[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f-GxXAQUISBqe9WdjjWvFXg5C4hMk0auJFLzGVh0Dt3I":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":13,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":59,"crawl_stats":36,"alternatives":66,"analysis":181,"fingerprints":331},"gf-multi-uploader","Multi Uploader for Gravity Forms","1.1.8","sh1zen","https:\u002F\u002Fprofiles.wordpress.org\u002Fsh1zen\u002F","\u003Cp>This is an advanced upload plugin for those who need a little more than the default multi file upload of Gravity Forms.\u003C\u002Fp>\n\u003Cp>The plugin options page provides you with granular control over many Plupload parameters from file extension filters to chunked uploading and runtimes.\u003C\u002Fp>\n\u003Cp>All files are uploaded to the WordPress media library on successful form submission making for easy access and management.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>FEATURES\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>\u003Cem>Safety:\u003C\u002Fem>\u003C\u002Fstrong> validation of both file extension and mime type.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Cem>Privacy:\u003C\u002Fem>\u003C\u002Fstrong> filenames changed once added to media library.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Cem>Advanced Customization:\u003C\u002Fem>\u003C\u002Fstrong> many options and many hooks to modify any plugin rule.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Cem>Large File Support:\u003C\u002Fem>\u003C\u002Fstrong> enabled by chunked file uploads.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Cem>Media library integration:\u003C\u002Fem>\u003C\u002Fstrong> all files are uploaded to the WordPress media library on successful form submission making for easy access and management.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Cem>Entry list creation integration:\u003C\u002Fem>\u003C\u002Fstrong>  A list of all correctly uploaded files, with relative link.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>DONATIONS\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This plugin is free and always will be, but if you are feeling generous and want to show your support, you can buy me a\u003Cbr \u002F>\nbeer or coffee \u003Ca href=\"https:\u002F\u002Fwww.paypal.com\u002Fdonate?business=dev.sh1zen%40outlook.it&item_name=Thank+you+in+advanced+for+the+kind+donations.+You+will+sustain+me+developing+GF-Multi-Uploader.&currency_code=EUR\" rel=\"nofollow ugc\">here\u003C\u002Fa>, I will really appreciate it.\u003C\u002Fp>\n\u003Ch3>Hooks\u003C\u002Fh3>\n\u003Cp>Filters:\u003Cbr \u002F>\n* ‘gfmu_plugin_locale’\u003Cbr \u002F>\n* ‘gfmu_before_attach_uploads’\u003Cbr \u002F>\n* ‘gfmu_maybe_insert_attachment’\u003Cbr \u002F>\n* ‘gfmu_server_validation_args’\u003Cbr \u002F>\n* ‘gfmu_insert_attachment_args’\u003Cbr \u002F>\n* ‘gfmu_field_options’\u003Cbr \u002F>\n* ‘gfmu_save_entry’\u003C\u002Fp>\n","Chunked Multiple file uploads, from images, videos to pdf. Files stored in WP Media Library.",30,4277,0,"2025-12-16T17:57:00.000Z","6.9.4","5.0","7.4",[19,20,21,22,23],"file-uploader","gravity-forms","gravity-forms-uploader","plupload","uploader","https:\u002F\u002Fgithub.com\u002Fsh1zen\u002Fgf-multi-uploader","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgf-multi-uploader.1.1.8.zip",88,2,"2025-12-11 15:06:36","2026-03-15T15:16:48.613Z",[31,46],{"id":32,"url_slug":33,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":6,"severity":38,"cvss_score":39,"cvss_vector":40,"vuln_type":41,"published_date":28,"updated_date":42,"references":43,"days_to_patch":45},"CVE-2025-14344","multi-uploader-for-gravity-forms-unauthenticated-arbitrary-file-deletion","Multi Uploader for Gravity Forms \u003C= 1.1.7 - Unauthenticated Arbitrary File Deletion","The Multi Uploader for Gravity Forms plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'plupload_ajax_delete_file' function in all versions up to, and including, 1.1.7. This makes it possible for unauthenticated attackers to delete arbitrary files on the server.",null,"\u003C=1.1.7","critical",9.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')","2026-01-06 20:49:27",[44],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F346af237-0411-4cc4-9544-eab697385a2f?source=api-prod",26,{"id":47,"url_slug":48,"title":49,"description":50,"plugin_slug":4,"theme_slug":36,"affected_versions":51,"patched_in_version":52,"severity":38,"cvss_score":39,"cvss_vector":40,"vuln_type":53,"published_date":54,"updated_date":55,"references":56,"days_to_patch":58},"CVE-2025-23921","multi-uploader-for-gravity-forms-unauthenticated-arbitrary-file-upload","Multi Uploader for Gravity Forms \u003C= 1.1.3 - Unauthenticated Arbitrary File Upload","The Multi Uploader for Gravity Forms plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to, and including, 1.1.3. