[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fa1P5qo6cZXWRXbk1TlDbapHDB-J9UaQp0F_ryb6nmmw":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":49,"crawl_stats":38,"alternatives":55,"analysis":160,"fingerprints":249},"f4-media-taxonomies","F4 Media Taxonomies","1.1.6","FAKTOR VIER","https:\u002F\u002Fprofiles.wordpress.org\u002Ffaktorvier\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.f4dev.ch\" rel=\"nofollow ugc\">F4 Media Taxonomies\u003C\u002Fa> provides the ability to filter the media library by categories, tags and\u002For custom taxonomies.\u003Cbr \u002F>\nYou can use the built-in taxonomies (category or post_tag) or any custom taxonomy.\u003C\u002Fp>\n\u003Cp>If a taxonomy is enabled for attachments, you can assign as many of their terms to an attachment as you need.\u003Cbr \u002F>\nYou can assign them directly in the media library or in every media-selector overlay.\u003Cbr \u002F>\nThere is also a nifty bulk function in the media library, which allows you to assign a single term to multiple attachments at once.\u003C\u002Fp>\n\u003Cp>Attachments can then be filtered by these terms. The filters are available in the media library and in every media-selector overlay.\u003C\u002Fp>\n\u003Cp>Different than other similar plugins, \u003Cstrong>F4 Media Taxonomies is 100% free!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>Usage\u003C\u002Fh4>\n\u003Cp>See FAQ for a guide how to enable categories, tags and custom taxonomies.\u003C\u002Fp>\n\u003Ch4>Features overview\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Use any taxonomy (built-in or custom)\u003C\u002Fli>\n\u003Cli>Assign one or more terms to an attachment in media library\u002Foverlay\u003C\u002Fli>\n\u003Cli>Bulk assign terms to multiple attachments at once in media library\u003C\u002Fli>\n\u003Cli>Filter attachments by terms in media library\u002Foverlay\u003C\u002Fli>\n\u003Cli>Easy to use\u003C\u002Fli>\n\u003Cli>Lightweight and optimized\u003C\u002Fli>\n\u003Cli>100% free!\u003C\u002Fli>\n\u003C\u002Ful>\n","Add filters and bulk actions for attachment categories, tags and custom taxonomies.",1000,25008,100,13,"2025-12-15T16:04:00.000Z","6.9.4","4.5.0","",[20,21,22,23,24],"attachments","bulk-action","filter","library","media","https:\u002F\u002Fgithub.com\u002Ffaktorvier\u002Ff4-media-taxonomies","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ff4-media-taxonomies.1.1.6.zip",99,1,0,"2025-09-03 00:00:00","2026-03-15T15:16:48.613Z",[33],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"CVE-2025-58617","f4-media-taxonomies-missing-authorization","F4 Media Taxonomies \u003C= 1.1.4 - Missing Authorization","The F4 Media Taxonomies plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 1.1.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to perform an unauthorized action.",null,"\u003C=1.1.4","1.1.5","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Missing Authorization","2025-09-09 19:34:45",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Ff98aad51-a08e-4eea-84f7-345f2442081a?source=api-prod",7,{"slug":50,"display_name":7,"profile_url":8,"plugin_count":48,"total_installs":51,"avg_security_score":13,"avg_patch_time_days":52,"trust_score":53,"computed_at":54},"faktorvier",4000,8,94,"2026-04-04T05:42:43.467Z",[56,81,101,122,142],{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":66,"num_ratings":67,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":71,"tags":72,"homepage":77,"download_link":78,"security_score":79,"vuln_count":28,"unpatched_count":28,"last_vuln_date":80,"fetched_at":31},"wow-media-library-fix","Fix Media Library","2.0","wowpress.host","https:\u002F\u002Fprofiles.wordpress.org\u002Fwowpresshost\u002F","\u003Cp>Fix Media Library fixes inconsistency between wp-content\u002Fuploads folder and\u003Cbr \u002F>\ndatabase.\u003Cbr \u002F>\nFixes corrupted Media Library database records.\u003Cbr \u002F>\nDesigned to run smoothly against huge Media Libraries containing hundreds of thousands of images.