[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fCn8ImPib4m3zGhg93e95_WBqZgOVOINj6RBEAmaLtXo":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":17,"download_link":19,"security_score":20,"vuln_count":13,"unpatched_count":13,"last_vuln_date":21,"fetched_at":22,"vulnerabilities":23,"developer":24,"crawl_stats":21,"alternatives":32,"analysis":33,"fingerprints":142},"daylife","Daylife","1.1","Pete Mall","https:\u002F\u002Fprofiles.wordpress.org\u002Fpetemall\u002F","\u003Cp>\u003Cstrong>About the Plugin:\u003C\u002Fstrong> The \u003Ca href=\"http:\u002F\u002Fdaylife.com\u002F\" title=\"Daylife - Simply Amazing Cloud Publishing\" rel=\"nofollow ugc\">Daylife\u003C\u002Fa> Plugin helps you find relevant images to insert into your posts while writing your post in the editor. The plugin will suggest you images relevant to the text of your post as you are editing it, or let you find Images by searching for a keyword. Once you like an image, you can mouse over the image, and insert it into your blog post.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Image Licenses and pricing:\u003C\u002Fstrong> This plugin helps you find licensed images from sources like Getty, AP, Reuters and more. See the complete list of all the content partners \u003Ca href=\"http:\u002F\u002Fwww.daylife.com\u002Fabout-us\u002Four-partnerships\u002F\" rel=\"nofollow ugc\">here\u003C\u002Fa>. To learn more about these Image Licenses and their pricing, drop an email to \u003Ca href=\"mailto:getdaylife@daylife.com\" rel=\"nofollow ugc\">getdaylife@daylife.com\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Getting Started:\u003C\u002Fstrong> Please drop an email to \u003Ca href=\"mailto:getdaylife@daylife.com\" rel=\"nofollow ugc\">getdaylife@daylife.com\u003C\u002Fa>, and they will set your Plugin Settings – your AccessKey, SharedSecret and a Source Filter with access to your licensed sources.\u003C\u002Fp>\n","Add high quality licensed images relevant to your blog posts from sources like Getty, AP, Reuters and US Presswire.",10,2501,0,"2012-07-26T15:03:00.000Z","3.4.2","3.1","",[],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdaylife.1.1.zip",85,null,"2026-03-15T14:54:45.397Z",[],{"slug":25,"display_name":7,"profile_url":8,"plugin_count":26,"total_installs":27,"avg_security_score":28,"avg_patch_time_days":29,"trust_score":30,"computed_at":31},"petemall",2,20,93,30,89,"2026-04-05T09:44:23.343Z",[],{"attackSurface":34,"codeSignals":78,"taintFlows":103,"riskAssessment":129,"analyzedAt":141},{"hooks":35,"ajaxHandlers":64,"restRoutes":75,"shortcodes":76,"cronEvents":77,"entryPointCount":26,"unprotectedCount":13},[36,41,45,49,53,57,61],{"type":37,"name":38,"callback":38,"file":39,"line":40},"action","init","inc\\meta-box.php",8,{"type":37,"name":42,"callback":43,"file":39,"line":44},"add_meta_boxes","add_meta_box",12,{"type":37,"name":46,"callback":47,"file":39,"line":48},"admin_enqueue_scripts","enqueue",13,{"type":50,"name":51,"callback":51,"file":39,"line":52},"filter","image_add_caption_shortcode",155,{"type":37,"name":54,"callback":55,"file":56,"line":40},"admin_menu","add_menu_page","inc\\options.php",{"type":37,"name":58,"callback":59,"file":56,"line":60},"admin_init","settings_init",9,{"type":37,"name":62,"callback":63,"file":56,"line":11},"daylife-supported-post-types","daylife_supported_post_types",[65,71],{"action":66,"nopriv":67,"callback":68,"hasNonce":69,"hasCapCheck":67,"file":39,"line":70},"daylife-image-search",false,"image_search",true,14,{"action":72,"nopriv":67,"callback":73,"hasNonce":69,"hasCapCheck":69,"file":39,"line":74},"daylife-image-load","image_load",15,[],[],[],{"dangerousFunctions":79,"sqlUsage":80,"outputEscaping":82,"fileOperations":26,"externalRequests":101,"nonceChecks":26,"capabilityChecks":101,"bundledLibraries":102},[],{"prepared":13,"raw":13,"locations":81},[],{"escaped":83,"rawEcho":84,"locations":85},48,7,[86,89,91,93,95,97,99],{"file":39,"line":87,"context":88},31,"raw