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.","\u003C=1.1.3","1.1.5","Unrestricted Upload of File with Dangerous Type","2025-01-16 00:00:00","2025-04-17 13:22:30",[57],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F43b7e458-73d7-4a02-8184-081654a9f58e?source=api-prod",92,{"slug":7,"display_name":7,"profile_url":8,"plugin_count":60,"total_installs":61,"avg_security_score":62,"avg_patch_time_days":63,"trust_score":64,"computed_at":65},3,140,89,59,80,"2026-04-04T10:36:27.003Z",[67,91,115,133,159],{"slug":68,"name":69,"version":70,"author":71,"author_profile":72,"description":73,"short_description":74,"active_installs":75,"downloaded":76,"rating":77,"num_ratings":78,"last_updated":79,"tested_up_to":15,"requires_at_least":80,"requires_php":17,"tags":81,"homepage":86,"download_link":87,"security_score":88,"vuln_count":89,"unpatched_count":13,"last_vuln_date":90,"fetched_at":29},"multiline-files-for-contact-form-7","MultiLine Files for Contact Form 7","3.1.0","Maulik Vora","https:\u002F\u002Fprofiles.wordpress.org\u002Fzluck\u002F","\u003Cp>\u003Cstrong>MultiLine Files for Contact Form 7\u003C\u002Fstrong> is the ultimate solution for adding multiple file upload functionality to your Contact Form 7 forms. Whether you’re collecting documents, images, videos, or any other file types, this plugin provides a seamless, user-friendly experience that enhances your forms’ capabilities.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Why Choose MultiLine Files for Contact Form 7?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>✅ \u003Cstrong>Unlimited File Uploads\u003C\u002Fstrong> – No restrictions on the number of files users can upload\u003Cbr \u002F>\n✅ \u003Cstrong>Intuitive User Interface\u003C\u002Fstrong> – Clean, responsive design that works on all devices\u003Cbr \u002F>\n✅ \u003Cstrong>Smart File Management\u003C\u002Fstrong> – Users can preview, remove, and manage files before submission\u003Cbr \u002F>\n✅ \u003Cstrong>Automatic ZIP Compression\u003C\u002Fstrong> – All files are automatically compressed into a single ZIP file for easy email delivery\u003Cbr \u002F>\n✅ \u003Cstrong>Advanced Security\u003C\u002Fstrong> – Built-in file type validation, size limits, and security measures\u003Cbr \u002F>\n✅ \u003Cstrong>Easy Integration\u003C\u002Fstrong> – Works seamlessly with Contact Form 7 without complex setup\u003Cbr \u002F>\n✅ \u003Cstrong>Fully Responsive\u003C\u002Fstrong> – Perfect experience on desktop, tablet, and mobile devices\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Perfect For:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Document submission forms\u003C\u002Fli>\n\u003Cli>Portfolio uploads\u003C\u002Fli>\n\u003Cli>Job application forms\u003C\u002Fli>\n\u003Cli>Support ticket systems\u003C\u002Fli>\n\u003Cli>Content submission platforms\u003C\u002Fli>\n\u003Cli>Any form requiring multiple file attachments\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>How to change style?\u003C\u002Fh3>\n\u003Cp>If you want to change our plugin button or others file listing style and apply your custom style please add your custom css in your theme’s css file. Adding style in child theme is recommended. Here I have shown style guide for button and listing. so, you can easily update style of the elements.\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>\u003Cstrong>Buttton style:\u003C\u002Fstrong> \u003Ccode>#mfcf7_zl_add_file { background-color: #004834; }\u003C\u002Fcode>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>‘X’ icon style:\u003C\u002Fstrong> \u003Ccode>.mfcf7_zl_multifilecontainer p .mfcf7_zl_delete_file i { color: azure; }\u003C\u002Fcode>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Selected file name style:\u003C\u002Fstrong> \u003Ccode>.mfcf7-zl-multifile-name { color: black; }\u003C\u002Fcode>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Premium Features\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Upgrade to Pro for Advanced Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>🎯 \u003Cstrong>Multiple Upload Buttons\u003C\u002Fstrong> – Add multiple file upload fields in the same form\u003C\u002Fli>\n\u003Cli>📊 \u003Cstrong>File Limits\u003C\u002Fstrong> – Set minimum and maximum file count limits\u003C\u002Fli>\n\u003Cli>🎨 \u003Cstrong>Custom Positioning\u003C\u002Fstrong> – Change the location of the file list display\u003C\u002Fli>\n\u003Cli>🗑️ \u003Cstrong>Individual File Removal\u003C\u002Fstrong> – Remove files one by one even when selected together\u003C\u002Fli>\n\u003Cli>🚀 \u003Cstrong>Priority Support\u003C\u002Fstrong> – Get faster response times and dedicated support\u003C\u002Fli>\n\u003Cli>🔧 \u003Cstrong>Advanced Customization\u003C\u002Fstrong> – More styling and configuration options\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002F1.envato.market\u002F9W6qL4\" rel=\"nofollow ugc\">Get Pro Version Now\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Need Help?