[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f3tRLlAh_QdP6mXrJkPH7iO9z6lb2L0JixonaMAeDKww":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":37,"analysis":123,"fingerprints":200},"drag-drop-featured-image-improved","Drag & Drop Featured Image Improved","2.0","wpgenie2","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpgenie2\u002F","\u003Cp>Drag & Drop Featured Image Improved is a plugin made to save you time when setting a featured image. What it does is simple, it replaces the default “Set featured image” metabox with a new one containing a Plupload drop area just like the one found in the media uploader. Based on Jonathan Lundström work and improved a little bit.\u003C\u002Fp>\n\u003Cp>Since it uses the default WordPress functions it will compress all sizes just as the regular upload method would and it also respects any custom image sizes.\u003C\u002Fp>\n","Drag and Drop Featured Image Improved replaces the default featured image box with a drag and drop zone for faster and more convenient uploads.",50,1999,100,1,"2026-01-15T14:18:00.000Z","6.9.4","4.0","",[20,21,22,23,24],"featured-image","image","metabox","replacement","upload","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdrag-drop-featured-image-improved\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdrag-drop-featured-image-improved.2.0.zip",0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":13,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},9,3230,30,94,"2026-04-05T15:17:29.852Z",[38,57,74,90,106],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":32,"last_updated":49,"tested_up_to":50,"requires_at_least":17,"requires_php":18,"tags":51,"homepage":54,"download_link":55,"security_score":56,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"wen-featured-image","WEN Featured Image","1.5.3","WEN Themes","https:\u002F\u002Fprofiles.wordpress.org\u002Fwenthemes\u002F","\u003Ch3>WEN Featured Image\u003C\u002Fh3>\n\u003Cp>WEN Featured Image helps you to manage featured image for your posts or pages in easy way. Featured image is displayed in the separate column in the listings. You can easily add\u002Fedit\u002Fremove featured image from the listing page. You can also force featured image for selected post types.\u003C\u002Fp>\n\u003Cp>Plugin: \u003Ca href=\"http:\u002F\u002Fwenthemes.com\u002Fitem\u002Fwordpress-plugins\u002Fwen-featured-image\u002F\" rel=\"nofollow ugc\">Home Page\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Translation\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Serbo-Croatian – \u003Ca href=\"http:\u002F\u002Fwebhostinggeeks.com\u002F\" rel=\"nofollow ugc\">Borisa Djuraskovic\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you like this plugin, please \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fview\u002Fplugin-reviews\u002Fwen-featured-image\" rel=\"ugc\">rate and review\u003C\u002Fa>.\u003Cbr \u002F>\nIf you have any question, suggestion or issue, please \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fwen-featured-image\" rel=\"ugc\">post here\u003C\u002Fa>.\u003C\u002Fp>\n","Add featured image column in listings. Add\u002Fchange\u002Fremove featured image directly from the listing page",4000,59730,88,"2024-03-17T15:21:00.000Z","6.5.8",[52,20,21,53,24],"admin","media","https:\u002F\u002Fwenthemes.com\u002Fitem\u002Fwordpress-plugins\u002Fwen-featured-image\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwen-featured-image.zip",85,{"slug":58,"name":59,"version":6,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":13,"num_ratings":66,"last_updated":67,"tested_up_to":68,"requires_at_least":69,"requires_php":18,"tags":70,"homepage":72,"download_link":73,"security_score":56,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"multi-image-upload","Multi Image Upload","Tahir Yasin","https:\u002F\u002Fprofiles.wordpress.org\u002Ftahiryasin\u002F","\u003Cp>This plugin adds a meta box to upload multiple images for posts and pages. You can enable it for custom post types also, please see installation instructions.\u003C\u002Fp>\n\u003Ch3>miu_get_images()\u003C\u002Fh3>\n\u003Cp>This function can be called from any template file to get attached images for the page\u002Fpost being viewed.\u003Cbr \u002F>\nIt returns an array of the attached image URL.\u003C\u002Fp>\n\u003Cp>It take only one argument:\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>\u003Cstrong>post_id\u003C\u002Fstrong> (integer) to get images linked to a specific post\u003C\u002Fp>\n\u003Cp> http:\u002F\u002Fwww.example.com\u002Fimage-1.png\u003Cbr \u002F>\n    [1] => http:\u002F\u002Fwww.example.com\u002Fimage-2.png\u003Cbr \u002F>\n)\u003C\u002Fp>\n\u003Cp>?