output",{"file":39,"line":90,"context":88},69,{"file":39,"line":92,"context":88},76,{"file":39,"line":94,"context":88},78,{"file":39,"line":96,"context":88},87,{"file":39,"line":98,"context":88},158,{"file":56,"line":100,"context":88},122,1,[],[104,121],{"entryPoint":105,"graph":106,"unsanitizedCount":13,"severity":120},"image_load (inc\\meta-box.php:126)",{"nodes":107,"edges":118},[108,113],{"id":109,"type":110,"label":111,"file":39,"line":112},"n0","source","$_POST",139,{"id":114,"type":115,"label":116,"file":39,"line":98,"wp_function":117},"n1","sink","echo() [XSS]","echo",[119],{"from":109,"to":114,"sanitized":69},"low",{"entryPoint":122,"graph":123,"unsanitizedCount":13,"severity":120},"\u003Cmeta-box> (inc\\meta-box.php:0)",{"nodes":124,"edges":127},[125,126],{"id":109,"type":110,"label":111,"file":39,"line":112},{"id":114,"type":115,"label":116,"file":39,"line":98,"wp_function":117},[128],{"from":109,"to":114,"sanitized":69},{"summary":130,"deductions":131},"The \"daylife\" v1.1 plugin exhibits a generally strong security posture based on the provided static analysis. It demonstrates good practices by utilizing prepared statements for all SQL queries, maintaining a high percentage of properly escaped output, and implementing nonce and capability checks on its entry points. The absence of dangerous functions, critical or high severity taint flows, and known vulnerabilities in its history further contribute to its positive security assessment.  \n\nHowever, there are minor areas for improvement. The presence of two AJAX handlers, even with checks, represents an attack surface that, if misconfigured or bypassed, could pose a risk. While the current analysis indicates no unsanitized paths or unescaped output issues, the static analysis covers a limited scope of total flows and output instances. The plugin's history of no recorded vulnerabilities, while positive, could also indicate limited testing or a short lifespan, making future unknown vulnerabilities a possibility. \n\nOverall, \"daylife\" v1.1 appears to be a relatively secure plugin, adhering to many security best practices. The limited attack surface with apparent protection mechanisms and the clean vulnerability history are significant strengths. The main areas to monitor would be the robustness of the existing checks on the AJAX handlers and the ongoing security maintenance of the plugin.",[132,135,137,139],{"reason":133,"points":134},"AJAX handlers present, though secured",3,{"reason":136,"points":26},"Limited output escaping identified",{"reason":138,"points":101},"File operations present",{"reason":140,"points":101},"External HTTP requests present","2026-03-16T23:35:58.226Z",{"wat":143,"direct":152},{"assetPaths":144,"generatorPatterns":147,"scriptPaths":148,"versionParams":149},[145,146],"\u002Fwp-content\u002Fplugins\u002Fdaylife\u002Fdaylife.js","\u002Fwp-content\u002Fplugins\u002Fdaylife\u002Fdaylife.css",[],[145],[150,151],"daylife.js?ver=","daylife.css?ver=",{"cssClasses":153,"htmlComments":158,"htmlAttributes":159,"restEndpoints":168,"jsGlobals":169,"shortcodeOutput":170},[154,155,156,157],"daylife-image-wrap","daylife-overlay","daylife-ste","daylife-response",[],[160,161,162,163,164,165,166,167],"data-thumb_url","data-url","data-credit","data-caption","data-daylife_url","data-image_title","data-width","data-height",[],[],[]]