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>📧 \u003Cstrong>Email Support\u003C\u002Fstrong>: Contact us through the WordPress.org support forums\u003C\u002Fli>\n\u003Cli>🐛 \u003Cstrong>Bug Reports\u003C\u002Fstrong>: Report issues on our GitHub repository\u003C\u002Fli>\n\u003Cli>💡 \u003Cstrong>Feature Requests\u003C\u002Fstrong>: Suggest new features via our support channels\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Privacy Policy\u003C\u002Fh3>\n\u003Cp>This plugin does not collect, store, or transmit any personal data. All file uploads are handled locally on your server and are not sent to any third-party services. Files are temporarily stored during form submission and are automatically cleaned up after processing.\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>Developed by \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fzluck\" rel=\"nofollow ugc\">Zluck Solutions\u003C\u002Fa> with ❤️ for the WordPress community.\u003C\u002Fp>\n\u003Ch3>Donate\u003C\u002Fh3>\n\u003Cp>If you find this plugin helpful, please consider \u003Ca href=\"https:\u002F\u002Fwww.buymeacoffee.com\u002Fzluck\" rel=\"nofollow ugc\">buying us a coffee\u003C\u002Fa> to support continued development and maintenance.\u003C\u002Fp>\n","Upload unlimited files to Contact Form 7 with an intuitive interface, file management, and automatic ZIP compression for email delivery.",10000,124058,98,49,"2025-12-15T11:24:00.000Z","5.6",[82,83,19,84,85],"contact-form-7","file-attachment","form-plugin","multiple-file-upload","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmultiline-files-for-contact-form-7\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmultiline-files-for-contact-form-7.3.1.0.zip",99,1,"2024-10-15 00:00:00",{"slug":92,"name":93,"version":94,"author":95,"author_profile":96,"description":97,"short_description":98,"active_installs":99,"downloaded":100,"rating":64,"num_ratings":101,"last_updated":102,"tested_up_to":15,"requires_at_least":103,"requires_php":104,"tags":105,"homepage":110,"download_link":111,"security_score":112,"vuln_count":113,"unpatched_count":60,"last_vuln_date":114,"fetched_at":29},"nmedia-user-file-uploader","Frontend File Manager Plugin","23.6","N-Media","https:\u002F\u002Fprofiles.wordpress.org\u002Fnmedia\u002F","\u003Cp>N-Media Frontend File Manager empowers WordPress users to securely upload files that are accessible only to admins. Each user’s files are stored in a private directory, ensuring only they can download or delete their own files after logging in. To unlock even more advanced control, explore the PRO features below. Use the following shortcode to integrate the plugin on your site: \u003Cstrong>[ffmwp]\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Security Enhancements (v23.6)\u003C\u002Fstrong>\u003Cbr \u002F>\n– Fixed critical email relay vulnerability\u003Cbr \u002F>\n– Enhanced nonce verification across all AJAX functions\u003Cbr \u002F>\n– Added rate limiting for uploads, deletions, and directory creation\u003Cbr \u002F>\n– Improved file type validation and MIME checking\u003Cbr \u002F>\n– Strengthened authorization checks\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Live Demo Instructions\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fnajeebmedia.com\u002Ffilemanager-demo\" rel=\"nofollow ugc\">Click here\u003C\u002Fa> to launch the demo.\u003Cbr \u002F>\n– Once live, go to \u003Cstrong>Settings > NM Demo\u003C\u002Fstrong>.\u003Cbr \u002F>\n– Click \u003Cstrong>Initialize Demo: File Manager\u003C\u002Fstrong> to set up demo pages.\u003Cbr \u002F>\n– Start exploring the plugin’s features!\u003C\u002Fp>\n\u003Ch3>Quick Video Overview\u003C\u002Fh3>\n\u003Cdiv class=\"embed-vimeo\" style=\"text-align: center;\">\u003Ciframe loading=\"lazy\" src=\"https:\u002F\u002Fplayer.vimeo.com\u002Fvideo\u002F285132267\" width=\"750\" height=\"422\" frameborder=\"0\" webkitallowfullscreen mozallowfullscreen allowfullscreen>\u003C\u002Fiframe>\u003C\u002Fdiv>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Secure File Uploading\u003C\u002Fstrong>: Protect files with secure upload and storage.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User-Friendly UI\u003C\u002Fstrong>: Fast, responsive, and visually appealing interface.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Smart Search & Sorting Filters\u003C\u002Fstrong>: Easily locate files with search and filter options.