify the size of the image in an option third parameter:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>$image_data = apply_filters( 'taxonomy-images-queried-term-image-data', '', array(\n    'image_size' => 'medium'\n    ) );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>List term images associated with a post object\u003C\u002Fh4>\n\u003Cp>When a post is being displayed you may want to display the images associated with all of the terms associated with the post. The \u003Ccode>taxonomy-images-list-the-terms\u003C\u002Fcode> filter does this. Here’s what it looks like in its simplest form:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>print apply_filters( 'taxonomy-images-list-the-terms', '' );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>This filter accepts an optional third parameter that you can use to customize its output. It is an array which recognizes the following keys:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>after\u003C\u002Fstrong> \u003Cem>(string)\u003C\u002Fem> – Text to append to the output. Default value is a closing unordered list tag.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>after_image\u003C\u002Fstrong> \u003Cem>(string)\u003C\u002Fem> – Text to append to each image. Default value is a closing list-item tag.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>before\u003C\u002Fstrong> \u003Cem>(string)\u003C\u002Fem> – Text to prepend to the output. Default value is an open unordered list tag with an class attribute of “taxonomy-images-the-terms”.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>before_image\u003C\u002Fstrong> \u003Cem>(string)\u003C\u002Fem> – Text to prepend to each image. Default value is an open list-item tag.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>image_size\u003C\u002Fstrong> \u003Cem>(string)\u003C\u002Fem> – Any registered image size. Values will vary from installation to installation. Image sizes defined in core include: “thumbnail”, “medium” and “large”. “full” may also be used to get the unmodified image that was uploaded. Defaults to “thumbnail”.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>post_id\u003C\u002Fstrong> \u003Cem>(int)\u003C\u002Fem> – The post to retrieve terms from. Defaults to the ID property of the global \u003Ccode>$post\u003C\u002Fcode> object.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>taxonomy\u003C\u002Fstrong> \u003Cem>(string)\u003C\u002Fem> – Name of a registered taxonomy to return terms from. Defaults to \u003Ccode>category\u003C\u002Fcode>.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Here’s an example of what a fully customized version of this filter might look like:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>print apply_filters( 'taxonomy-images-list-the-terms', '', array(\n    'before'       => '\u003Cdiv class=\"my-custom-class-name\">',\n    'after'        => '\u003C\u002Fdiv>',\n    'before_image' => '\u003Cspan>',\n    'after_image'  => '\u003C\u002Fspan>',\n    'image_size'   => 'detail',\n    'post_id'      => 1234,\n    'taxonomy'     => 'post_tag',\n) );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Working with all terms of a given taxonomy\u003C\u002Fh4>\n\u003Cp>You will want to use the \u003Ccode>taxonomy-images-get-terms\u003C\u002Fcode> filter. This filter is basically a wrapper for WordPress core function \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FFunction_Reference\u002Fget_terms\" rel=\"nofollow ugc\">get_terms()\u003C\u002Fa>. It will return an array of enhanced term objects: each term object will have a custom property named \u003Ccode>image_id\u003C\u002Fcode> which is an integer representing the database ID of the image associated with the term. This filter can be used to create custom lists of terms. Here’s what it’s default useage looks like:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>$terms = apply_filters( 'taxonomy-images-get-terms', '' );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Here is what php’s \u003Ccode>print_r()\u003C\u002Fcode> function may return:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>Array\n(\n    [0] => stdClass Object\n        (\n            [term_id]          => 8\n            [name]             => Pirate\n            [slug]             => pirate\n            [term_group]       => 0\n            [term_taxonomy_id] => 8\n            [taxonomy]         => category\n            [description]      => Pirates live in the ocean and ride around on boats.