[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$ftWGKh_Vf60lg5h47-WQ8ayC1lQ-3CbUnjFguIUaTIm4":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":14,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":37,"analysis":142,"fingerprints":246},"drop-in-dropbox","Drop in Dropbox","0.2.7","Denis Buka","https:\u002F\u002Fprofiles.wordpress.org\u002Fdenis-buka\u002F","\u003Cp>This plugin allows you to upload single files or entire directories with subdirectories to your Dropbox account. You can use it for backup, synchronization or whatever uploading tasks you may have.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features overview:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Upload entire directories with subdirectories to your Dropbox account.   \u003C\u002Fli>\n\u003Cli>Backup your entire site files by pointing to the WordPress installation directory.   \u003C\u002Fli>\n\u003Cli>Specify a Dropbox folder to which your files should be uploaded. If such folder doesn’t exist it will be created.   \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>My other plugins:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Intuitive Navigation (https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fintuitive-navigation\u002F)   \u003C\u002Fli>\n\u003Cli>Generate Cache (https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fgenerate-cache\u002F)   \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Links: \u003Ca href=\"http:\u002F\u002Fsteamingkettle.net\" rel=\"nofollow ugc\">Steaming Kettle Website Design & Video Production Studio\u003C\u002Fa>\u003C\u002Fp>\n","Upload single files or entire directories with subdirectories to your Dropbox account.",10,8010,0,"","3.4.2","3.2",[18,19,20,21,22],"backup","directories","dropbox","files","upload","http:\u002F\u002Fsteamingkettle.net\u002Fweb-design\u002Fwordpress-plugins\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdrop-in-dropbox.0.2.7.zip",100,null,"2026-03-15T10:48:56.248Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":33,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"denis-buka",3,40,90,30,87,"2026-04-04T07:04:36.236Z",[38,60,78,103,122],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":13,"num_ratings":13,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":14,"tags":51,"homepage":54,"download_link":55,"security_score":56,"vuln_count":57,"unpatched_count":57,"last_vuln_date":58,"fetched_at":59},"xm-backup","XM-Backup","0.9.1","Xavier Media","https:\u002F\u002Fprofiles.wordpress.org\u002Fandreasbylund\u002F","\u003Cp>This plugin will do a backup of your WordPress database and, or your files in wp-content\u002Fuploads and saves\u003Cbr \u002F>\nit somewhere safe. You can have the backup saved in your \u003Ca href=\"http:\u002F\u002Fdb.tt\u002F9Jo39Xy\" rel=\"nofollow ugc\">Dropbox account\u003C\u002Fa>, a FTP account of your choise, your\u003Cbr \u002F>\naccount with \u003Ca href=\"http:\u002F\u002Fwww.securepaynet.net\u002Femail\u002Fonline-file-storage.aspx?ci=1796&prog_id=xaviermedia&isc=xmbackup\" rel=\"nofollow ugc\">Online File Folder\u003C\u002Fa>, or have the backup emailed to you (not recommended for large files). You can\u003Cbr \u002F>\nselect to have the backups named the same every day or to have a date added to each file name.\u003C\u002Fp>\n\u003Cp>This plugin requires PHP, cURL, PHP compiled with ZIP support, and Oauth (for Dropbox).\u003C\u002Fp>\n\u003Cp>** NO WARRANTY SUPPLIED! **\u003C\u002Fp>\n\u003Cp>** Make sure you test your Backups! **\u003C\u002Fp>\n","Does a backup of your Wordpress database and, or your files in wp-content\u002Fuploads and saves it in a safe location.",60,13425,"2012-05-19T19:24:00.000Z","3.3.2","2.7.0",[18,52,20,21,53],"database","ftp","http:\u002F\u002Fwww.xaviermedia.com\u002Fwordpress\u002Fplugins\u002Fxm-backup.php","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fxm-backup.zip",63,1,"2025-08-25 00:00:00","2026-03-15T15:16:48.613Z",{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":68,"downloaded":69,"rating":70,"num_ratings":31,"last_updated":71,"tested_up_to":72,"requires_at_least":73,"requires_php":14,"tags":74,"homepage":14,"download_link":76,"security_score":56,"vuln_count":57,"unpatched_count":57,"last_vuln_date":77,"fetched_at":59},"filepicker-media-uploader","Filestack","2.0.8","shanaver","https:\u002F\u002Fprofiles.wordpress.org\u002Fshanaver\u002F","\u003Cp>Use Filestack to upload files directly from Facebook, Instagram, Google Images and more for your WordPress site, without ever leaving WordPress.