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Detailed File Popups\u003C\u002Fstrong>: View file information at a glance.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customizable File Type & Size Limits\u003C\u002Fstrong>: Set specific upload restrictions.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Labels for Buttons\u003C\u002Fstrong>: Personalize the upload and save buttons.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Real-Time Upload Progress Bar\u003C\u002Fstrong>: Track upload progress visually.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Image Thumbnails\u003C\u002Fstrong>: See previews for image files.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Detailed Admin View\u003C\u002Fstrong>: Manage and view file details in the admin dashboard.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Pro Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Directory Creation\u003C\u002Fstrong>: Users can create custom directories.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Maximum File Upload Control\u003C\u002Fstrong>: Set individual file upload limits.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>File Count Per User\u003C\u002Fstrong>: Limit the number of files each user can upload.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Role-Based File Size Quota\u003C\u002Fstrong>: Define upload quotas based on user roles.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Email Notifications\u003C\u002Fstrong>: Configure alerts for file uploads.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automated Filename Prefixes\u003C\u002Fstrong>: Use timestamp prefixes for file organization.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Guest Uploads\u003C\u002Fstrong>: Allow guest users to upload files.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>File Sharing\u003C\u002Fstrong>: Enable users to share files via email.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>File Grouping\u003C\u002Fstrong>: Organize files into groups for easy access.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Unlimited Download Areas\u003C\u002Fstrong>: Create multiple download sections.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom File Metadata\u003C\u002Fstrong>: Attach custom fields to files, adding valuable context.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Visual Composer Compatibility\u003C\u002Fstrong>: Easily integrate with Visual Composer.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Download Areas\u003C\u002Fh3>\n\u003Cp>The Download Manager feature lets you create unlimited download pages and specify file sources based on user roles, specific users, or groups. Grant access selectively to individual users or entire roles.\u003Cbr \u002F>\n\u003Cdiv class=\"embed-vimeo\" style=\"text-align: center;\">\u003Ciframe loading=\"lazy\" src=\"https:\u002F\u002Fplayer.vimeo.com\u002Fvideo\u002F287895466\" width=\"750\" height=\"422\" frameborder=\"0\" webkitallowfullscreen mozallowfullscreen allowfullscreen>\u003C\u002Fiframe>\u003C\u002Fdiv>\u003C\u002Fp>\n\u003Ch3>Custom File Metadata\u003C\u002Fh3>\n\u003Cp>Admin can create custom metadata fields for files, adding extra detail to each upload. Metadata fields are easy to set up using drag-and-drop functionality and can include:\u003Cbr \u002F>\n– \u003Cstrong>Text\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Textarea\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Select\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Checkbox\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Masked Format (customized)\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Email\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Date Picker\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Image Upload\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Checkbox\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fnajeebmedia.com\u002Fwordpress-plugin\u002Fwp-front-end-file-upload-and-download-manager\u002F\" rel=\"nofollow ugc\">Get the Pro Version\u003C\u002Fa>\u003C\u002Fstrong> to unlock advanced features for a comprehensive file management experience.\u003C\u002Fp>\n","N-Media Frontend File Manager plugin enables WordPress site users to upload, manage, and share files directly from the frontend with secure storage an …",1000,198767,43,"2026-01-28T04:42:00.000Z","3.5","",[19,106,107,108,109],"file-uploaders","front-end-upload","user-files","user-files-manager","https:\u002F\u002Fnajeebmedia.