\u003C\u002Fp>\n\u003Cp>Useful when:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Really old database is used and there are a lot of problems with Media Library found\u003C\u002Fli>\n\u003Cli>New thumbnail sizes are registered\u003C\u002Fli>\n\u003Cli>Some thumbnail sizes are not used anymore (theme change, upgrade), but image files are still exists\u003C\u002Fli>\n\u003Cli>There are Media Library entries present pointing to image files that don’t exist anymore\u003C\u002Fli>\n\u003Cli>Some entries in Media Library are not displayed, while image files are present (_wp_attachment_metadata meta field corrupted)\u003C\u002Fli>\n\u003Cli>There are a lot of images in wp-content\u002Fuploads folder that are no longer used\u003C\u002Fli>\n\u003Cli>There are duplicate attachments pointing to the same image file\u003C\u002Fli>\n\u003Cli>Images are used by website, but you can’t find them in Media Library\u003C\u002Fli>\n\u003Cli>You want to update attachments GUID fields containing old\u002Fstaging urls\u003C\u002Fli>\n\u003Cli>Detects major database corruptions affecting media library functionality\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>At \u003Ca href=\"https:\u002F\u002Fwowpress.host\u002F\" rel=\"nofollow ugc\">WowPress.host\u003C\u002Fa> company we regularly migrate very old databases and clean it up to make sure website using it is running smoothly. Those databases have all different kinds of inconsistencies collected during years or even decades of usage, and Media Library is the most common problematic piece of data here.\u003Cbr \u002F>\nThat plugin helps to solve most common problems related to Media Library data.\u003C\u002Fp>\n\u003Cp>We use a lot of open-source tools in our work, and therefore decided publish our own tools so that those can be used by the community too.\u003C\u002Fp>\n\u003Ch4>Need Help? Found A Bug? Want To Contribute Code?\u003C\u002Fh4>\n\u003Cp>Support for this plugin is provided via the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fwow-media-library-fix\" rel=\"ugc\">WordPress.org forums\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>The source code for this plugin is available on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwowpress-host\u002Fwow-media-library-fix\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Paid support at \u003Ca href=\"https:\u002F\u002Fwowpress.host\u002Fprofessional-services\u002F\" rel=\"nofollow ugc\">WowPress.host\u003C\u002Fa>.\u003C\u002Fp>\n","Fix Media Library inconsistency between database and wp-content\u002Fuploads folder contents. Unused image files, broken media library entries, missing att &hellip;",2000,37302,98,32,"2018-12-18T10:26:00.000Z","5.0.25","4.6","5.3",[20,73,74,75,76],"media-library","post-thumbnail","thumbnail","thumbnails","https:\u002F\u002Fwowpress.host\u002Fplugins\u002Fwow-","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwow-media-library-fix.2.0.zip",63,"2025-12-12 00:00:00",{"slug":82,"name":83,"version":84,"author":85,"author_profile":86,"description":87,"short_description":88,"active_installs":89,"downloaded":90,"rating":91,"num_ratings":14,"last_updated":92,"tested_up_to":93,"requires_at_least":94,"requires_php":71,"tags":95,"homepage":98,"download_link":99,"security_score":100,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"default-media-uploader-view","Default Media Uploader View","1.0.8","leemon","https:\u002F\u002Fprofiles.wordpress.org\u002Fleemon\u002F","\u003Cp>WordPress 3.5 introduced an entirely new media uploader which streamlined the way one handles and uploads images to posts. Unfortunately,\u003Cbr \u002F>\nsince then, the default view for the media library is “All media items” instead of “Uploaded to this post”. This plugin sets “Uploaded to this post” as the default view.