\u003C\u002Fp>\n","Use Filestack to upload files directly from Facebook, Instagram, Google Images and more for your WordPress site, without ever leaving WordPress.",20,3686,80,"2016-11-21T20:09:00.000Z","4.7.32","3.0.1",[75],"filestack-filepicker-filepicker-io-media-uploads-facebook-dropbox-google-drive-box-skydrive-instagram-picasa-instagram-flickr-github-evernote-alfresco","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffilepicker-media-uploader.2.0.8.zip","2026-02-17 16:17:30",{"slug":79,"name":80,"version":81,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":86,"downloaded":87,"rating":88,"num_ratings":89,"last_updated":90,"tested_up_to":91,"requires_at_least":92,"requires_php":92,"tags":93,"homepage":98,"download_link":99,"security_score":100,"vuln_count":101,"unpatched_count":13,"last_vuln_date":102,"fetched_at":59},"fileorganizer","FileOrganizer – WordPress File Manager","1.1.8","Softaculous","https:\u002F\u002Fprofiles.wordpress.org\u002Fsoftaculous\u002F","\u003Cp>FileOrganizer is a lightweight and easy-to-use WordPress file manager. Organize and manage your WordPress files with FileOrganizer without any control panel or FTP access. You can access, upload, download, edit, delete, zip, cut, copy, and paste files even outside the WordPress root directory.\u003C\u002Fp>\n\u003Ch3>Free Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Files and directory Management:\u003C\u002Fstrong> Supports all file operations on a remote server such as create files or directory, upload, download, rename, copy, etc.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Drag & drop:\u003C\u002Fstrong> Easy drag-and-drop file transfer for uploading and moving files.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Built-in editor:\u003C\u002Fstrong> FileOrganizer has a built-in editor for editing code and files.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Archive creation \u002F extraction:\u003C\u002Fstrong>  Create or extract archives with one click(.zip, .tar)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>File Previews\u003C\u002Fstrong>: Supports previews for common file types including PDFs, pictures, videos, audio, and thumbnails.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Responsive\u003C\u002Fstrong>: FileOrganizer is compatible with tablets and smartphones.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Search\u003C\u002Fstrong>: The built-in search feature makes it simple to find your files.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>File View\u003C\u002Fstrong>: Offers both icons and list views for easy navigation.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Image Thumbnails\u003C\u002Fstrong>: Display thumbnails for image files.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Support Shortcuts\u003C\u002Fstrong>: Common keyboard shortcuts such as cut, copy, paste, etc. are available.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Toolbar\u003C\u002Fstrong>: Rich Toolbar and context menu are available.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Directory Size\u003C\u002Fstrong>: Calculates size of the directory.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>File\u002FDirectory Info\u003C\u002Fstrong>: File or directory information can retrived by simply right-clicking a file and choosing Get Info.