\n            [parent]           => 0\n            [count]            => 1\n            [image_id]         => 44\n        )\n)\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>As you can see, all of the goodness of \u003Ccode>get_terms()\u003C\u002Fcode> is there with an added bonus: the \u003Ccode>image_id\u003C\u002Fcode> parameter!\u003C\u002Fp>\n\u003Cp>This filter recognizes an optional third parameter which is an array of arguments that can be used to modify its output:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>cache_images\u003C\u002Fstrong> \u003Cem>(bool)\u003C\u002Fem> If this value is \u003Ccode>true\u003C\u002Fcode> all associated images will be queried and cached for later use in various template tags. If it is set to \u003Ccode>false\u003C\u002Fcode>, this query will be suppressed. Do not set this value to false unless you have a really good reason for doing so 🙂 Default value is \u003Ccode>true\u003C\u002Fcode>.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>having_images\u003C\u002Fstrong> \u003Cem>(bool)\u003C\u002Fem> If this value is \u003Ccode>true\u003C\u002Fcode> then only terms that have associated images will be returned. Setting it to \u003Ccode>false\u003C\u002Fcode> will return all terms. Default value is \u003Ccode>true\u003C\u002Fcode>.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>taxonomy\u003C\u002Fstrong> \u003Cem>(string)\u003C\u002Fem> Name of a registered taxonomy to return terms from. Multiple taxonomies may be specified by separating each name by a comma. Defaults to \u003Ccode>category\u003C\u002Fcode>.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>term_args\u003C\u002Fstrong> \u003Cem>(array)\u003C\u002Fem> Arguments to pass to \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FFunction_Reference\u002Fget_terms\" rel=\"nofollow ugc\">\u003Ccode>get_terms()\u003C\u002Fcode>\u003C\u002Fa> as the second parameter. Default value is an empty array.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Here’s an example of a simple custom loop that you can use to display all term images:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>$terms = apply_filters( 'taxonomy-images-get-terms', '' );\nif ( ! empty( $terms ) ) {\n    print '\u003Cul>';\n    foreach ( (array) $terms as $term ) {\n        print '\u003Cli>\u003Ca href=\"' . esc_url( get_term_link( $term, $term->taxonomy ) ) . '\">' . wp_get_attachment_image( $term->image_id, 'detail' ) . '\u003C\u002Fa>\u003C\u002Fli>';\n    }\n    print '\u003C\u002Ful>';\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cp>If you have questions about integrating this plugin into your site, please \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Ftags\u002Ftaxonomy-images?forum_id=10#postform\" rel=\"ugc\">add a new thread to the WordPress Support Forum\u003C\u002Fa>. I try to answer these, but I may not always be able to. In the event that I cannot there may be someone else who can help.\u003C\u002Fp>\n\u003Ch4>Bugs, Suggestions\u003C\u002Fh4>\n\u003Cp>Development of this plugin is hosted in a public repository on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fbenhuson\u002FTaxonomy-Images\" rel=\"nofollow ugc\">Github\u003C\u002Fa>. If you find a bug in this plugin or have a suggestion to make it better, please \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fbenhuson\u002FTaxonomy-Images\u002Fissues\u002Fnew\" rel=\"nofollow ugc\">create a new issue\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Hook it up yo!\u003C\u002Fh4>\n\u003Cp>If you have fallen in love with this plugin and would not be able to sleep without helping out in some way, please see the following list of ways that you can \u003Cem>hook it up!\u003C\u002Fem>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Rate it!\u003C\u002Fstrong> – Use the star tool on the right-hand sidebar of the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftaxonomy-images\u002F\" rel=\"ugc\">plugin homepage\u003C\u002Fa>.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Let me know if it works\u003C\u002Fstrong> – Use the \u003Cem>Compatibility\u003C\u002Fem> widget on the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftaxonomy-images\u002F\" rel=\"ugc\">plugin homepage\u003C\u002Fa> to let everyone know that the current version works with your version of WordPress.