[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fZkmCaKDOK4XUaCiVy5o_5lZNmVja9Tz8RoOpf9p11fk":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":18,"download_link":23,"security_score":24,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":36,"analysis":139,"fingerprints":190},"easy-featured-images","Easy Featured Images","1.2.0","danielpataki","https:\u002F\u002Fprofiles.wordpress.org\u002Fdanielpataki\u002F","\u003Cp>Easy Featured Images allows you to assign featured images to posts much more efficiently, especially if you have a number of posts to go through. Normally you have to visit the edit page of each post, launch the media window and upload\u002Fassign the image.\u003C\u002Fp>\n\u003Cp>With the plugin enabled you can do this from the post list screen. Everything words via AJAX so images are assigned instantly, without having to wait for pages to load. It uses the regular WordPress media box making the plugin 100% WordPress awesome.\u003C\u002Fp>\n\u003Cp>Easy Featured Images also support \u003Cstrong>WooCommerce\u003C\u002Fstrong>, yay!\u003C\u002Fp>\n\u003Cp>You can use the \u003Ccode>efi\u002Fpost_types\u003C\u002Fcode> filter to modify the array of post types that the plugin’s functionality is assigned to. Return the final list of post types you want the plugin to be applied to:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>add_filter( 'efi\u002Fpost_types', 'my_post_type_images' );\nfunction my_post_type_images( $post_types ) {\n    unset( $post_types['page'] );\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>As of 1.2.0 the plugin has an \u003Ccode>efi\u002Fsettings\u003C\u002Fcode> filter which allows developers to change some settings. For now the only setting available is \u003Ccode>show_thumbnail_preview\u003C\u002Fcode> which can be set to true or false.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>add_filter( 'efi\u002Fsettings', 'my_efi_settings' );\nfunction my_efi_settings( $settings ) {\n    $settings['show_thumbnail_preview'] = false;\n    return $settings\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Thanks\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ftommcfarlin.com\u002Fthe-wordpress-media-uploader\u002F\" rel=\"nofollow ugc\">Tom McFarlin\u003C\u002Fa> for the basis of the Javascript that initiates the media uploader\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Funsplash.com\u002Fcolepatrick\" rel=\"nofollow ugc\">Cole Patrick\u003C\u002Fa> for the fantastic photo for the plugin’s featured image\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ftmconnect\" rel=\"nofollow ugc\">Thomas Meyer\u003C\u002Fa> for the German translation.\u003C\u002Fli>\n\u003C\u002Ful>\n","Allows you to add and remove featured images from admin post lists. Works with AJAX and magic for your image assignment pleasure.",1000,10486,94,7,"2015-05-05T19:04:00.000Z","4.2.39","3.5.0","",[20,21,22],"ajax","featured-images","media","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feasy-featured-images.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":32,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},12,6840,84,30,83,"2026-04-04T16:03:59.069Z",[37,61,80,100,120],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":18,"download_link":57,"security_score":58,"vuln_count":59,"unpatched_count":25,"last_vuln_date":60,"fetched_at":27},"grey-owl-lightbox","Grey Owl Lightbox","2.0.0","greyowl0015","https:\u002F\u002Fprofiles.wordpress.org\u002Fgreyowl0015\u002F","\u003Cp>Responsive lightbox plugin for images, galleries, videos, HTML and AJAX content with JavaScript event support.\u003C\u002Fp>\n\u003Ch3>About Plugin\u003C\u002Fh3>\n\u003Cp>The “Grey Owl Lightbox” plugin is designed to display different content in the lightbox,\u003Cbr \u002F>\nFor example: image, galleries, videos and other html content.\u003Cbr \u002F>\nThe plugin is triggering JAVASCRIPT events to control the lightbox via the .JS file\u003C\u002Fp>\n\u003Cp>At the core of the plugin is the js library, which works with jQuery, each developer can use events for more features of this plugin. A list and examples of all events are on the documentation page.\u003C\u002Fp>\n\u003Ch3>First view\u003C\u002Fh3>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FPXuw3T2Lm84?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>Open image in lightbox\u003C\u002Fh3>\n\u003Cp>to open an image in a lightbox after clicking a button or a link, you need to add a class to the button, which will be used as a trigger in the JavaScript code\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FiX2FflFgk54?