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Info\u003C\u002Fh3>\n\u003Cp>Do you have questions related to FileOrganizer ? Use the following links :\u003C\u002Fp>\n\u003Col>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ffileorganizer.net\u002Fdocs\" rel=\"nofollow ugc\">Docs\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ffileorganizer.deskuss.com\" rel=\"nofollow ugc\">Help Desk\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002FfileOrganizer\" rel=\"ugc\">Support Forum\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Fol>\n","FileOrganizer is an intuitive file manager to easily edit, delete, upload, download, and manage all your WordPress files and folders right from the da &hellip;",200000,1830720,96,45,"2025-12-05T12:43:00.000Z","6.9.4","5.5",[94,95,79,96,97],"file-explorer","file-manager","upload-files","wordpress-file-manager","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ffileorganizer\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffileorganizer.1.1.8.zip",95,5,"2024-12-06 21:06:15",{"slug":104,"name":105,"version":106,"author":107,"author_profile":108,"description":109,"short_description":110,"active_installs":111,"downloaded":112,"rating":113,"num_ratings":114,"last_updated":115,"tested_up_to":91,"requires_at_least":116,"requires_php":14,"tags":117,"homepage":14,"download_link":121,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":59},"clean-image-filenames","Clean Image Filenames","1.5","Upperdog","https:\u002F\u002Fprofiles.wordpress.org\u002Fupperdog\u002F","\u003Cp>This plugin automatically converts language accent characters in filenames when uploading to the media library. Characters are converted into browser and server friendly, non-accent characters.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Converts accent characters to non-accent, latin equivalents in Swedish, Danish, German, and more.\u003C\u002Fli>\n\u003Cli>Removes special characters like exclamation marks, periods, hashtags, and more.\u003C\u002Fli>\n\u003Cli>Lets you choose if you want to convert only image files, or all file types.\u003C\u002Fli>\n\u003Cli>Makes site and server migrations easier thanks to non-accent character filenames.\u003C\u002Fli>\n\u003Cli>Provides filter hook for developers who want to specify which file types to convert.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Examples\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Räksmörgås.jpg \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> raksmorgas.jpg\u003C\u002Fli>\n\u003Cli>Æblegrød_FTW!.gif \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> aeblegrod-ftw.gif\u003C\u002Fli>\n\u003Cli>Château de Ferrières.png \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> chateau-de-ferrieres.png\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Worth noting\u003C\u002Fh3>\n\u003Cp>The plugin only converts filenames when the files are being uploaded. It can not convert existing files.\u003C\u002Fp>\n\u003Ch3>Filter for developers\u003C\u002Fh3>\n\u003Cp>This filter provides developers a way to specify which file types the plugin should convert. This filter overrides the plugin settings on the media settings page. For a complete list of mime types, see \u003Ca href=\"http:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FInternet_media_type\" rel=\"nofollow ugc\">Wikipedia\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>The following example will convert PDF, JPEG and PNG files only:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>function my_clean_image_filenames_mime_types() {\n    $mime_types = array(\n        'application\u002Fpdf',\n        'image\u002Fjpeg',\n        'image\u002Fpng',\n    );\n    return $mime_types;\n}\nadd_filter( 'clean_image_filenames_mime_types', 'my_clean_image_filenames_mime_types' );\n\u003C\u002Fcode>\u003C\u002Fpre>\n","This plugin automatically converts language accent characters to non-accent characters in filenames when uploading to the media library.",30000,335219,92,21,"2026-01-14T09:45:00.000Z","2.9",[21,118,119,120,22],"images","media","sanitize","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fclean-image-filenames.1.5.zip",{"slug":123,"name":124,"version":125,"author":126,"author_profile":127,"description":128,"short_description":129,"active_installs":111,"downloaded":130,"rating":70,"num_ratings":68,"last_updated":131,"tested_up_to":132,"requires_at_least":92,"requires_php":133,"tags":134,"homepage":138,"download_link":139,"security_score":140,"vuln_count":57,"unpatched_count":13,"last_vuln_date":141,"fetched_at":59},"file-upload-types","File