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Do you Twitter?\u003C\u002Fstrong> Help promote by using this shortlink: \u003Ca href=\"http:\u002F\u002Fbit.ly\u002Ftaxonomy-images\" rel=\"nofollow ugc\">http:\u002F\u002Fbit.ly\u002Ftaxonomy-images\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Are you a writer?\u003C\u002Fstrong> Help promote by writing an article on your website about this plugin.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Need More Taxonomy Plugins?\u003C\u002Fh4>\n\u003Cp>The original author of this plugin, Michael Fields, released a handful of plugins dealing with taxonomies. Please see his \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fmfields\u002F\" rel=\"nofollow ugc\">WordPress.org profile\u003C\u002Fa> for more information.\u003C\u002Fp>\n","Associate images from your media library to categories, tags and custom taxonomies.",10000,217792,40,"2024-02-15T18:12:00.000Z","6.4.8","4.4","5.3",[20,22,119,23,24],"tag","https:\u002F\u002Fgithub.com\u002Fbenhuson\u002FTaxonomy-Images","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftaxonomy-images.1.0.zip",85,{"slug":124,"name":125,"version":126,"author":127,"author_profile":128,"description":129,"short_description":130,"active_installs":131,"downloaded":132,"rating":133,"num_ratings":134,"last_updated":135,"tested_up_to":136,"requires_at_least":137,"requires_php":138,"tags":139,"homepage":145,"download_link":146,"security_score":147,"vuln_count":29,"unpatched_count":51,"last_vuln_date":148,"fetched_at":31},"advanced-category-and-custom-taxonomy-image","Advanced Category and Custom Taxonomy Image","2.0.9","Sajjad Hossain Sagor","https:\u002F\u002Fprofiles.wordpress.org\u002Fsajjad67\u002F","\u003Cp>Now its easier to include category \u002F custom taxonomy image with this plugin for different platforms. No need to overload mobile bandwidth with high pixel image size. You can now select different image for different devices. Upload Different Image For Different Devices ex: Mobile, Tablet, Desktop, iOS, Android, Windows Phone.\u003Cbr \u002F>\nBuilt-in Template Tag To Use Anywhere You Want In Your Theme : get_taxonomy_image( $term_id, $return_img_tag, $class );\u003C\u002Fp>\n\u003Ch4>Documentation\u003C\u002Fh4>\n\u003Cpre>\n$taxonomy_img = get_taxonomy_image( int $term_id = get_queried_object()->term_id , boolean $return_img_tag = false , string $class = '' );\n\nget taxonomy image url if $return_html = true then return  tag\n\nParameters :\n$term_id\n(int) (Required) Taxonomy ID of the term.\n\n$return_img_tag\n(boolean) (Optional) Formatted Image with  tag for the field during output.\n\n$class\n(string) (Optional) A space separated string of CSS classes to add to the  tag. classes ex: \"your custom class list separated by space\" but $return_img_tag should be true to add image class.\n\necho $taxonomy_img; \u002F\u002F taxonomy image url\n\u003C\u002Fpre>\n\u003Cp>where $term_id is ‘category \u002F term id’\u003C\u002Fp>\n\u003Cp>Shortcode : use the shortcode anywhere to get taxonomy image. If you don’t provide “term_id” value then it will be current queried page taxonomy automatically.\u003C\u002Fp>\n\u003Cpre>\necho do_shortcode( '[ad_tax_image term_id=\"\" return_img_tag=\"true\" class=\"your custom class list seperated by space\"]' ); \u002F\u002F keep term_id empty if you want to show current visited taxonomy archive image.\n\u003C\u002Fpre>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Option To Enable Custom Image Upload for different taxonomies \u003C\u002Fli>\n\u003Cli>Option To Enable Custom Image Upload for different devices \u003C\u002Fli>\n\u003Cli>Very simple to use & WP Default Media Uploaded to upload image\u003C\u002Fli>\n\u003Cli>Built-in Template Tag to use in your theme template\u003C\u002Fli>\n\u003Cli>Shortcode to use anywhere.\u003C\u002Fli>\n\u003C\u002Ful>\n","Add Custom Image To Your Category \u002F Custom Taxonomy Field With Advanced Category and Custom Taxonomy Image Plugin.",1000,25792,100,5,"2026-01-15T16:33:00.000Z","6.9.4","5.6","8.0",[140,141,142,143,144],"category-image","category-logo","featured-image","taxonomy-image","term-image","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fadvanced-category-and-custom-taxonomy-image\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadvanced-category-and-custom-taxonomy-image.2.0.9.zip",99,"2024-10-17 21:27:19",{"slug":150,"name":151,"version":6,"author":152,"author_profile":153,"description":154,"short_description":155,"active_installs":156,"downloaded":157,"rating":133,"num_ratings":29,"last_updated":158,"tested_up_to":159,"requires_at_least":160,"requires_php":161,"tags":162,"homepage":165,"download_link":166,"security_score":122,"vuln_count":51,"unpatched_count":51,"last_vuln_date":39,"fetched_at":31},"better-categories-images","Better Categories Images","Nam Truong","https:\u002F\u002Fprofiles.wordpress.org\u002Fnamncn\u002F","\u003Cp>The Better Categories Images Plugin allow you to add image with any category or taxonomy.