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnmedia-user-file-uploader.23.6.zip",10,25,"2026-02-17 00:00:00",{"slug":116,"name":117,"version":118,"author":119,"author_profile":120,"description":121,"short_description":122,"active_installs":112,"downloaded":123,"rating":13,"num_ratings":13,"last_updated":124,"tested_up_to":125,"requires_at_least":126,"requires_php":127,"tags":128,"homepage":104,"download_link":131,"security_score":132,"vuln_count":13,"unpatched_count":13,"last_vuln_date":36,"fetched_at":29},"file-uploader-tektonic-solutions","File Uploader – Tektonic Solutions","1.0.0","Tektonic Solutions","https:\u002F\u002Fprofiles.wordpress.org\u002Ftektonicsolutions\u002F","\u003Cp>This plugin makes it easy for end users on your website to upload files. You need just need to paste the following shortcode in the page or post content:\u003Cbr \u002F>\n    [tektonic_file_upload]\u003C\u002Fp>\n\u003Cp>For drag-and-drop and other extra features please see the \u003Ca href=\"https:\u002F\u002Fwww.tektonicsolutions.com\u002Fts_plugin\u002Ffile-uploader-pro-with-drag-n-drop\u002F\" rel=\"nofollow ugc\">PRO version\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Features:\u003C\u002Fp>\n\u003Col>\n\u003Cli>File type restriction – you can add any file type from the settings.\u003C\u002Fli>\n\u003Cli>Hotlinking of the images – the user who has just uploaded a file can click the link and go and check it.\u003C\u002Fli>\n\u003Cli>The user can delete the uploaded file if they wish, as long as they don’t refresh the page. \u003C\u002Fli>\n\u003Cli>The plugin includes two types of incrementing progress bar – circular and bar-shape.\u003C\u002Fli>\n\u003Cli>Admin can select whether to show or hide the incrementing progress bar.\u003C\u002Fli>\n\u003Cli>All uploaded files are added to the default upload folder, and can be seen and adminstered in the Media section of the Admin Sidebar.\u003C\u002Fli>\n\u003C\u002Fol>\n","Tektonic Solutions File Uploader plugin lets a logged-in end-user on your website upload files one at a time.",1182,"2019-10-26T16:11:00.000Z","5.2.24","4.8","5.6.30",[19,129,130],"fileupload","page","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffile-uploader-tektonic-solutions.1.0.0.zip",85,{"slug":134,"name":135,"version":136,"author":137,"author_profile":138,"description":139,"short_description":140,"active_installs":141,"downloaded":142,"rating":143,"num_ratings":144,"last_updated":145,"tested_up_to":15,"requires_at_least":146,"requires_php":147,"tags":148,"homepage":154,"download_link":155,"security_score":156,"vuln_count":157,"unpatched_count":13,"last_vuln_date":158,"fetched_at":29},"use-any-font","Use Any Font | Custom Font Uploader","6.3.14","Dnesscarkey","https:\u002F\u002Fprofiles.wordpress.org\u002Fdnesscarkey\u002F","\u003Cp>Upload any custom fonts to give your site an elegant look. Easily change fonts without CSS knowledge or select from 23,871+ predefined fonts to add to your site, including Google fonts stored on your server.\u003C\u002Fp>\n\u003Cp>Click \u003Ca href=\"https:\u002F\u002Fdineshkarki.com.np\u002Fuse-any-font\u002Fdemo\" rel=\"nofollow ugc\">HERE\u003C\u002Fa> for a Use Any Font working demo.\u003C\u002Fp>\n\u003Cp>Use Any Font lets you install custom fonts in your WordPress website. Unlike other font embed services, it doesn’t limit your font choices or store your custom fonts on a remote server. Upload any font format (ttf, otf, woff) and our font uploader auto converts it to woff2 for faster load times and compatibility across all browsers. With our easy-to-use font uploader, you can seamlessly add custom fonts and manage your site’s typography. The plugin supports self-hosted and GDPR-compliant solutions, ensuring your fonts are SEO-friendly and quickly embedded with @font-face.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Easy Font Upload, Supports all browsers : \u003C\u002Fstrong>\u003Cbr \u002F>\nUpload font in one format, all required format for browser compatibily is auto converted by our font convertor. Supports ttf, otf, woff, and woff2 font formats.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Fastest Font Load ( 30% Faster ) : \u003C\u002Fstrong>\u003Cbr \u002F>\nAutomatically convert uploaded custom fonts to compressed woff2 format with Brotli, achieving 30% faster loading.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Easy Font Assign : \u003C\u002Fstrong>\u003Cbr \u002F>\nQuickly assign uploaded font with inbuilt font assign interface. You can select pre defined html tags or assign it to custom css.