Upload Types by WPForms","1.5.0","Jared Atchison","https:\u002F\u002Fprofiles.wordpress.org\u002Fjaredatch\u002F","\u003Ch3>WordPress File Upload Types Plugin\u003C\u002Fh3>\n\u003Cp>Do you want to let your WordPress website accept uploads from your users for more file types and to freely upload files? We created the File Upload Types plugin to make it simple for anyone to easily add support for any file types with any extension or MIME type.\u003C\u002Fp>\n\u003Ch4>How WordPress File Uploads Work\u003C\u002Fh4>\n\u003Cp>By default, WordPress only allows \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FUploading_Files#About_Uploading_Files_on_Dashboard\" rel=\"nofollow ugc\">certain file types\u003C\u002Fa> to be uploaded to your website’s media library.\u003C\u002Fp>\n\u003Cp>If someone tries to upload a file type outside of these whitelisted WordPress file extensions, this can be the cause of the \u003Ca href=\"https:\u002F\u002Fwww.wpbeginner.com\u002Fcommon-wordpress-errors-and-how-to-fix-them\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=fileuploadtyes&utm_content=readme\" title=\"common WordPress error\" rel=\"friend nofollow ugc\">common WordPress error\u003C\u002Fa> \u003Ccode>Sorry, this file type is not permitted for security reasons\u003C\u002Fcode> message.\u003C\u002Fp>\n\u003Cp>It can be frustrating if you’ve \u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Fhow-to-create-a-file-upload-form-in-wordpress\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=fileuploadtypes&utm_content=readme\" rel=\"friend\" title=\"\ncreated a file upload form\">created a file upload form\u003C\u002Fa> in WordPress but the file type you want to accept is a file extension that’s not allowed.\u003C\u002Fp>\n\u003Cp>This plugin lets your website upload more file types beyond the limited file extension types that WordPress allows by default.\u003C\u002Fp>\n\u003Ch4>How does the File Upload Types plugin work?\u003C\u002Fh4>\n\u003Cp>The File Upload Types plugin works by letting you adjust the internal file whitelist, letting you manually control which types of file extensions your WordPress website can upload.\u003C\u002Fp>\n\u003Cp>This way, you can accept any file type through your website and\u002For any contact form plugin like \u003Ca href=\"https:\u002F\u002Fwww.wpforms.com\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=fileuploadtypes&utm_content=readme\" title=\"WPForms\" rel=\"friend nofollow ugc\">WPForms\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>What file types can I upload to WordPress with this plugin?\u003C\u002Fh4>\n\u003Cp>The File Upload Types plugin lets you allow uploads of any file extension, including custom file types.\u003C\u002Fp>\n\u003Cp>Some common file extension types this plugin lets you add that WordPress doesn’t support natively include:\u003C\u002Fp>\n\u003Cp>.ai\u003Cbr \u002F>\n.zip\u003Cbr \u002F>\n.xml\u003Cbr \u002F>\n.svg\u003Cbr \u002F>\n.csv\u003Cbr \u002F>\n.mobi\u003Cbr \u002F>\n.cad\u003Cbr \u002F>\n.dwg\u003Cbr \u002F>\n.dxf\u003C\u002Fp>\n\u003Cp>…and any other file extensions that exist, including custom file types.\u003C\u002Fp>\n\u003Cp>We hope that you find the File Upload Types plugin helpful!\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>This plugin was created by the team behind \u003Ca href=\"https:\u002F\u002Fwpforms.com\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=fileuploadtyes&utm_content=readme\" rel=\"friend nofollow ugc\">WPForms\u003C\u002Fa> – the best drag & drop form builder for WordPress.\u003C\u002Fp>\n\u003Ch3>What’s Next\u003C\u002Fh3>\n\u003Cp>If you like this plugin, then consider checking out our other projects:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=fileuploadtyes&utm_content=readme\" title=\"OptinMonster\" rel=\"friend nofollow ugc\">WPForms\u003C\u002Fa> – The best WordPress Contact Form Plugin.