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>Opens gallery in lightbox\u003C\u002Fh3>\n\u003Cp>to open the gallery in a lightbox after clicking a button or link, you need to add a class to the button that will be used as a trigger in the JavaScript code, in the options add an object with links to images\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F81gY2KReUHc?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>Opens video in lightbox\u003C\u002Fh3>\n\u003Cp>to open a video in a lightbox after clicking a button or link, you need to add a class to the button that will be used as a trigger in the JavaScript code, in the options add a link to the video\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FyUYKzRo2Tbc?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>Opens HTML element from DOM in lightbox\u003C\u002Fh3>\n\u003Cp>opens HTML elements in a lightbox, making them invisible beforehand, it is also possible to embed dynamic content into HTML\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FU5DNY7g6bik?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>AJAX callback\u003C\u002Fh3>\n\u003Cp>opens AJAX requests elements in a lightbox\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FZCJVM2L0Zkg?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n","Responsive lightbox plugin for images, galleries, videos, HTML and AJAX content with JavaScript event support.",40,7662,100,2,"2025-08-30T09:30:00.000Z","6.8.5","4.1","7.0",[20,54,55,22,56],"content-html","lightbox","video","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgrey-owl-lightbox.2.0.0.zip",99,1,"2024-11-20 13:41:22",{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":33,"downloaded":69,"rating":70,"num_ratings":48,"last_updated":71,"tested_up_to":72,"requires_at_least":73,"requires_php":18,"tags":74,"homepage":78,"download_link":79,"security_score":24,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"random-post-ajax","Random Post with ajax","0.8.1","sadegh3333","https:\u002F\u002Fprofiles.wordpress.org\u002Fsadegh3333\u002F","\u003Cblockquote>\n\u003Cp>What we have created is a combination of elegance and simplicity.\u003Cbr \u002F>\n  To be able to post random show site users. Simply install and activate the plugin Random post with ajax and only using a shortcode in any part of the site that you want to display random posts.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>Random Post with Ajax includes the following features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Choice Categories\u003C\u002Fli>\n\u003Cli>Choice of Post Type\u003C\u002Fli>\n\u003Cli>Possibility to choose the number of posts\u003C\u002Fli>\n\u003Cli>Show Content (Excerpt)\u003C\u002Fli>\n\u003Cli>Display post date\u003C\u002Fli>\n\u003Cli>Show Thumbnail of post\u003C\u002Fli>\n\u003Cli>Beautiful design\u003C\u002Fli>\n\u003Cli>User friendly\u003C\u002Fli>\n\u003Cli>Responsive\u003C\u002Fli>\n\u003C\u002Ful>\n","Combining beauty and efficiency to display random posts",5809,70,"2020-03-28T12:43:00.000Z","5.3.21","4.0.1",[20,21,75,76,77],"post","random","random-posts","https:\u002F\u002Fwpmen.ir","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frandom-post-ajax.zip",{"slug":81,"name":82,"version":83,"author":84,"author_profile":85,"description":86,"short_description":87,"active_installs":88,"downloaded":89,"rating":47,"num_ratings":59,"last_updated":90,"tested_up_to":91,"requires_at_least":92,"requires_php":18,"tags":93,"homepage":98,"download_link":99,"security_score":24,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"4nton-extensions","Anton Extensions","1.2.2","Anthony Carbon","https:\u002F\u002Fprofiles.wordpress.org\u002Fmaster-buldog\u002F","\u003Cp>Anton Extensions has PHP coding SOP fuction that prevent errors, list of addons that may suitable for your site requirements, and many more free features that you might love. This plugin is can integrate with Gravity Forms, Override WordPress default emails, login landing page, and more.\u003C\u002Fp>\n\u003Ch4>FREE Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Manage wp-login.php login landing page. Override the default WordPress layout, logo and permalink. \u003Ca href=\"https:\u002F\u002Fdemo.anthonycarbon.com\u002Fwp-login.php\" rel=\"nofollow ugc\">DEMO\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Override the WordPress email subject name and email using general settings name and email address.