[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fry-nyJaKXZzc5nfXAMfwNRuA_xY_bpz1iYeoXr6-mZg":3,"$fkFb--3306mxxhCUsDVQh26U_dj8H7-SA2GP6gfL2OB8":244,"$fgW_xhrivX90lLTeWmLDSZJcclnzcNR8mfpIsNVFH4-Q":249},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"discovery_status":31,"vulnerabilities":32,"developer":33,"crawl_stats":29,"alternatives":40,"analysis":132,"fingerprints":230},"coral-remote-images","Coral – Remote Images","1.1","Big Sea","https:\u002F\u002Fprofiles.wordpress.org\u002Fbig-sea\u002F","\u003Cp>Do you work with GIT repositories and develop WordPress websites locally? Have you found it time consuming and difficult to develop locally on a large WordPress website that has thousands of images? Does your development site get out of date within months due to active content management on the live site?\u003C\u002Fp>\n\u003Cp>Activate this plugin on your local or development environment, and any linked images in the database content (wp-content\u002Fuploads folder) will be pulled from the live site URL.\u003C\u002Fp>\n","Save space and download time!  Leave your uploaded images where they're at, in \u002Fwp-content, during development on your local.",10,3733,100,3,"2017-01-20T16:11:00.000Z","4.7.33","3.4.1","",[20,21,22,23,24],"development","images","local","testing","uploads","http:\u002F\u002Fbigseadesign.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcoral-remote-images.1.1.zip",85,0,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":34,"display_name":7,"profile_url":8,"plugin_count":35,"total_installs":36,"avg_security_score":27,"avg_patch_time_days":37,"trust_score":38,"computed_at":39},"big-sea",2,20,30,84,"2026-05-20T09:11:13.210Z",[41,57,74,95,112],{"slug":42,"name":43,"version":44,"author":45,"author_profile":46,"description":47,"short_description":48,"active_installs":28,"downloaded":49,"rating":28,"num_ratings":28,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":53,"tags":54,"homepage":18,"download_link":56,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"super-interactive-image-placeholders","Super Interactive Image Placeholders","1.0","Super Interactive","https:\u002F\u002Fprofiles.wordpress.org\u002Fsuperinteractive\u002F","\u003Cp>This simple yet highly effective plugin solves a very common annoyance when developing a WordPress website locally. Often, when running a WordPress application locally for development, you don’t have the entire uploads directory at hand. This causes every page load to trigger a large amount of 404 errors, each of which are routed to expensive WordPress requests.\u003C\u002Fp>\n\u003Cp>Super Interactive Image Placeholders will automatically replace each request for an image with a random image from \u003Ca href=\"http:\u002F\u002Fpicsum.photos\" rel=\"nofollow ugc\">Lorem Picsum\u003C\u002Fa>, avoiding the 404 errors and speeding up local WordPress development enormously. As a nice side effect, it will also make your website look a lot nicer without all the missing images.\u003C\u002Fp>\n","Display placeholder Lorem Picsum images to avoid chains of 404 requests caused by an incomplete uploads directory (while developing)",827,"2021-12-14T22:03:00.000Z","5.8.13","4.0","5.6",[20,21,22,55,24],"placeholders","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsuper-interactive-image-placeholders.zip",{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":65,"downloaded":66,"rating":13,"num_ratings":35,"last_updated":67,"tested_up_to":68,"requires_at_least":69,"requires_php":18,"tags":70,"homepage":72,"download_link":73,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"media-placeholders","Media Placeholders","0.9.2","Weston Ruter","https:\u002F\u002Fprofiles.wordpress.org\u002Fwestonruter\u002F","\u003Cp>Activate this plugin to redirect all requests for missing uploaded images on your blog to your favorite placeholder image service, such as \u003Ca href=\"http:\u002F\u002Fplacehold.it\" rel=\"nofollow ugc\">placehold.it\u003C\u002Fa> or \u003Ca href=\"http:\u002F\u002Fplacekitten.com\u002F\" rel=\"nofollow ugc\">placekitten.com\u003C\u002Fa>. Note that although kittens are cute, the placehold.it service is actually more useful because the background and foreground color can remain consistant across all image sizes (e.g. full size vs thumbnail in a gallery), and so it is easier to see which images in a page are related to each other. (You can change the default placehold.it service to placekitten.com by defining \u003Ccode>MISSING_UPLOADED_IMAGE_PLACEHOLDER_BUILTIN\u003C\u002Fcode> to be \u003Ccode>placekitten_color\u003C\u002Fcode> or \u003Ccode>placekitten_grayscale\u003C\u002Fcode>, or supplying those same values via the \u003Ccode>missing_uploaded_image_placeholder_builtin\u003C\u002Fcode> filter).