\u003C\u002Fp>\n","Sets \"Uploaded to this post\" instead of \"All media items\" as the default view in the media uploader.",600,15387,96,"2019-05-16T09:55:00.000Z","5.2.24","3.5",[96,20,22,24,97],"admin","upload","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdefault-media-uploader-view\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdefault-media-uploader-view.1.0.8.zip",85,{"slug":102,"name":103,"version":104,"author":105,"author_profile":106,"description":107,"short_description":108,"active_installs":109,"downloaded":110,"rating":13,"num_ratings":111,"last_updated":112,"tested_up_to":113,"requires_at_least":114,"requires_php":18,"tags":115,"homepage":119,"download_link":120,"security_score":121,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"easy-image-filters","Easy Image Filters","1.0.3","Kiran Potphode","https:\u002F\u002Fprofiles.wordpress.org\u002Fkiranpotphode\u002F","\u003Cp>Apply variety of filters and effects to image from Media library. Easy Image Filters allow you to easily manipulate images from your library.\u003Cbr \u002F>\nSaves new images directly to media library without affecting original image.From variety of available filters and presets you can create cool effects on images.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Easy image manipulation without leaving your site admin area.\u003C\u002Fli>\n\u003Cli>Plenty of filter options.\u003C\u002Fli>\n\u003Cli>Choose preset to quickly apply predefined effects.\u003C\u002Fli>\n\u003Cli>Save manipulated image directly to Media Library.\u003C\u002Fli>\n\u003Cli>Simple interface to efficiently manipulate on image.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>This plugin is implemented using \u003Ca href=\"http:\u002F\u002Fcamanjs.com\u002F\" rel=\"nofollow ugc\">CamanJS\u003C\u002Fa>.\u003C\u002Fp>\n","Add cool filters and effects to images without leaving site admin screen. Save new image without loosing original.",400,8875,2,"2024-05-04T10:35:00.000Z","6.5.8","4.0",[116,117,22,118,73],"colorize","effects","image","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Feasy-image-filters","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feasy-image-filters.1.0.3.zip",92,{"slug":123,"name":124,"version":125,"author":126,"author_profile":127,"description":128,"short_description":129,"active_installs":130,"downloaded":131,"rating":132,"num_ratings":48,"last_updated":133,"tested_up_to":134,"requires_at_least":135,"requires_php":18,"tags":136,"homepage":140,"download_link":141,"security_score":100,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"upgrade-for-unattach-re-attach-media-attachments","Upgrade for Unattach and Re-attach Media Attachments","1.2.2","laurencebahiirwa","https:\u002F\u002Fprofiles.wordpress.org\u002Flaurencebahiirwa\u002F","\u003Cp>WordPress allows to attach (or assign) images and other attachments organized within the Media Library to posts and pages.\u003C\u002Fp>\n\u003Cp>A file will automatically be attached to a particular post when uploaded using the Add media button in that post. There are also “Attach” links in the Media Library to manually attach files to posts. Once attached there is no way to unattach or re-attach images, pdfs or any attachment in WordPress core.\u003C\u002Fp>\n\u003Cp>This plugin fills this gap by providing two additional links next to “Attach” in the \u003Cstrong>Media Library\u003C\u002Fstrong>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Re-Attach\u003C\u002Fstrong>: Allows user to choose a new post to attach the media file.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Unattach\u003C\u002Fstrong>: Totally removes an existing relation between an attachment and a post.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Bulk Actions\u003C\u002Fh3>\n\u003Cp>The plugin also provides bulk actions for unattaching and re-attaching multiple files at once! Just mark the files you want to change, select your desired action from the \u003Cem>Bulk Actions\u003C\u002Fem> dropdown and hit \u003Cem>Apply\u003C\u002Fem>.