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Foptinmonster.com\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=fileuploadtyes&utm_content=readme\" title=\"OptinMonster\" rel=\"friend nofollow ugc\">OptinMonster\u003C\u002Fa> – Get more email subscribers with the most popular conversion optimization plugin for WordPress.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.monsterinsights.com\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=fileuploadtyes&utm_content=readme\" title=\"MonsterInsights\" rel=\"friend nofollow ugc\">MonsterInsights\u003C\u002Fa> – See the stats that matter and grow your business with confidence. Best Google Analytics plugin for WordPress.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.seedprod.com\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=fileuploadtyes&utm_content=readme\" title=\"SeedProd\" rel=\"friend nofollow ugc\">SeedProd\u003C\u002Fa> – Jumpstart your website with the #1 Coming Soon & Maintenance Mode plugin for WordPress.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpmailsmtp.com\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=fileuploadtyes&utm_content=readme\" rel=\"nofollow ugc\">WP Mail SMTP\u003C\u002Fa> – Improve email deliverability for your contact form with the most popular SMTP plugin for WordPress.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Frafflepress.com\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=fileuploadtyes&utm_content=readme\" rel=\"nofollow ugc\">RafflePress\u003C\u002Fa> – The Best WordPress giveaway and contest plugin.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Visit \u003Ca href=\"http:\u002F\u002Fwww.wpbeginner.com\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=fileuploadtyes&utm_content=readme\" title=\"WPBeginner\" rel=\"friend nofollow ugc\">WPBeginner\u003C\u002Fa> to learn from our \u003Ca href=\"http:\u002F\u002Fwww.wpbeginner.com\u002Fcategory\u002Fwp-tutorials\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=fileuploadtyes&utm_content=readme\" title=\"WordPress Tutorials\" rel=\"friend nofollow ugc\">WordPress tutorials\u003C\u002Fa> and find out about other \u003Ca href=\"http:\u002F\u002Fwww.wpbeginner.com\u002Fcategory\u002Fplugins\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=fileuploadtyes&utm_content=readme\" title=\"Best WordPress plugins\" rel=\"friend nofollow ugc\">best WordPress plugins\u003C\u002Fa>.\u003C\u002Fp>\n","Easily allow WordPress to accept and upload any file type extension or MIME type, including custom file types.",242227,"2024-10-23T14:00:00.000Z","6.6.5","7.0",[135,136,21,137,22],"attachments","file-upload","mime","https:\u002F\u002Fwpforms.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffile-upload-types.1.5.0.zip",91,"2024-10-24 20:07:47",{"attackSurface":143,"codeSignals":164,"taintFlows":193,"riskAssessment":230,"analyzedAt":245},{"hooks":144,"ajaxHandlers":160,"restRoutes":161,"shortcodes":162,"cronEvents":163,"entryPointCount":13,"unprotectedCount":13},[145,151,155],{"type":146,"name":147,"callback":148,"file":149,"line":150},"action","admin_init","drop_drop_init","drop-in-dropbox.php",25,{"type":146,"name":152,"callback":153,"file":149,"line":154},"admin_menu","drop_drop_add_options_page",26,{"type":156,"name":157,"callback":158,"priority":11,"file":149,"line":159},"filter","plugin_action_links","drop_drop_plugin_action_links",182,[],[],[],[],{"dangerousFunctions":165,"sqlUsage":171,"outputEscaping":173,"fileOperations":191,"externalRequests":57,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":192},[166],{"fn":167,"file":168,"line":169,"context":170},"unserialize","functions.php",66,"$files = unserialize($files);",{"prepared":13,"raw":13,"locations":172},[],{"escaped":13,"rawEcho":174,"locations":175},7,[176,179,181,183,185,187,189],{"file":149,"line":177,"context":178},76,"raw