\u003C\u002Fp>\n\u003Cp>\u003Cstrong>This plugin is for use during development only.\u003C\u002Fstrong> It is expected that this plugin will be activated on your local development environment (e.g. on Vagrant or XAMPP), or on your staging server. This plugin is especially useful when working on a team where you share around a database dump but not the uploaded images (which should always be omitted from the code repository), so if you give a database dump to another developer but don’t include the uploaded images, with this plugin enabled they will see a placeholder where the uploaded image appears. This plugin is an alternative approach to what is offered by the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fuploads-by-proxy\u002F\" rel=\"ugc\">Uploads by Proxy\u003C\u002Fa> plugin.\u003C\u002Fp>\n\u003Cp>If you have applied the production database to another environment which lacks the uploaded files, but you know that all images referenced in the database do exist on production, you can define the \u003Ccode>MISSING_UPLOADED_IMAGE_REDIRECT_SERVER\u003C\u002Fcode> constant or filter \u003Ccode>missing_uploaded_image_redirect_server\u003C\u002Fcode> to short-circuit the placeholder service and redirect the image request to that server.\u003C\u002Fp>\n\u003Cp>This plugin will not work if you are on a multisite network that uses the old system for referring to uploaded files, where the URL includes \u003Ccode>\u002Ffiles\u002F\u003C\u002Fcode> which is intercepted by a rewrite rule and passed directly to \u003Ccode>ms-files.php\u003C\u002Fcode>. See \u003Ca href=\"https:\u002F\u002Fcore.trac.wordpress.org\u002Fticket\u002F19235\" title=\"Turn ms-files.php off by default\" rel=\"nofollow ugc\">#19235\u003C\u002Fa>. Similarly, make sure that missing uploaded files get served by the WordPress 404 handler, not Apache\u002FNginx. If you are using Nginx with the default Varying Vagrant Vagrants config, you’ll want to remove \u003Ccode>png|jpg|jpeg|gif\u003C\u002Fcode> from the following location rule in \u003Ccode>nginx-wp-common.conf\u003C\u002Fcode> (or remove it altogether):\u003C\u002Fp>\n\u003Cpre>\u003Ccode># Handle all static assets by serving the file directly. Add directives \n# to send expires headers and turn off 404 error logging.\nlocation ~* \\.(js|css|png|jpg|jpeg|gif|ico)$ {\n    expires 24h;\n    log_not_found off;\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>You can add support for your own favorite placeholder services by filtering \u003Ccode>missing_uploaded_image_placeholder\u003C\u002Fcode>.\u003Cbr \u002F>\nFor example, you can add this to your \u003Ccode>functions.php\u003C\u002Fcode> or drop it into a \u003Ccode>mu-plugin\u003C\u002Fcode>:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003C?php\n\u002F**\n * Use Flickholdr as placeholder service\n * @param null|string $url\n * @param array $args  {attached_file, width, height, attachment_id}\n *\u002F\nfunction my_filter_missing_uploaded_image_placeholder( $url, $args ) {\n    $attachment = get_post( $args['attachment_id'] );\n    $tags = join( ' ', array(\n        $attachment->post_title,\n        $attachment->post_excerpt,\n        $attachment->post_content,\n        $attachment->_wp_attachment_image_alt\n    ) );\n    $tags = strtolower( preg_replace( '#[^A-Za-z0-9]+#', ',', $tags ) );\n    $tags = trim( $tags, ',' );\n    $url = sprintf( 'http:\u002F\u002Fflickholdr.com\u002F%d\u002F%d\u002F%s', $args['width'], $args['height'], $tags );\n    return $url;\n}\nadd_filter( 'missing_uploaded_image_placeholder', 'my_filter_missing_uploaded_image_placeholder', 10, 2 );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cstrong>Development of this plugin is done \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fx-team\u002Fwp-media-placeholders\" rel=\"nofollow ugc\">on GitHub\u003C\u002Fa>. Pull requests welcome. Please see \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fx-team\u002Fwp-media-placeholders\u002Fissues\" rel=\"nofollow ugc\">issues\u003C\u002Fa> reported there before going to the plugin forum.