>\u003C\u002Fli>\n\u003C\u002Fol>\n","This plugin adds a meta box to upload multiple images for posts and pages.",400,17302,7,"2019-04-03T21:38:00.000Z","5.1.22","2.8",[21,22,71,24],"multi","http:\u002F\u002Ftahiryasin.wordpress.com\u002Fplugins\u002Fmulti-image-upload\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmulti-image-upload.2.0.zip",{"slug":75,"name":76,"version":77,"author":78,"author_profile":79,"description":80,"short_description":81,"active_installs":82,"downloaded":83,"rating":27,"num_ratings":27,"last_updated":84,"tested_up_to":85,"requires_at_least":86,"requires_php":18,"tags":87,"homepage":88,"download_link":89,"security_score":56,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"custom-featured-image-metabox","Custom Featured Image Metabox","1.0.1","Yoren Chang","https:\u002F\u002Fprofiles.wordpress.org\u002F1fixdotio\u002F","\u003Cp>With this plugin, you can custom the Featured Image metabox by:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Set the title text instead of the default “Featured Image”.\u003C\u002Fli>\n\u003Cli>Add instructions for the image, like the image dimensions.\u003C\u002Fli>\n\u003Cli>Set a custom set \u002F remove link text, instead of the default “Set \u002F Remove featured image”.\u003C\u002Fli>\n\u003Cli>Custom the metabox by post types. Each post type has its own custom settings.\u003C\u002Fli>\n\u003C\u002Ful>\n","Custom the title, content and set \u002F remove link text in the Featured Image metabox.",70,3209,"2015-01-01T05:58:00.000Z","4.1.42","3.5",[20,22],"http:\u002F\u002F1fix.io\u002Fcustom-featured-image-metabox","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustom-featured-image-metabox.1.0.1.zip",{"slug":91,"name":92,"version":93,"author":94,"author_profile":95,"description":96,"short_description":97,"active_installs":98,"downloaded":99,"rating":13,"num_ratings":14,"last_updated":100,"tested_up_to":101,"requires_at_least":17,"requires_php":18,"tags":102,"homepage":18,"download_link":105,"security_score":56,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"advanced-multiple-image-upload","Advanced Multiple Image Upload","1.0","rakeshisro331","https:\u002F\u002Fprofiles.wordpress.org\u002Frakeshisro331\u002F","\u003Cp>Plugin to upload multiple images and can delete and edit images. Returns attachement ids and can be used in making custom gallery.\u003C\u002Fp>\n","Plugin to upload multiple images and can delete and edit images. Returns attachement ids and can be used in making custom gallery.",10,1538,"2017-06-29T07:06:00.000Z","4.8.28",[103,104,22,71,24],"attachements","images","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadvanced-multiple-image-upload.zip",{"slug":107,"name":108,"version":93,"author":109,"author_profile":110,"description":111,"short_description":112,"active_installs":98,"downloaded":113,"rating":35,"num_ratings":114,"last_updated":115,"tested_up_to":116,"requires_at_least":117,"requires_php":18,"tags":118,"homepage":121,"download_link":122,"security_score":56,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"upload-multiple-image","Upload Multiple Image","suhasrathod","https:\u002F\u002Fprofiles.wordpress.org\u002Fsuhasrathod\u002F","\u003Cp>This plugin adds a meta box for multiple images for all posts and pages. please see installation instructions.\u003C\u002Fp>\n\u003Cp>Retrive all image using function get_multiple_image($post_id)\u003C\u002Fp>\n","This plugin adds a meta box for multiple images for all posts and pages.",2905,3,"2014-02-12T11:58:00.000Z","3.7.41","3.7",[21,22,71,119,120],"multiple-upload","upload-image","http:\u002F\u002Fsuhasrathod.wordpress.com\u002F2014\u002F01\u002F29\u002Fupload-multiple-image-1\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fupload-multiple-image.zip",{"attackSurface":124,"codeSignals":171,"taintFlows":188,"riskAssessment":189,"analyzedAt":199},{"hooks":125,"ajaxHandlers":152,"restRoutes":167,"shortcodes":168,"cronEvents":169,"entryPointCount":114,"unprotectedCount":170},[126,132,136,140,144,148],{"type":127,"name":128,"callback":129,"file":130,"line":131},"action","before_woocommerce_init","closure","index.php",27,{"type":127,"name":133,"callback":134,"file":130,"line":135},"admin_menu","add_admin_menu_page",59,{"type":127,"name":137,"callback":138,"file":130,"line":139},"admin