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>SEO Friendly & GDPR compliant : \u003C\u002Fstrong>\u003Cbr \u002F>\nFonts embedded with @font-face CSS for quick loading and SEO benefits. Custom Fonts are stored on Your Server for Faster Loading and full GDPR compliant \u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Large Font Upload upto 25 MB : \u003C\u002Fstrong>\u003Cbr \u002F>\nSome fonts are larger in size. Our font uploader allows you to upload custom font upto 25 MB. \u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Font Variations : \u003C\u002Fstrong>\u003Cbr \u002F>\nUpload custom fonts with their various styles and weights. \u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Editor and Visual Builder Support : \u003C\u002Fstrong>\u003Cbr \u002F>\nUse uploaded custom fonts from WordPress Editor, Gutenberg Editor,\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Fwww.elegantthemes.com\u002Faffiliates\u002Fidevaffiliate.php?id=39880\" title=\"custom font in Divi builder\" rel=\"nofollow ugc\">Divi Builder\u003C\u002Fa>,\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsiteorigin-panels\u002F\" title=\"Custom font in Site Origin Page Buider\" rel=\"ugc\">Site Origin Page Buider\u003C\u002Fa>,\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Felementor\u002F\" title=\"Elementor Page Builder\" rel=\"ugc\">Elementor Page Builder\u003C\u002Fa>,\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.wpbeaverbuilder.com\u002F?fla=2054&campaign=use-any-font\" title=\"custom font in Beaver Builder\" rel=\"nofollow ugc\">Beaver Builder\u003C\u002Fa>,\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fthemify.me\u002Fmember\u002Faff\u002Fgo\u002Fdnesscarkey\u002F?cr=aHR0cHM6Ly90aGVtaWZ5Lm1lL2J1aWxkZXI=\" title=\"custom font in Themify Builder\" rel=\"nofollow ugc\">Themify Builder\u003C\u002Fa>,\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fthemes\u002Fkadence\u002F\" title=\"custom font in Kadence Theme and Kadence Blocks\" rel=\"ugc\">Kadence Theme and Blocks\u003C\u002Fa>,\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Foxygenbuilder.com\u002F\" title=\"custom font in Oxygen Builder\" rel=\"nofollow ugc\">Oxygen Builder\u003C\u002Fa>,\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fthemes\u002Fgeneratepress\u002F\" title=\"custom font in Generate Press\" rel=\"ugc\">Generate Press\u003C\u002Fa>,\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fthemes\u002Fastra\u002F\" title=\"custom font in Astra Theme\" rel=\"ugc\">Astra Theme\u003C\u002Fa>,\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fthemes\u002Foceanwp\u002F\" title=\"custom font in Revolution Slider\" rel=\"ugc\">Ocean WP Theme\u003C\u002Fa>,\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fbricksbuilder.io\u002F\" title=\"custom font in Bricks Builder\" rel=\"nofollow ugc\">Bricks Builder\u003C\u002Fa>,\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fthemeisle.com\u002F\" title=\"custom font in themeisle neva theme\" rel=\"nofollow ugc\">Themeisle\u003C\u002Fa>,\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fbit.ly\u002F3auJKzt\" title=\"custom font in Revolution Slider\" rel=\"nofollow ugc\">Revolution Slider\u003C\u002Fa>,\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwpbakery.com\u002F\" title=\"custom font in WPBakery Page Builder\" rel=\"nofollow ugc\">WPBakery Page Builder ( Js Composer )\u003C\u002Fa>,\u003Cbr \u002F>\nMore… and any visual builder using the class. \u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Theme Compatibility : \u003C\u002Fstrong>\u003Cbr \u002F>\nCustom fonts uploaded can be directly used from Theme options panel for major themeforest themes like \u003Ca href=\"https:\u002F\u002Fbit.ly\u002F3auJKzt\" rel=\"nofollow ugc\">Avada, X Theme, Flatsome, Salient, Porto, Shopkeeper, Oshine, WPLMS Learning Management System Theme, KLEO, WoodMart, ListingPro, SimpleMag, ROSA 1, 907, Voice, Grand Restaurant, LeadEngine, Service Finder, MagPlus, Hostiko, Adifier, Puca, GreenMart, Reco, VidoRev, Halena and many more known themes. (1000+). Check out full list here.\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Language Support : \u003C\u002Fstrong>\u003Cbr \u002F>\nAssign fonts based on language with WPML and Polylang plugins.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Font Display Property : \u003C\u002Fstrong>\u003Cbr \u002F>\nCSS property managing font loading behavior in @font-face.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Support\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Visit our \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fuse-any-font\u002F\" rel=\"ugc\">Support Forum\u003C\u002Fa> for quick issue resolution.