\u003C\u002Fstrong>\u003C\u002Fp>\n","Redirect requests to non-existent uploaded images to a placeholder service like placehold.it or placekitten.com. For use during development.",70,3369,"2015-02-25T01:45:00.000Z","3.6.1","3.5",[71,20,21,55,24],"404","http:\u002F\u002Fgithub.com\u002Fx-team\u002Fwp-missing-upload-placeholders","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmedia-placeholders.zip",{"slug":75,"name":76,"version":77,"author":78,"author_profile":79,"description":80,"short_description":81,"active_installs":82,"downloaded":83,"rating":13,"num_ratings":84,"last_updated":85,"tested_up_to":86,"requires_at_least":87,"requires_php":88,"tags":89,"homepage":93,"download_link":94,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"disable-media-sizes","Disable Media Sizes","2.5","Jeff Starr","https:\u002F\u002Fprofiles.wordpress.org\u002Fspecialk\u002F","\u003Cp>Easily disable any extra image sizes\u003C\u002Fp>\n\u003Cp>This plugin provides options to disable the extra images generated by WordPress.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Options include\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Disable Thumbnail Size\u003C\u002Fli>\n\u003Cli>Disable Medium Size\u003C\u002Fli>\n\u003Cli>Disable Large Size\u003C\u002Fli>\n\u003Cli>Disable Medium Large (768px)\u003C\u002Fli>\n\u003Cli>Disable 1536×1536 Size\u003C\u002Fli>\n\u003Cli>Disable 2048×2048 Size\u003C\u002Fli>\n\u003Cli>Disable Big\u002FScaled Size\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The plugin settings screen does a good job of explaining the different image sizes. Should all be self-explanatory, let me know if anything can be improved.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Lightweight and secure\u003C\u002Fli>\n\u003Cli>Built with the WP API and standards\u003C\u002Fli>\n\u003Cli>Simple to use – anyone can do it\u003C\u002Fli>\n\u003Cli>One-click restore default options\u003C\u002Fli>\n\u003Cli>Easy peasy.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Why is this useful?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fperishablepress.com\u002Fdisable-wordpress-generated-images\u002F\" rel=\"nofollow ugc\">This article\u003C\u002Fa> explains everything you need to know about the “hows” and the “whys” and such.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Important\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Please understand that this plugin:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Does not affect any existing images\u003C\u002Fli>\n\u003Cli>Only works while the plugin is active\u003C\u002Fli>\n\u003Cli>Does not delete any images\u003C\u002Fli>\n\u003Cli>Only prevents WordPress from generating extra sized images\u003C\u002Fli>\n\u003Cli>If all extra sizes are disabled, only original images will be uploaded\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fperishablepress.com\u002Fdisable-wordpress-generated-images\u002F\" rel=\"nofollow ugc\">Learn more\u003C\u002Fa> about the techniques and code used in this plugin.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Privacy\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This plugin does not collect or store any user data. It does not set any cookies, and it does not connect to any third-party locations. Thus, this plugin does not affect user privacy in any way.