output",{"file":149,"line":180,"context":178},94,{"file":149,"line":182,"context":178},111,{"file":149,"line":184,"context":178},140,{"file":149,"line":186,"context":178},146,{"file":168,"line":188,"context":178},28,{"file":168,"line":190,"context":178},106,11,[],[194,219],{"entryPoint":195,"graph":196,"unsanitizedCount":57,"severity":218},"\u003Crun1> (run1.php:0)",{"nodes":197,"edges":214},[198,204,208],{"id":199,"type":200,"label":201,"file":202,"line":203},"n0","source","$_POST","run1.php",9,{"id":205,"type":206,"label":207,"file":202,"line":203},"n1","transform","→ dropNow()",{"id":209,"type":210,"label":211,"file":168,"line":212,"wp_function":213},"n2","sink","file_put_contents() [File Write]",107,"file_put_contents",[215,217],{"from":199,"to":205,"sanitized":216},false,{"from":205,"to":209,"sanitized":216},"medium",{"entryPoint":220,"graph":221,"unsanitizedCount":57,"severity":218},"\u003Crun2> (run2.php:0)",{"nodes":222,"edges":227},[223,225,226],{"id":199,"type":200,"label":201,"file":224,"line":203},"run2.php",{"id":205,"type":206,"label":207,"file":224,"line":203},{"id":209,"type":210,"label":211,"file":168,"line":212,"wp_function":213},[228,229],{"from":199,"to":205,"sanitized":216},{"from":205,"to":209,"sanitized":216},{"summary":231,"deductions":232},"The plugin 'drop-in-dropbox' v0.2.7 exhibits several concerning security practices despite a lack of recorded vulnerabilities. The static analysis reveals a significant issue with output escaping, as 0% of the 7 total outputs are properly escaped. This could lead to cross-site scripting (XSS) vulnerabilities if user-supplied data is not handled carefully before being displayed. Additionally, the presence of the `unserialize` function without accompanying sanitization or validation is a critical risk, as it can be exploited to execute arbitrary code. The taint analysis, while reporting no critical or high severity flows, did identify 2 flows with unsanitized paths, which warrants further investigation, especially in conjunction with the `unserialize` function. The plugin's attack surface is currently reported as zero, and there are no known CVEs, which is positive. However, the code signals, particularly the unescaped outputs and the dangerous use of `unserialize`, indicate a weak security posture that could be easily exploited if an attacker can find a way to inject malicious data.",[233,236,239,241,243],{"reason":234,"points":235},"Dangerous function unserialize present",15,{"reason":237,"points":238},"0% of outputs properly escaped",8,{"reason":240,"points":101},"Taint analysis shows unsanitized paths",{"reason":242,"points":101},"No nonce checks",{"reason":244,"points":101},"No capability checks","2026-03-16T23:21:00.390Z",{"wat":247,"direct":254},{"assetPaths":248,"generatorPatterns":251,"scriptPaths":252,"versionParams":253},[249,250],"\u002Fwp-content\u002Fplugins\u002Fdrop-in-dropbox\u002Fdrop-in-dropbox.css","\u002Fwp-content\u002Fplugins\u002Fdrop-in-dropbox\u002Fdrop-in-dropbox.js",[],[250],[],{"cssClasses":255,"htmlComments":256,"htmlAttributes":270,"restEndpoints":278,"jsGlobals":279,"shortcodeOutput":280},[],[257,258,259,260,261,262,263,264,265,266,267,268,269],"\u003C!-- Sign up for Dropbox -->","\u003C!-- password saved -->","\u003C!-- could be anything within your WordPress installation -->","\u003C!-- full directory path -->","\u003C!-- you can use this path to back up your entire WordPress installation -->","\u003C!-- if the folder doesn't exist it will be created -->","\u003C!-- delete flagfile if it's too old -->","\u003C!-- Running... -->","\u003C!-- Currently uploading: -->","\u003C!-- Starting upload... -->","\u003C!-- Uploading to Dropbox aborted. -->","\u003C!-- make sure you've saved any recent changes -->","\u003C!-- My other plugins: -->",[271,272,273,274,275,276,277],"name=\"drop_drop_options[drop_drop_email]\"","name=\"drop_drop_options[drop_drop_pwd]\"","name=\"drop_drop_options[drop_drop_loc_dir]\"","name=\"drop_drop_options[drop_drop_rem_dir]\"","name=\"drop_drop_abort\"","name=\"refresh\"","name=\"drop_drop_now\"",[],[],[281],"\u003Ca target=\"_blank\" href=\"http:\u002F\u002Fdb.tt\u002FOg2TFSR4\">Sign up for Dropbox &raquo;\u003C\u002Fa>"]