\u003C\u002Fli>\n\u003Cli>Turn your Gravity Form activation page into popup layout with admin settings.\u003C\u002Fli>\n\u003Cli>Override the WordPress new user registration subject name ([%s] New User Registration).\u003C\u002Fli>\n\u003Cli>Disable\u002FEnable input auto fill or autocomplete.\u003C\u002Fli>\n\u003Cli>Fix Gravity Forms Uncaught TypeError: grecaptcha.render\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Addons\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.anthonycarbon.com\u002Fproduct\u002Fgravity-forms-media-upload-field\u002F\" rel=\"nofollow ugc\">Gravity Forms Media Upload Field\u003C\u002Fa> – add custom field that can upload image with prefered dimension, save to media dashboard.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.anthonycarbon.com\u002Fproduct\u002Fwp-print\u002F\" rel=\"nofollow ugc\">WP Print\u003C\u002Fa> – Customized your post, page, or custom post-type print layout without doing any back-end coding.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Related plugins\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.anthonycarbon.com\u002Fproduct-category\u002Fwordpress-plugins\u002F\" rel=\"nofollow ugc\">Anthony Carbon Plugins\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Develop by\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.anthonycarbon.com\u002F\" rel=\"nofollow ugc\">anthonycarbon.com – WordPress Developer \u002F Programmer\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Happy coding everyone :D.\u003C\u002Fp>\n","Developer and Programmer tools and tasks helper. Helpful SOP features.",10,2118,"2019-06-01T02:30:00.000Z","5.0.25","4.4",[20,94,95,96,97],"field","gravityform","media-upload","wp-login-php","https:\u002F\u002Fwww.anthonycarbon.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002F4nton-extensions.zip",{"slug":101,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":88,"downloaded":108,"rating":47,"num_ratings":48,"last_updated":109,"tested_up_to":110,"requires_at_least":111,"requires_php":112,"tags":113,"homepage":118,"download_link":119,"security_score":47,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"api-for-htmx","HyperPress: Modern Hypermedia for WordPress","3.0.5","Esteban","https:\u002F\u002Fprofiles.wordpress.org\u002Ftcattd\u002F","\u003Cp>Supercharge WordPress with the power of hypermedia. Use Datastar, HTMX or Alpine Ajax to create rich, interactive blocks and pages—all with the simplicity of PHP. No JavaScript required.\u003C\u002Fp>\n\u003Cp>Hypermedia is a concept that extends the idea of hypertext by allowing for more complex interactions and data representations. It enables the use of AJAX, WebSockets, and Server-Sent Events directly in HTML using attributes, without writing any JavaScript. It reuses an “old” concept, \u003Ca href=\"https:\u002F\u002Fhypermedia.systems\u002F\" rel=\"nofollow ugc\">Hypermedia\u003C\u002Fa>, to handle the modern web in a more HTML-like and natural way.\u003C\u002Fp>\n\u003Cp>Check the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FEstebanForge\u002FHyperPress\" rel=\"nofollow ugc\">full feature set at here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>This plugin include several Hypermedia libraries by default, locally from the plugin folder. Currently, it includes:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fhtmx.org\u002F\" rel=\"nofollow ugc\">HTMX\u003C\u002Fa> with \u003Ca href=\"https:\u002F\u002Fhyperscript.org\u002F\" rel=\"nofollow ugc\">Hyperscript\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Falpine-ajax.js.org\u002F\" rel=\"nofollow ugc\">Alpine Ajax\u003C\u002Fa> with \u003Ca href=\"https:\u002F\u002Falpinejs.dev\u002F\" rel=\"nofollow ugc\">Alpine.js\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdata-star.dev\u002F\" rel=\"nofollow ugc\">Datastar\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The plugin has an opt-in option, not enforced, to include these third-party libraries from a CDN (using the unpkg.com service). You must explicitly enable this option for privacy and security reasons.