\u003C\u002Fp>\n\u003Cp>Use:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>+ $thumbnail_id = get_term_meta( $term_id, 'thumbnail_id', true ); \\\\ [get_term_meta](https:\u002F\u002Fdeveloper.wordpress.org\u002Freference\u002Ffunctions\u002Fget_term_meta\u002F)\n+ $image        = wp_get_attachment_image( $thumbnail_id, 'full' ); \\\\ [wp_get_attachment_image](https:\u002F\u002Fdeveloper.wordpress.org\u002Freference\u002Ffunctions\u002Fwp_get_attachment_image\u002F)\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>From within WordPress\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Visit ‘Plugins > Add New’\u003C\u002Fli>\n\u003Cli>Search for ‘Better Categories Images’\u003C\u002Fli>\n\u003Cli>Activate Better Categories Images from your Plugins page.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Manually\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Upload the \u003Ccode>better-categories-images\u003C\u002Fcode> folder to the \u003Ccode>\u002Fwp-content\u002Fplugins\u002F\u003C\u002Fcode> directory\u003C\u002Fli>\n\u003Cli>Activate the Better Categories Images plugin through the ‘Plugins’ menu in WordPress\u003C\u002Fli>\n\u003Cli>Go to “after activation” below.\u003C\u002Fli>\n\u003C\u002Fol>\n","The Better Categories Images Plugin allow you to add image with any category or taxonomy.",10,2041,"2018-08-11T03:45:00.000Z","4.9.29","","5.6.3",[20,163,23,164],"images","term-field","https:\u002F\u002Fnamncn.com\u002Fplugins\u002Fbetter-categories-images\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbetter-categories-images.zip",{"slug":168,"name":169,"version":170,"author":171,"author_profile":172,"description":173,"short_description":174,"active_installs":156,"downloaded":175,"rating":51,"num_ratings":51,"last_updated":176,"tested_up_to":16,"requires_at_least":177,"requires_php":178,"tags":179,"homepage":183,"download_link":184,"security_score":133,"vuln_count":51,"unpatched_count":51,"last_vuln_date":39,"fetched_at":31},"display-category-and-taxonomy-list","Display Category and Taxonomy List","1.0.0","Md Rashidul Azam (Nishan)","https:\u002F\u002Fprofiles.wordpress.org\u002Farosh019\u002F","\u003Cp>\u003Cstrong>Display Category and Taxonomy List\u003C\u002Fstrong> is a clean and flexible plugin for showcasing WordPress categories or any custom taxonomy in a grid layout. It’s perfect for blogs, directories, WooCommerce stores, and content-heavy websites that want a more visual, engaging way to organize taxonomies.\u003C\u002Fp>\n\u003Cp>🏆 \u003Cstrong>Core Features (Free Version):\u003C\u002Fstrong>\u003Cbr \u002F>\n– Display categories or custom taxonomy terms using \u003Ccode>[dcatl_category_list]\u003C\u002Fcode>\u003Cbr \u002F>\n– Set featured images for terms (categories, tags, or any custom taxonomy)\u003Cbr \u002F>\n– Multiple layout styles with responsive design\u003Cbr \u002F>\n– Custom wrapper height and auto height options\u003Cbr \u002F>\n– Background image auto sizing for clean layout\u003Cbr \u002F>\n– Title and button hover color options\u003Cbr \u002F>\n– Title hover effect for interactive UI\u003Cbr \u002F>\n– Counter badge with color and font customization\u003Cbr \u002F>\n– Show or hide title, description, button, and counter individually\u003Cbr \u002F>\n– Flexible design options: overlay color, font size, font color, box shadows\u003Cbr \u002F>\n– Range sliders for spacing, height, and layout control\u003Cbr \u002F>\n– Clean wrapper and item structure for easy design control\u003Cbr \u002F>\n– Padding and margin settings for main wrapper and content area\u003Cbr \u002F>\n– Sorting options and taxonomy selection via settings\u003Cbr \u002F>\n– Built-in media queries for mobile responsiveness\u003Cbr \u002F>\n– Button design controls including font size, background color, and padding\u003C\u002Fp>\n\u003Cp>🌟 \u003Cstrong>Get More with \u003Ca href=\"https:\u002F\u002Fyourwebsite.com\u002Fpro-version\" rel=\"nofollow ugc\">Premium Version\u003C\u002Fa>:\u003C\u002Fstrong>\u003Cbr \u002F>\nUnlock full design flexibility and pro-level controls:\u003Cbr \u002F>\n– Multiple taxonomy display\u003Cbr \u002F>\n– Slider, Mosaic, and advanced Grid layouts\u003Cbr \u002F>\n– Advanced layout modes & transitions\u003Cbr \u002F>\n– Elementor & block editor support\u003Cbr \u002F>\n– Priority support & regular updates\u003Cbr \u002F>\n– Export\u002Fimport settings\u003Cbr \u002F>\n– Enable\u002Fdisable plugin stylesheet\u003Cbr \u002F>\n– Content length control\u003Cbr \u002F>\n– Custom “Read More” text.