\u003C\u002Fp>\n\u003Cp>Disable Media Sizes is developed and maintained by \u003Ca href=\"https:\u002F\u002Fx.com\u002Fperishable\" rel=\"nofollow ugc\">Jeff Starr\u003C\u002Fa>, 15-year \u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002F\" rel=\"nofollow ugc\">WordPress developer\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fbooks.perishablepress.com\u002F\" rel=\"nofollow ugc\">book author\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Support development\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>I develop and maintain this free plugin with love for the WordPress community. To show support, you can \u003Ca href=\"https:\u002F\u002Fmonzillamedia.com\u002Fdonate.html\" rel=\"nofollow ugc\">make a donation\u003C\u002Fa> or purchase one of my books:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwp-tao.com\u002F\" rel=\"nofollow ugc\">The Tao of WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdigwp.com\u002F\" rel=\"nofollow ugc\">Digging into WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fhtaccessbook.com\u002F\" rel=\"nofollow ugc\">.htaccess made easy\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwp-tao.com\u002Fwordpress-themes-book\u002F\" rel=\"nofollow ugc\">WordPress Themes In Depth\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fbooks.perishablepress.com\u002Fdownloads\u002Fwizards-collection-sql-recipes-wordpress\u002F\" rel=\"nofollow ugc\">Wizard’s SQL Recipes for WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>And\u002For purchase one of my premium WordPress plugins:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fbbq-pro\u002F\" rel=\"nofollow ugc\">BBQ Pro\u003C\u002Fa> – Blazing fast WordPress firewall\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fblackhole-pro\u002F\" rel=\"nofollow ugc\">Blackhole Pro\u003C\u002Fa> – Automatically block bad bots\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fbanhammer-pro\u002F\" rel=\"nofollow ugc\">Banhammer Pro\u003C\u002Fa> – Monitor traffic and ban the bad guys\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fga-google-analytics-pro\u002F\" rel=\"nofollow ugc\">GA Google Analytics Pro\u003C\u002Fa> – Connect WordPress to Google Analytics\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fhead-meta-pro\u002F\" rel=\"nofollow ugc\">Head Meta Pro\u003C\u002Fa> – Ultimate Meta Tags for WordPress\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fsimple-ajax-chat-pro\u002F\" rel=\"nofollow ugc\">Simple Ajax Chat Pro\u003C\u002Fa> – Unlimited chat rooms\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fusp-pro\u002F\" rel=\"nofollow ugc\">USP Pro\u003C\u002Fa> – Unlimited front-end forms\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Links, tweets and likes also appreciated. Thank you! 🙂\u003C\u002Fp>\n","Provides options to disable the extra images generated by WordPress.",10000,73633,23,"2026-03-27T16:57:00.000Z","7.0","5.3","5.6.20",[90,91,21,92,24],"disable","disable-image-sizes","media","https:\u002F\u002Fperishablepress.com\u002Fwordpress-disable-media-sizes\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-media-sizes.2.5.zip",{"slug":96,"name":97,"version":98,"author":99,"author_profile":100,"description":101,"short_description":102,"active_installs":103,"downloaded":104,"rating":105,"num_ratings":106,"last_updated":107,"tested_up_to":68,"requires_at_least":108,"requires_php":18,"tags":109,"homepage":110,"download_link":111,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"wp-image-size-limit","WP Image Size Limit","1.0.4","Sean Butze","https:\u002F\u002Fprofiles.wordpress.org\u002Fsbutze\u002F","\u003Cp>Many users do not compress or resize their images before uploading them into a post, and oftentimes WordPress’s maximum upload limit of 2MB-10MB is still too large to prevent the insertion of photos that can signficantly slow down a website.\u003C\u002Fp>\n\u003Cp>WP Image Size Limit allows an administrator to set a custom file size limit that is specific to image files and smaller than WordPress’s general file size limit.\u003C\u002Fp>\n\u003Cp>This is especially useful when you need to put tighter restriction on image uploads but want to preserve the ability to upload larger files of other formats (audio, video, etc.).