\u003C\u002Fli>\n\u003Cli>Utilize our Facebook Message widget on our website at \u003Ca href=\"https:\u002F\u002Fdineshkarki.com.np\" rel=\"nofollow ugc\">https:\u002F\u002Fdineshkarki.com.np\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Reach out via email using the form found at \u003Ca href=\"https:\u002F\u002Fdineshkarki.com.np\u002Fcontact\" rel=\"nofollow ugc\">https:\u002F\u002Fdineshkarki.com.np\u002Fcontact\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Font Conversion API Usage\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>You need API key to connect to our server for font conversion. Our server converts your font and sends it back. You can get key from \u003Ca href=\"https:\u002F\u002Fdineshkarki.com.np\u002Fuse-any-font\u002Fapi-key\" rel=\"nofollow ugc\">here\u003C\u002Fa>. You can also generate Lite \u002F Test API key from button at top of the plugin page. \u003Cstrong>Note : \u003C\u002Fstrong> Lite \u002F Test API only allow single font conversion.\u003C\u002Fli>\n\u003Cli>Use Any Font uses Font Conversion API developed by Dnesscarkey. Font conversion API helps the plugin to convert the font files in different format (woff, woff2 but not limited to) for faster loading, and multiple browser support. Plugins sends the request to Font conversion server with font files, font conversion server converts it and returns the converted files. Once the conversion is completed, font files are automatically deleted.\u003C\u002Fli>\n\u003Cli>We don’t store your fonts in our server neither any of your information except the API key details. Our server deletes the temporary file after the font upload is complete. Your font files are served from your own server.\u003C\u002Fli>\n\u003Cli>For font conversion, our plugin uses server2.dnesscarkey.org and server3.dnesscarkey.org and it is only dedicated to Use Any Font plugin.\u003C\u002Fli>\n\u003Cli>For Font Conversion API terms and condition. Please visit \u003Ca href=\"https:\u002F\u002Fdineshkarki.com.np\u002Fuse-any-font\u002Fterms-conditions\" rel=\"nofollow ugc\">here\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Installation Video\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FQzGaWIPVwEk?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Integration for Themes \u002F Plugin Developers\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>You can use \u003Cstrong>uaf_get_font_families();\u003C\u002Fstrong> function to get the list of custom fonts uploaded with Use Any Font. You can add it in your font family select box or list.\u003C\u002Fp>\n\u003Cp>\u003Cem>if (function_exists(‘uaf_get_font_families’)){\u003Cbr \u002F>\n    $uaf_font_families = uaf_get_font_families();   \u002F\u002F Returns Array\u003Cbr \u002F>\n}\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>Please do write us after integration and we will add it in our supported list and create a discount code for your users.\u003C\u002Fp>\n","Upload custom fonts with custom font uploader. Auto converts to woff2 for better performance. Self-hosted, GDPR compliant, and easy custom font plugin",200000,7221706,94,1143,"2025-12-20T04:17:00.000Z","4.0","7.0",[149,150,151,152,153],"custom-fonts","font-manager","font-uploader","google-fonts","typography","https:\u002F\u002Fdineshkarki.com.np\u002Fuse-any-font","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuse-any-font.6.3.14.zip",97,4,"2024-09-25 00:00:00",{"slug":160,"name":161,"version":162,"author":163,"author_profile":164,"description":165,"short_description":166,"active_installs":167,"downloaded":168,"rating":169,"num_ratings":170,"last_updated":171,"tested_up_to":15,"requires_at_least":172,"requires_php":17,"tags":173,"homepage":178,"download_link":179,"security_score":180,"vuln_count":13,"unpatched_count":13,"last_vuln_date":36,"fetched_at":29},"gravity-forms-zero-spam","Gravity Forms Zero Spam","1.7.2","GravityKit","https:\u002F\u002Fprofiles.wordpress.org\u002Fgravityview\u002F","\u003Cp>This Gravity Forms add-on blocks spam using a non-obtrusive anti-spam measure and can email a spam report summary.\u003C\u002Fp>\n\u003Ch3>Spam blocking for Gravity Forms\u003C\u002Fh3>\n\u003Cp>To get started, all you need to do is activate the plugin!\u003C\u002Fp>\n\u003Ch3>Is the Gravity Forms honeypot field not working for you? 🍯 🐝\u003C\u002Fh3>\n\u003Cp>Zero Spam is better than the Gravity Forms anti-spam honeypot field. If you’re getting spammed, try this plugin.\u003C\u002Fp>\n\u003Ch3>Use this plugin instead of reCaptcha\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>reCaptcha is user-hostile!\u003C\u002Fstrong> Use this instead! Users don’t need to click stoplights, crosswalks, or bicycles when you use this plugin to stop spam.\u003C\u002Fp>\n\u003Ch3>Enable or disable filtering per form\u003C\u002Fh3>\n\u003Cp>If you only want the plugin for specific forms, that’s possible! The plugin adds a simple “Prevent spam using Gravity Forms Zero Spam” setting to each form (requires Gravity Forms 2.5 or newer).\u003C\u002Fp>\n\u003Ch3>Spam report emails\u003C\u002Fh3>\n\u003Cp>Spam summary report emails are disabled by default. Once enabled, a spam summary that includes the number of entries per-form will be sent via email.