\u003Cbr \u002F>\n– Child item depth control (e.g. 2nd, 3rd level)\u003Cbr \u002F>\n– Sort by ID, date, author, random, etc.\u003Cbr \u002F>\n– Title position control (top\u002Fbottom)\u003Cbr \u002F>\n– Image, icon, or color for terms\u003Cbr \u002F>\n– Special button icon\u003Cbr \u002F>\n– Display selected terms only\u003Cbr \u002F>\n– Custom counter position\u003Cbr \u002F>\n– Tree view with vertical\u002Fhorizontal layouts\u003Cbr \u002F>\n– Multi-line or single-line display\u003Cbr \u002F>\n– Multiple Image hover effects\u003C\u002Fp>\n\u003Cp>👉 \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fyourwebsite.com\u002Fpro-version\" rel=\"nofollow ugc\">Upgrade to Premium\u003C\u002Fa>\u003C\u002Fstrong> and unlock all features!\u003C\u002Fp>\n\u003Ch3>How It Works\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Go to the \u003Cstrong>Category\u003C\u002Fstrong> section and add a term image.\u003C\u002Fli>\n\u003Cli>Go to the \u003Cstrong>Category List\u003C\u002Fstrong> menu in your WordPress admin.\u003C\u002Fli>\n\u003Cli>Configure the layout, design, and display settings. \u003Cem>(In the free version, you can use one taxonomy item.)\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>Add \u003Ccode>[dcatl_category_list]\u003C\u002Fcode> to any page, post, or widget.\u003C\u002Fli>\n\u003Cli>The plugin will automatically display taxonomy terms based on your settings.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>👉 \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fyourwebsite.com\u002Fpro-version\" rel=\"nofollow ugc\">Video Tutorial\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>Shortcode\u003C\u002Fh3>\n\u003Cp>Use this shortcode: \u003Ccode>[dcatl_category_list]\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>Note: The shortcode does not accept attributes at this time. All options are managed globally through the \u003Cstrong>Category List\u003C\u002Fstrong> settings panel.\u003C\u002Fp>\n\u003Ch3>Note\u003C\u002Fh3>\n\u003Cp>The plugin does not use shortcode attributes — all customization is handled through the admin settings panel.\u003C\u002Fp>\n\u003Ch3>Upcoming Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Shortcode attributes for layout and filtering\u003C\u002Fli>\n\u003Cli>Additional layout styles (masonry, carousel, list view)\u003C\u002Fli>\n\u003Cli>AJAX filtering and live search\u003C\u002Fli>\n\u003Cli>RTL and accessibility improvements\u003C\u002Fli>\n\u003Cli>Per-term image override via filters\u003C\u002Fli>\n\u003Cli>Import\u002Fexport settings\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>Need help? Visit the \u003Ca href=\"https:\u002F\u002Fdcatl.diviaccessories.com\u002F\" rel=\"nofollow ugc\">support forum\u003C\u002Fa> or reach out via the plugin page.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is open-source and released under the \u003Ca href=\"https:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html\" rel=\"nofollow ugc\">GPLv2 or later\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>Built with care to enhance how WordPress displays taxonomy content. Contributions and feedback are always welcome!\u003C\u002Fp>\n","Display WordPress categories or custom taxonomies in a responsive grid with featured images, titles and more. Fully customizable via settings.",331,"2025-09-17T03:10:00.000Z","6.5","7.4",[180,140,181,182,144],"categories","category-list","taxonomy-list","https:\u002F\u002Fdcatl.diviaccessories.