\u003C\u002Fp>\n","Adds a new setting under Settings -> Media where an admin can set a maximum upload file size for image files.",3000,40528,94,17,"2017-11-28T19:32:00.000Z","3.3.2",[21,92,24],"http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fwp-image-size-limit","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-image-size-limit.1.0.4.zip",{"slug":113,"name":114,"version":115,"author":116,"author_profile":117,"description":118,"short_description":119,"active_installs":120,"downloaded":121,"rating":13,"num_ratings":122,"last_updated":123,"tested_up_to":124,"requires_at_least":125,"requires_php":18,"tags":126,"homepage":130,"download_link":131,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"wp-sanitize-file-name-plus","WP Sanitize File Name Plus","1.0.3","Yslo","https:\u002F\u002Fprofiles.wordpress.org\u002Fyslo\u002F","\u003Cp>Empty spaces and special characters can create some problems.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Improved default function \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FFunction_Reference\u002Fsanitize_file_name\" rel=\"nofollow ugc\">sanitize_file_name()\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Remove latin special characters used in file name\u003C\u002Fli>\n\u003Cli>Make file name lowercase\u003C\u002Fli>\n\u003C\u002Ful>\n","Sanitize file names and enhance security.",1000,42465,8,"2017-12-20T22:24:00.000Z","4.9.29","3.0",[127,128,129,21,24],"admin","core","image","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-sanitize-file-name-plus\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-sanitize-file-name-plus.1.0.3.zip",{"attackSurface":133,"codeSignals":203,"taintFlows":217,"riskAssessment":218,"analyzedAt":229},{"hooks":134,"ajaxHandlers":199,"restRoutes":200,"shortcodes":201,"cronEvents":202,"entryPointCount":28,"unprotectedCount":28},[135,141,144,147,151,155,160,163,166,169,171,173,176,179,182,185,188,191,193,196],{"type":136,"name":137,"callback":138,"file":139,"line":140},"action","admin_menu","registerMenuPages","coral-remote-images.php",32,{"type":136,"name":142,"callback":142,"file":139,"line":143},"admin_init",33,{"type":136,"name":145,"callback":145,"file":139,"line":146},"init",34,{"type":136,"name":148,"callback":149,"file":139,"line":150},"wp_head","buffer_start",75,{"type":136,"name":152,"callback":153,"file":139,"line":154},"wp_footer","buffer_end",76,{"type":156,"name":157,"callback":158,"file":139,"line":159},"filter","wp_get_attachment","anonymous",80,{"type":156,"name":161,"callback":158,"file":139,"line":162},"wp_get_attachment_link",81,{"type":156,"name":164,"callback":158,"file":139,"line":165},"wp_get_attachment_image_attributes",82,{"type":156,"name":167,"callback":158,"file":139,"line":168},"wp_get_attachment_metadata",83,{"type":156,"name":170,"callback":158,"file":139,"line":38},"wp_get_attachment_thumb_url",{"type":156,"name":172,"callback":158,"file":139,"line":27},"wp_get_attachment_url",{"type":156,"name":174,"callback":158,"file":139,"line":175},"attachment_link",88,{"type":156,"name":177,"callback":158,"file":139,"line":178},"get_attached_file",89,{"type":156,"name":180,"callback":158,"file":139,"line":181},"get_image_tag",90,{"type":156,"name":183,"callback":158,"file":139,"line":184},"get_the_guid",91,{"type":156,"name":186,"callback":158,"file":139,"line":187},"next_image_link",92,{"type":156,"name":189,"callback":158,"file":139,"line":190},"post_thumbnail_html",93,{"type":156,"name":192,"callback":158,"file":139,"line":105},"prev_image_link",{"type":156,"name":194,"callback":158,"file":139,"line":195},"the_content",95,{"type":156,"name":197,"callback":158,"file":139,"line":198},"acf\u002Fformat_value_for_api",98,[],[],[],[],{"dangerousFunctions":204,"sqlUsage":205,"outputEscaping":208,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":216},[],{"prepared":206,"raw":28,"locations":207},1,[],{"escaped":206,"rawEcho":14,"locations":209},[210,213,215],{"file":139,"line":211,"context":212},112,"raw output",{"file":214,"line":84,"context":212},"templates\u002Foptions.php",{"file":214,"line":84,"context":212},[],[],{"summary":219,"deductions":220},"The \"coral-remote-images\" plugin version 1.1 exhibits a generally good security posture based on the provided static analysis. There are no identified dangerous functions, SQL queries are all prepared, and there are no file