\u003C\u002Fp>\n","Supercharge WordPress with Hypermedia. Build interactive blocks & pages with Datastar, HTMX or Alpine Ajax—all using simple PHP. No JS required.",3186,"2026-01-17T03:36:00.000Z","6.9.4","6.5","8.2",[20,114,115,116,117],"alpinejs","datastar","htmx","hypermedia","https:\u002F\u002Fgithub.com\u002FEstebanForge\u002FHyperPress","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fapi-for-htmx.3.0.5.zip",{"slug":121,"name":122,"version":123,"author":124,"author_profile":125,"description":126,"short_description":127,"active_installs":88,"downloaded":128,"rating":25,"num_ratings":25,"last_updated":129,"tested_up_to":103,"requires_at_least":130,"requires_php":18,"tags":131,"homepage":137,"download_link":138,"security_score":24,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"image-gallery-with-ajax-comments","Image Gallery and comments","1.0","matainja","https:\u002F\u002Fprofiles.wordpress.org\u002Fmatainja\u002F","\u003Cp>image gallery comment plugin provide ajax comment of each image in wordpress.\u003C\u002Fp>\n\u003Cp>image gallery comment  through 2.9.1, MSIE  8, Firefox 4,Google Chrome and Safari 3.\u003C\u002Fp>\n\u003Ch4>Demo\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Demo link – \u003Ca href=\"http:\u002F\u002Fwww.matainja.com\u002F\" rel=\"nofollow ugc\">demo\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","image gallery comment is a Wordpress Plugin that will working with media image with ajax comment of each image.",9820,"2013-10-09T08:34:00.000Z","2.0.2",[132,133,134,135,136],"ajax-comment-of-image","gallery-with-ajax-comment","image-gallery","image-with-comment","media-image-gallery","http:\u002F\u002Fwww.matainja.com\u002Fwordpress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fimage-gallery-with-ajax-comments.zip",{"attackSurface":140,"codeSignals":163,"taintFlows":182,"riskAssessment":183,"analyzedAt":189},{"hooks":141,"ajaxHandlers":159,"restRoutes":160,"shortcodes":161,"cronEvents":162,"entryPointCount":25,"unprotectedCount":25},[142,148,152,156],{"type":143,"name":144,"callback":145,"file":146,"line":147},"action","plugins_loaded","load_textdomain","class-easy-featured-images.php",50,{"type":143,"name":149,"callback":150,"priority":58,"file":146,"line":151},"init","admin_list_modifications",51,{"type":143,"name":153,"callback":154,"file":146,"line":155},"admin_enqueue_scripts","enqueue_assets",52,{"type":143,"name":149,"callback":157,"file":146,"line":158},"set_settings",53,[],[],[],[],{"dangerousFunctions":164,"sqlUsage":165,"outputEscaping":167,"fileOperations":25,"externalRequests":25,"nonceChecks":25,"capabilityChecks":25,"bundledLibraries":181},[],{"prepared":25,"raw":25,"locations":166},[],{"escaped":25,"rawEcho":168,"locations":169},5,[170,173,175,177,179],{"file":146,"line":171,"context":172},202,"raw output",{"file":146,"line":174,"context":172},206,{"file":146,"line":176,"context":172},209,{"file":146,"line":178,"context":172},213,{"file":146,"line":180,"context":172},218,[],[],{"summary":184,"deductions":185},"The \"easy-featured-images\" v1.2.0 plugin exhibits a generally strong security posture based on the provided static analysis. The absence of exposed entry points like AJAX handlers, REST API routes, shortcodes, or cron events significantly limits the potential attack surface. Furthermore, the code demonstrates a commitment to secure database practices by utilizing prepared statements for all SQL queries.  The lack of recorded vulnerability history also suggests a history of secure development or timely patching.\n\nHowever, a critical concern arises from the output escaping. With 100% of identified outputs being unescaped, there is a significant risk of Cross-Site Scripting (XSS) vulnerabilities. Any user-supplied data that is processed and then displayed back to users without proper sanitization or escaping could be exploited. While the plugin has no identified taint flows or dangerous functions, the unescaped outputs present a clear and actionable security risk that requires immediate attention.\n\nIn conclusion, the plugin's limited attack surface and secure database practices are commendable strengths. Nevertheless, the pervasive lack of output escaping is a major weakness that overshadows these positives and exposes users to XSS attacks. Addressing this output escaping issue should be the top priority.",[186],{"reason":187,"points":188},"All outputs are unescaped, risking XSS",15,"2026-03-16T18:48:49.343Z",{"wat":191,"direct":198},{"assetPaths":192,"generatorPatterns":195,"scriptPaths":196,"versionParams":197},[193,194],"\u002Fwp-content\u002Fplugins\u002Feasy-featured-images\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Feasy-featured-images\u002Fscripts.js",[],[194],[],{"cssClasses":199,"htmlComments":204,"htmlAttributes":205,"restEndpoints":207,"jsGlobals":208,"shortcodeOutput":210},[200,201,202,203],"efi-thumbnail","efi-images","efi-choose-image","efi-remove-image",[],[206],"data-nonce",[],[209],"efi_strings",[]]