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisplay-category-and-taxonomy-list.1.0.0.zip",{"slug":186,"name":187,"version":188,"author":189,"author_profile":190,"description":191,"short_description":192,"active_installs":193,"downloaded":194,"rating":195,"num_ratings":196,"last_updated":197,"tested_up_to":136,"requires_at_least":198,"requires_php":160,"tags":199,"homepage":204,"download_link":205,"security_score":147,"vuln_count":206,"unpatched_count":51,"last_vuln_date":207,"fetched_at":31},"taxonomy-terms-order","Category Order and Taxonomy Terms Order","1.9.5","nsp-code","https:\u002F\u002Fprofiles.wordpress.org\u002Fnsp-code\u002F","\u003Cp>Easily control the order of Categories and any hierarchical taxonomy with a simple drag-and-drop interface. Reorder parent and child terms visually in the admin and choose whether the plugin automatically applies your custom term order to front-end queries.\u003C\u002Fp>\n\u003Ch3>Key features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Intuitive drag-and-drop reordering for Categories and all hierarchical taxonomies. \u003C\u002Fli>\n\u003Cli>Option to auto-apply the custom term order to front-end queries (no theme\u002Fplugin edits required). \u003C\u002Fli>\n\u003Cli>Keep the admin term lists in your new order (makes management and editorial workflows consistent). \u003C\u002Fli>\n\u003Cli>Works with multiple taxonomies per post type — switch between taxonomies from the same interface. \u003C\u002Fli>\n\u003Cli>Multisite aware and regularly updated for modern WordPress and PHP versions (see changelog for compatibility notes).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>How it works\u003C\u002Fh3>\n\u003Cp>After activating the plugin, a new Taxonomy Order page becomes available under the custom post type menu. Simply open it and drag terms into the exact order you want — including parent\u002Fchild hierarchy.\u003Cbr \u002F>\nUse the plugin’s Taxonomy Order screen to drag terms into the order you want. To apply the custom order automatically across your site, enable the Autosort option — the plugin will adjust term queries on the fly so your chosen order shows without template changes. If you prefer to control ordering in code, include orderby => ‘term_order’ when calling get_terms() to use the plugin’s order programmatically.\u003C\u002Fp>\n\u003Cp>This plugin is developed by \u003Ca href=\"http:\u002F\u002Fwww.nsp-code.com\" rel=\"nofollow ugc\">Nsp-Code\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>See the \u003Ca href=\"https:\u002F\u002Fwww.nsp-code.com\u002Fpremium-plugins\u002Fwordpress-plugins\u002Fadvanced-taxonomy-terms-order\u002F\" rel=\"nofollow ugc\">Advanced Taxonomy Terms Order\u003C\u002Fa> for advanced features.\u003C\u002Fp>\n\u003Ch3>Localization\u003C\u002Fh3>\n\u003Cp>Available in Catalan, Chinese (China), Chinese (Taiwan), Czech, Dutch, Dutch (Belgium), English (Australia), English (Canada), English (New Zealand), English (UK), English (US), French (France), Galician, German, Italian, Japanese, Norwegian (Bokmål), Polish, Portuguese (Portugal), Russian, Spanish (Chile), Spanish (Spain), Spanish (Venezuela), Swedish, and Turkish.\u003Cbr \u002F>\nWhant to contribute with a translation to your language? Please check at https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Ftaxonomy-terms-order\u003C\u002Fp>\n\u003Cp>There isn’t any Editors for your native language on plugin Contributors? You can help to moderate! https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Ftaxonomy-terms-order\u002Fcontributors\u003C\u002Fp>\n","Drag-and-drop ordering for Categories & any taxonomy (hierarchically) using a Drag and Drop Sortable JavaScript capability.",500000,10130592,90,162,"2026-03-16T08:12:00.000Z","2.8",[200,201,202,203],"categories-sort","category-order","taxonomy-order","terms-order","http:\u002F\u002Fwww.nsp-code.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftaxonomy-terms-order.1.9.5.zip",2,"2018-02-22 00:00:00",{"attackSurface":209,"codeSignals":261,"taintFlows":287,"riskAssessment":288,"analyzedAt":304},{"hooks":210,"ajaxHandlers":257,"restRoutes":258,"shortcodes":259,"cronEvents":260,"entryPointCount":51,"unprotectedCount":51},[211,217,221,226,230,233,238,241,245,249,253],{"type":212,"name":213,"callback":214,"file":215,"line":216},"filter","upload_mimes","allow_svg_in_mime_types","category-icon.php",66,{"type":212,"name":218,"callback":219,"file":215,"line":220},"wp_handle_upload_prefilter","sanitize_svg_upload",67,{"type":222,"name":223,"callback":224,"file":215,"line":225},"action","admin_head","force_svg_with_visible_sizes",68,{"type":222,"name":227,"callback":228,"file":215,"line":229},"admin_menu","add_plugin_admin_menu