_head","print_header_post_id",60,{"type":127,"name":141,"callback":142,"file":130,"line":143},"plugins_loaded","load_textdomain",61,{"type":127,"name":145,"callback":146,"file":130,"line":147},"add_meta_boxes","toggle_meta_box_functionality",62,{"type":127,"name":149,"callback":150,"file":130,"line":151},"admin_enqueue_scripts","handle_plugin_script_loading",63,[153,159,163],{"action":154,"nopriv":155,"callback":156,"hasNonce":157,"hasCapCheck":155,"file":130,"line":158},"dgd_upload_featured_image",false,"ajax_upload_image_file",true,64,{"action":160,"nopriv":155,"callback":161,"hasNonce":155,"hasCapCheck":155,"file":130,"line":162},"dgd_set_featured_image","ajax_set_featured_image",65,{"action":164,"nopriv":155,"callback":165,"hasNonce":155,"hasCapCheck":155,"file":130,"line":166},"dgd_get_featured_image","ajax_get_featured_image",66,[],[],[],2,{"dangerousFunctions":172,"sqlUsage":173,"outputEscaping":175,"fileOperations":27,"externalRequests":27,"nonceChecks":14,"capabilityChecks":27,"bundledLibraries":187},[],{"prepared":27,"raw":27,"locations":174},[],{"escaped":32,"rawEcho":176,"locations":177},4,[178,181,183,185],{"file":130,"line":179,"context":180},138,"raw output",{"file":130,"line":182,"context":180},287,{"file":130,"line":184,"context":180},294,{"file":130,"line":186,"context":180},365,[],[],{"summary":190,"deductions":191},"The \"drag-drop-featured-image-improved\" v2.0 plugin exhibits a mixed security posture. On the positive side, it demonstrates good practices by avoiding dangerous functions, not performing file operations, not making external HTTP requests, and using prepared statements for all its SQL queries. The presence of a nonce check is also a positive indicator. However, significant concerns arise from its attack surface. Two out of three AJAX handlers lack authentication checks, creating a substantial risk of unauthorized actions if these handlers are exploitable. Furthermore, the absence of capability checks for any entry points is a critical oversight, as it means privileged actions could potentially be performed by low-privileged users.\n\nThe vulnerability history for this plugin is clean, with no recorded CVEs, which is a strong positive. This suggests a history of secure development or effective patching. However, a clean history does not negate the risks identified in the static analysis. The lack of taint analysis data might be due to the plugin's code complexity or the analysis tools used, but it leaves a potential blind spot for identifying subtle vulnerabilities. The primary risk for this plugin lies in the unprotected AJAX handlers and the overall lack of capability checks, which could be exploited to compromise site functionality or data if specific vulnerabilities exist within those handlers.\n\nIn conclusion, while the plugin has strengths in its handling of SQL, file operations, and external requests, and a commendable vulnerability history, the significant lack of authentication and capability checks on its entry points presents a serious security weakness. This oversight requires immediate attention to secure the AJAX handlers and ensure proper authorization is enforced for all plugin functionalities.",[192,194,196],{"reason":193,"points":98},"Unprotected AJAX handlers",{"reason":195,"points":98},"Missing capability checks on entry points",{"reason":197,"points":198},"Some output not properly escaped",6,"2026-03-16T22:00:18.591Z",{"wat":201,"direct":211},{"assetPaths":202,"generatorPatterns":206,"scriptPaths":207,"versionParams":208},[203,204,205],"\u002Fwp-content\u002Fplugins\u002Fdrag-drop-featured-image-improved\u002Fassets\u002Fstyle\u002Fdrag-drop-uploader.css","\u002Fwp-content\u002Fplugins\u002Fdrag-drop-featured-image-improved\u002Fassets\u002Fscripts\u002Fdrag-drop-uploader.js","\u002Fwp-content\u002Fplugins\u002Fdrag-drop-featured-image-improved\u002Fassets\u002Fstyle\u002Fdrag-to-feature.css",[],[204],[209,210],"drag-drop-featured-image-improved\u002Fassets\u002Fstyle\u002Fdrag-drop-uploader.css?ver=","drag-drop-featured-image-improved\u002Fassets\u002Fscripts\u002Fdrag-drop-uploader.js?ver=",{"cssClasses":212,"htmlComments":217,"htmlAttributes":218,"restEndpoints":222,"jsGlobals":223,"shortcodeOutput":227},[213,214,215,216],"drag-to-upload","uploadContainer","current-uploaded-image","hide-if-no-js",[],[219,220,221],"id=\"uploadContainer\"","id=\"current-uploaded-image\"","id=\"drag-to-upload\"",[],[224,225,226],"dgd_post_id","dgd_page_reload","dgd_strings",[]]