\u003C\u002Fp>\n\u003Ch3>Note\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fstackoverflow.com\u002Fquestions\u002F45690582\u002Fimage-post-attachments-not-specific-to-post\u002F45705413#45705413\" rel=\"nofollow ugc\">My initial issue came from here\u003C\u002Fa>. Thanks to \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Funattach-and-re-attach-attachments\u002F\u002F\" rel=\"ugc\">Unattach and Re-attach Media Attachments\u003C\u002Fa> which inspired this plugin. Just adding upgrades of the code to the latter so it is safer for use and have fixed some bugs.\u003C\u002Fp>\n","Allows to unattach and reattach images and other attachments from within the media library page.",300,8933,88,"2022-06-21T09:17:00.000Z","6.0.11","4.9",[20,73,137,138,139],"re-attach","unattach","upgrade","https:\u002F\u002Fgithub.com\u002Fbahiirwa\u002FUpgrade-for-Unattach-Re-Attach-Media-Attachments\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fupgrade-for-unattach-re-attach-media-attachments.1.2.2.zip",{"slug":143,"name":144,"version":145,"author":146,"author_profile":147,"description":148,"short_description":149,"active_installs":130,"downloaded":150,"rating":13,"num_ratings":28,"last_updated":151,"tested_up_to":152,"requires_at_least":153,"requires_php":18,"tags":154,"homepage":158,"download_link":159,"security_score":100,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"va-removing-exif","VA Removing Exif","1.0.1","kuck1u","https:\u002F\u002Fprofiles.wordpress.org\u002Fkuck1u\u002F","\u003Cp>Automatically remove all Exif data from the new JPEG images when uploading. Please note that already uploaded images will not be processed. If you want to delete Exif from the already uploaded image, please generate thumbnail image again with “\u003Ca href=\"https:\u002F\u002Fja.wordpress.org\u002Fplugins\u002Fregenerate-thumbnails\u002F\" rel=\"nofollow ugc\">Regenerate Thumbnails\u003C\u002Fa>” etc.\u003C\u002Fp>\n\u003Ch4>How to use\u003C\u002Fh4>\n\u003Cp>Usage is easy. Just activate the plugin. This plugin requires PHP modules of the ImageMagick or GD.\u003C\u002Fp>\n\u003Ch4>Requires\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WordPress 4.4+\u003C\u002Fli>\n\u003Cli>PHP 5.4+ & ImageMagick or GD modules\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Contribute\u003C\u002Fh4>\n\u003Cp>You can fork the plugin from \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fvisualive\u002Fva-removing-exif\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Attention\u003C\u002Fh4>\n\u003Cp>This plugin is intended to save your privacy and should not be used for illegal activity like copyright violations.\u003C\u002Fp>\n","Automatically remove all Exif data from the new JPEG images when uploading.",11441,"2016-12-19T05:40:00.000Z","4.7.32","4.4",[155,20,156,73,157],"attachment","exif","privacy","https:\u002F\u002Fgithub.com\u002Fvisualive\u002Fva-removing-exif","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fva-removing-exif.zip",{"attackSurface":161,"codeSignals":223,"taintFlows":236,"riskAssessment":237,"analyzedAt":248},{"hooks":162,"ajaxHandlers":212,"restRoutes":220,"shortcodes":221,"cronEvents":222,"entryPointCount":111,"unprotectedCount":111},[163,169,171,173,177,180,183,186,189,192,194,197,200,204,207,210],{"type":164,"name":165,"callback":166,"file":167,"line":168},"action","init","anonymous","modules\\Core\\Hooks.php",22,{"type":164,"name":165,"callback":166,"file":167,"line":170},23,{"type":164,"name":165,"callback":166,"priority":27,"file":167,"line":172},24,{"type":164,"name":174,"callback":166,"priority":175,"file":167,"line":176},"admin_enqueue_scripts",50,25,{"type":164,"name":178,"callback":166,"priority":66,"file":167,"line":179},"F4\u002FMT\u002FCore\u002Fset_constants",26,{"type":164,"name":181,"callback":166,"file":167,"line":182},"admin_head",28,{"type":164,"name":184,"callback":166,"file":167,"line":185},"customize_controls_print_scripts",29,{"type":164,"name":174,"callback":166,"priority":187,"file