operations or external HTTP requests, all of which are positive security indicators. The lack of a significant attack surface and no recorded vulnerabilities in its history are also reassuring. However, the analysis does reveal a notable weakness in output escaping, with only 25% of outputs being properly escaped. This leaves a potential window for cross-site scripting (XSS) vulnerabilities if user-supplied data is rendered without proper sanitization. Furthermore, the complete absence of nonce checks and capability checks across all entry points, though currently minimal, is a concerning omission that could be exploited if the attack surface were to expand in future versions or if new entry points were introduced without adequate protection. Overall, while the plugin is currently secure due to its limited functionality and lack of historical vulnerabilities, the insufficient output escaping and missing authentication\u002Fauthorization checks represent specific areas that require attention to maintain a robust security profile.",[221,224,227],{"reason":222,"points":223},"Output escaping is insufficient (25% proper)",6,{"reason":225,"points":226},"No nonce checks on entry points",5,{"reason":228,"points":226},"No capability checks on entry points","2026-04-16T11:57:05.990Z",{"wat":231,"direct":237},{"assetPaths":232,"generatorPatterns":234,"scriptPaths":235,"versionParams":236},[233],"\u002Fwp-content\u002Fplugins\u002Fcoral-remote-images\u002Ftemplates\u002Foptions.php",[],[],[],{"cssClasses":238,"htmlComments":239,"htmlAttributes":240,"restEndpoints":241,"jsGlobals":242,"shortcodeOutput":243},[],[],[],[],[],[],{"error":245,"url":246,"statusCode":247,"statusMessage":248,"message":248},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fcoral-remote-images\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":226,"versions":250},[251,257,263,270,277],{"version":6,"download_url":26,"svn_tag_url":252,"released_at":29,"has_diff":253,"diff_files_changed":254,"diff_lines":29,"trac_diff_url":255,"vulnerabilities":256,"is_current":245},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fcoral-remote-images\u002Ftags\u002F1.1\u002F",false,[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fcoral-remote-images%2Ftags%2F1.0.3&new_path=%2Fcoral-remote-images%2Ftags%2F1.1",[],{"version":115,"download_url":258,"svn_tag_url":259,"released_at":29,"has_diff":253,"diff_files_changed":260,"diff_lines":29,"trac_diff_url":261,"vulnerabilities":262,"is_current":253},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcoral-remote-images.1.0.3.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fcoral-remote-images\u002Ftags\u002F1.0.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fcoral-remote-images%2Ftags%2F1.0.2&new_path=%2Fcoral-remote-images%2Ftags%2F1.0.3",[],{"version":264,"download_url":265,"svn_tag_url":266,"released_at":29,"has_diff":253,"diff_files_changed":267,"diff_lines":29,"trac_diff_url":268,"vulnerabilities":269,"is_current":253},"1.0.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcoral-remote-images.1.0.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fcoral-remote-images\u002Ftags\u002F1.0.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fcoral-remote-images%2Ftags%2F1.0.1&new_path=%2Fcoral-remote-images%2Ftags%2F1.0.2",[],{"version":271,"download_url":272,"svn_tag_url":273,"released_at":29,"has_diff":253,"diff_files_changed":274,"diff_lines":29,"trac_diff_url":275,"vulnerabilities":276,"is_current":253},"1.0.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcoral-remote-images.1.0.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fcoral-remote-images\u002Ftags\u002F1.0.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fcoral-remote-images%2Ftags%2F1.0&new_path=%2Fcoral-remote-images%2Ftags%2F1.0.1",[],{"version":44,"download_url":278,"svn_tag_url":279,"released_at":29,"has_diff":253,"diff_files_changed":280,"diff_lines":29,"trac_diff_url":29,"vulnerabilities":281,"is_current":253},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcoral-remote-images.1.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fcoral-remote-images\u002Ftags\u002F1.0\u002F",[],[]]