",70,{"type":222,"name":231,"callback":232,"file":215,"line":27},"admin_init","plugin_admin_init",{"type":222,"name":234,"callback":235,"priority":236,"file":215,"line":237},"init","plugin_init",9999999999,75,{"type":222,"name":234,"callback":239,"priority":29,"file":215,"line":240},"register_the_termmeta_table",76,{"type":222,"name":242,"callback":243,"priority":156,"file":215,"line":244},"wpmu_new_blog","new_blog",77,{"type":222,"name":246,"callback":247,"file":215,"line":248},"admin_enqueue_scripts","enqueue_admin_scripts",79,{"type":222,"name":250,"callback":251,"priority":51,"file":215,"line":252},"shutdown","on_shutdown",445,{"type":212,"name":254,"callback":255,"file":215,"line":256},"final_output","fix_svg_template",446,[],[],[],[],{"dangerousFunctions":262,"sqlUsage":263,"outputEscaping":268,"fileOperations":206,"externalRequests":51,"nonceChecks":51,"capabilityChecks":51,"bundledLibraries":286},[],{"prepared":29,"raw":29,"locations":264},[265],{"file":215,"line":266,"context":267},222,"$wpdb->get_col() with variable interpolation",{"escaped":269,"rawEcho":96,"locations":270},7,[271,274,276,278,280,281,282,284],{"file":215,"line":272,"context":273},308,"raw output",{"file":215,"line":275,"context":273},336,{"file":215,"line":277,"context":273},469,{"file":215,"line":279,"context":273},470,{"file":215,"line":279,"context":273},{"file":215,"line":279,"context":273},{"file":215,"line":283,"context":273},471,{"file":215,"line":285,"context":273},578,[],[],{"summary":289,"deductions":290},"The \"category-icon\" plugin exhibits a mixed security posture. On one hand, the static analysis shows a very small attack surface with no apparent AJAX handlers, REST API routes, shortcodes, or cron events accessible without proper authentication checks. The absence of dangerous functions and external HTTP requests are also positive indicators. However, there are significant concerns stemming from the vulnerability history and code analysis.  The plugin has a history of four known CVEs, with one still unpatched, including medium severity vulnerabilities like XML External Entity (XXE) injection, Path Traversal, and Cross-Site Scripting (XSS).  The code analysis reveals that only 50% of SQL queries use prepared statements, and a concerning 53% of output is not properly escaped.  Furthermore, the complete lack of nonce and capability checks on any entry points is a critical oversight, especially given the historical vulnerabilities that often exploit these weaknesses. The taint analysis showing zero flows is positive but may be limited by the small number of entry points analyzed or the specific types of taint sources examined.",[291,294,296,298,300,302],{"reason":292,"points":293},"Unpatched CVE (medium severity)",15,{"reason":295,"points":48},"Medium severity vulnerabilities (XXE, Path Traversal, XSS)",{"reason":297,"points":134},"SQL queries not using prepared statements",{"reason":299,"points":96},"High percentage of unescaped output",{"reason":301,"points":156},"Missing nonce checks",{"reason":303,"points":156},"Missing capability checks","2026-03-16T18:35:58.764Z",{"wat":306,"direct":315},{"assetPaths":307,"generatorPatterns":309,"scriptPaths":310,"versionParams":312},[308],"\u002Fwp-content\u002Fplugins\u002Fcategory-icon\u002Finc\u002Fextras.php",[],[311],"\u002Fwp-content\u002Fplugins\u002Fcategory-icon\u002Fadmin\u002Fjs\u002Fcategory-icon-admin.js",[313,314],"category-icon\u002Fstyle.css?ver=","category-icon\u002Fadmin\u002Fjs\u002Fcategory-icon-admin.js?ver=",{"cssClasses":316,"htmlComments":322,"htmlAttributes":324,"restEndpoints":328,"jsGlobals":330,"shortcodeOutput":332},[317,318,319,320,321],"category-icon-wrapper","category-icon-upload-field","category-icon-preview","category-icon-remove-button","category-icon-add-button",[323],"\u003C!-- Category Icon Settings -->",[325,326,327],"data-category-icon-id","data-taxonomy","data-term-id",[329],"\u002Fwp-json\u002Fcategory-icon\u002Fv1\u002Fupload",[331],"categoryIconAdmin",[333],"\u003Cdiv class=\"category-icon-wrapper\">",{"error":335,"url":336,"statusCode":337,"statusMessage":338,"message":338},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fcategory-icon\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":340,"versions":341},6,[342,348,356,365,375,386],{"version":6,"download_url":26,"svn_tag_url":343,"released_at":39,"has_diff":50,"diff_files_changed":344,"diff_lines":39,"trac_diff_url":345,"vulnerabilities":346,"is_current":335},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fcategory-icon\u002Ftags\u002F1.0.