":167,"line":188},60,30,{"type":164,"name":190,"callback":166,"file":167,"line":191},"restrict_manage_posts",31,{"type":164,"name":193,"callback":166,"file":167,"line":67},"load-upload.php",{"type":164,"name":195,"callback":166,"file":167,"line":196},"admin_notices",33,{"type":22,"name":198,"callback":166,"priority":28,"file":167,"line":199},"attachment_fields_to_edit",34,{"type":22,"name":201,"callback":166,"priority":202,"file":167,"line":203},"update_post_term_count_statuses",10,35,{"type":164,"name":205,"callback":166,"priority":175,"file":167,"line":206},"elementor\u002Feditor\u002Fafter_enqueue_scripts",39,{"type":164,"name":205,"callback":166,"priority":208,"file":167,"line":209},55,40,{"type":164,"name":205,"callback":166,"priority":187,"file":167,"line":211},41,[213,217],{"action":214,"nopriv":215,"callback":166,"hasNonce":215,"hasCapCheck":215,"file":167,"line":216},"f4-media-taxonomies-add-term",false,36,{"action":218,"nopriv":215,"callback":166,"hasNonce":215,"hasCapCheck":215,"file":167,"line":219},"f4-media-taxonomies-search-terms",37,[],[],[],{"dangerousFunctions":224,"sqlUsage":225,"outputEscaping":227,"fileOperations":29,"externalRequests":29,"nonceChecks":234,"capabilityChecks":111,"bundledLibraries":235},[],{"prepared":29,"raw":29,"locations":226},[],{"escaped":28,"rawEcho":111,"locations":228},[229,232],{"file":167,"line":230,"context":231},167,"raw output",{"file":167,"line":233,"context":231},310,3,[],[],{"summary":238,"deductions":239},"The \"f4-media-taxonomies\" plugin v1.1.6 exhibits a mixed security posture.  While it demonstrates good practices by utilizing prepared statements for all SQL queries, performing nonce checks on its entry points, and implementing capability checks, there are significant areas of concern.  The presence of two AJAX handlers without any authentication checks creates a substantial attack surface that is unprotected. This directly exposes these handlers to potential manipulation by unauthenticated users, leading to an elevated risk of unauthorized actions or information disclosure.  The static analysis also indicates that only a third of output escaping is properly handled, which could lead to cross-site scripting (XSS) vulnerabilities if user-supplied data is involved in these outputs.\n\nThe plugin's vulnerability history, though currently showing no unpatched issues, reveals a past medium-severity vulnerability attributed to missing authorization. This pattern, coupled with the identified unprotected AJAX handlers, suggests a recurring weakness in authorization enforcement within the plugin.  The absence of taint analysis results means we cannot assess the risk of sensitive data being handled improperly within the codebase.  In conclusion, the plugin has strengths in its database interaction and some security implementations, but the unprotected AJAX endpoints and the historical authorization issues present a notable risk that requires immediate attention.",[240,242,245],{"reason":241,"points":202},"2 AJAX handlers without auth checks",{"reason":243,"points":244},"Only 33% of output escaping properly handled",6,{"reason":246,"points":247},"Missing authorization in vulnerability history",5,"2026-03-16T18:56:36.010Z",{"wat":250,"direct":259},{"assetPaths":251,"generatorPatterns":254,"scriptPaths":255,"versionParams":256},[252,253],"\u002Fwp-content\u002Fplugins\u002Ff4-media-taxonomies\u002Fassets\u002Fjs\u002Ffilter.js","\u002Fwp-content\u002Fplugins\u002Ff4-media-taxonomies\u002Fassets\u002Fjs\u002Fbulk.js",[],[252,253],[257,258],"f4-media-taxonomies\u002Fassets\u002Fjs\u002Ffilter.js?ver=","f4-media-taxonomies\u002Fassets\u002Fjs\u002Fbulk.js?ver=",{"cssClasses":260,"htmlComments":261,"htmlAttributes":262,"restEndpoints":263,"jsGlobals":266,"shortcodeOutput":268},[],[],[],[264,265],"\u002Fwp-json\u002Ff4-media-taxonomies\u002Fv1\u002Fadd-term","\u002Fwp-json\u002Ff4-media-taxonomies\u002Fv1\u002Fsearch-terms",[267],"f4MediaTaxonomy",[]]