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fcategory-icon%2Ftags%2F1.0.2&new_path=%2Fcategory-icon%2Ftags%2F1.0.3",[347],{"id":53,"url_slug":54,"title":55,"severity":41,"cvss_score":57,"vuln_type":59,"patched_in_version":39},{"version":71,"download_url":349,"svn_tag_url":350,"released_at":39,"has_diff":50,"diff_files_changed":351,"diff_lines":39,"trac_diff_url":352,"vulnerabilities":353,"is_current":50},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcategory-icon.1.0.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fcategory-icon\u002Ftags\u002F1.0.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fcategory-icon%2Ftags%2F1.0.1&new_path=%2Fcategory-icon%2Ftags%2F1.0.2",[354,355],{"id":35,"url_slug":36,"title":37,"severity":41,"cvss_score":42,"vuln_type":44,"patched_in_version":6},{"id":53,"url_slug":54,"title":55,"severity":41,"cvss_score":57,"vuln_type":59,"patched_in_version":39},{"version":87,"download_url":357,"svn_tag_url":358,"released_at":39,"has_diff":50,"diff_files_changed":359,"diff_lines":39,"trac_diff_url":360,"vulnerabilities":361,"is_current":50},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcategory-icon.1.0.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fcategory-icon\u002Ftags\u002F1.0.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fcategory-icon%2Ftags%2F1.0.0&new_path=%2Fcategory-icon%2Ftags%2F1.0.1",[362,363,364],{"id":35,"url_slug":36,"title":37,"severity":41,"cvss_score":42,"vuln_type":44,"patched_in_version":6},{"id":53,"url_slug":54,"title":55,"severity":41,"cvss_score":57,"vuln_type":59,"patched_in_version":39},{"id":66,"url_slug":67,"title":68,"severity":41,"cvss_score":72,"vuln_type":74,"patched_in_version":71},{"version":170,"download_url":366,"svn_tag_url":367,"released_at":39,"has_diff":50,"diff_files_changed":368,"diff_lines":39,"trac_diff_url":369,"vulnerabilities":370,"is_current":50},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcategory-icon.1.0.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fcategory-icon\u002Ftags\u002F1.0.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fcategory-icon%2Ftags%2F0.7.1&new_path=%2Fcategory-icon%2Ftags%2F1.0.0",[371,372,373,374],{"id":82,"url_slug":83,"title":84,"severity":41,"cvss_score":88,"vuln_type":44,"patched_in_version":87},{"id":35,"url_slug":36,"title":37,"severity":41,"cvss_score":42,"vuln_type":44,"patched_in_version":6},{"id":53,"url_slug":54,"title":55,"severity":41,"cvss_score":57,"vuln_type":59,"patched_in_version":39},{"id":66,"url_slug":67,"title":68,"severity":41,"cvss_score":72,"vuln_type":74,"patched_in_version":71},{"version":376,"download_url":377,"svn_tag_url":378,"released_at":39,"has_diff":50,"diff_files_changed":379,"diff_lines":39,"trac_diff_url":380,"vulnerabilities":381,"is_current":50},"0.7.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcategory-icon.0.7.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fcategory-icon\u002Ftags\u002F0.7.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fcategory-icon%2Ftags%2F0.7.0&new_path=%2Fcategory-icon%2Ftags%2F0.7.1",[382,383,384,385],{"id":82,"url_slug":83,"title":84,"severity":41,"cvss_score":88,"vuln_type":44,"patched_in_version":87},{"id":35,"url_slug":36,"title":37,"severity":41,"cvss_score":42,"vuln_type":44,"patched_in_version":6},{"id":53,"url_slug":54,"title":55,"severity":41,"cvss_score":57,"vuln_type":59,"patched_in_version":39},{"id":66,"url_slug":67,"title":68,"severity":41,"cvss_score":72,"vuln_type":74,"patched_in_version":71},{"version":387,"download_url":388,"svn_tag_url":389,"released_at":39,"has_diff":50,"diff_files_changed":390,"diff_lines":39,"trac_diff_url":39,"vulnerabilities":391,"is_current":50},"0.7.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcategory-icon.0.7.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fcategory-icon\u002Ftags\u002F0.7.0\u002F",[],[392,393,394,395],{"id":82,"url_slug":83,"title":84,"severity":41,"cvss_score":88,"vuln_type":44,"patched_in_version":87},{"id":35,"url_slug":36,"title":37,"severity":41,"cvss_score":42,"vuln_type":44,"patched_in_version":6},{"id":53,"url_slug":54,"title":55,"severity":41,"cvss_score":57,"vuln_type":59,"patched_in_version":39},{"id":66,"url_slug":67,"title":68,"severity":41,"cvss_score":72,"vuln_type":74,"patched_in_version":71}]