\u003C\u002Fp>\n\u003Cp>Choose whether you want to be notified after the number of entries reaches a threshold (e.g. 10 spam entries) or after a certain number of days (e.g. every week). If there are no spam entries, no report will be sent.\u003C\u002Fp>\n\u003Cp>Requires \u003Ca href=\"https:\u002F\u002Fwww.gravityforms.com\u002F?partner_id=1210629&irgwc=1&utm_medium=affiliate&utm_campaign=1210629&utm_source=Katz%20Web%20Services%2C%20Inc.\" rel=\"nofollow ugc\">Gravity Forms\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cem>Brought to you by \u003Ca href=\"https:\u002F\u002Fwww.gravitykit.com?utm_source=plugin&utm_campaign=zero-spam&utm_content=readme\" rel=\"nofollow ugc\">GravityKit\u003C\u002Fa>. We create essential Gravity Forms Add-Ons.\u003C\u002Fem>\u003C\u002Fp>\n","Enhance your Gravity Forms to include anti-spam measures originally based on the work of David Walsh's \"Zero Spam\" technique.",100000,1048908,86,23,"2026-03-12T14:21:00.000Z","4.7",[174,175,20,176,177],"anti-spam","captcha","honeypot","spam","https:\u002F\u002Fwww.gravitykit.com?utm_source=plugin&utm_campaign=zero-spam&utm_content=pluginuri","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgravity-forms-zero-spam.1.7.2.zip",100,{"attackSurface":182,"codeSignals":233,"taintFlows":248,"riskAssessment":313,"analyzedAt":330},{"hooks":183,"ajaxHandlers":208,"restRoutes":229,"shortcodes":230,"cronEvents":231,"entryPointCount":232,"unprotectedCount":232},[184,189,193,198,202],{"type":185,"name":186,"callback":186,"priority":112,"file":187,"line":188},"filter","gform_after_create_post","GFMUAddon.class.php",119,{"type":185,"name":190,"callback":191,"file":187,"line":192},"gform_tooltips","tooltips",143,{"type":194,"name":195,"callback":196,"priority":112,"file":187,"line":197},"action","gform_field_advanced_settings","field_advanced_settings",144,{"type":194,"name":199,"callback":200,"priority":112,"file":187,"line":201},"gform_field_standard_settings","field_standard_settings",145,{"type":194,"name":203,"callback":204,"priority":205,"file":206,"line":207},"gform_loaded","boot",5,"GFMUPluginSetup.php",17,[209,215,217,221,223,227],{"action":210,"nopriv":211,"callback":212,"hasNonce":213,"hasCapCheck":213,"file":187,"line":214},"gfmu-plupload-submit",true,"plupload_ajax_submit",false,127,{"action":210,"nopriv":213,"callback":212,"hasNonce":213,"hasCapCheck":213,"file":187,"line":216},128,{"action":218,"nopriv":211,"callback":219,"hasNonce":213,"hasCapCheck":213,"file":187,"line":220},"gfmu_delete_file","plupload_ajax_delete_file",131,{"action":218,"nopriv":213,"callback":219,"hasNonce":213,"hasCapCheck":213,"file":187,"line":222},132,{"action":224,"nopriv":211,"callback":225,"hasNonce":213,"hasCapCheck":213,"file":187,"line":226},"gfmu_download_file","plupload_ajax_download_file",135,{"action":224,"nopriv":213,"callback":225,"hasNonce":213,"hasCapCheck":213,"file":187,"line":228},136,[],[],[],6,{"dangerousFunctions":234,"sqlUsage":235,"outputEscaping":239,"fileOperations":246,"externalRequests":13,"nonceChecks":89,"capabilityChecks":13,"bundledLibraries":247},[],{"prepared":232,"raw":89,"locations":236},[237],{"file":187,"line":132,"context":238},"$wpdb->query() with variable interpolation",{"escaped":240,"rawEcho":89,"locations":241},52,[242],{"file":243,"line":244,"context":245},"inc\\GFMUHandlePluploader.class.php",104,"raw output",29,[],[249,271,291,305],{"entryPoint":250,"graph":251,"unsanitizedCount":27,"severity":270},"plupload_ajax_delete_file (inc\\GFMUHandlePluploader.class.php:39)",{"nodes":252,"edges":267},[253,258,262],{"id":254,"type":255,"label":256,"file":243,"line":257},"n0","source","$_POST (x2)",68,{"id":259,"type":260,"label":261,"file":243,"line":257},"n1","transform","→ send_ajax_response()",{"id":263,"type":264,"label":265,"file":243,"line":244,"wp_function":266},"n2","sink","echo() [XSS]","echo",[268,269],{"from":254,"to":259,"sanitized":213},{"from":259,"to":263,"sanitized":213},"medium",{"entryPoint":272,"graph":273,"unsanitizedCount":27,"severity":270},"\u003CGFMUHandlePluploader.class> (inc\\GFMUHandlePluploader.class.php:0)",{"nodes":274,"edges":287},[275,278,282,283,285],{"id":254,"type":255,"label":276,"file":243,"line":277},"$_POST",47,{"id":259,"type":264,"label":279,"file":243,"line":280,"wp_function":281},"header() [Header Injection]",155,"header",{"id":263,"type":255,"label":256,"file":243,"line":257},{"id":284,"type":260,"label":261,"file":243,"line":257},"n3",{"id":286,"type":264,"label":265,"file":243,"line":244,"wp_function":266},"n4",[288,289,290],{"from":254,"to":259,"sanitized":211},{"from":263,"to":284,"sanitized":213},{"from":284,"to":286,"sanitized":213},{"entryPoint":292,"graph":293,"unsanitizedCount":89,"severity":270},"handleUpload (inc\\GFMU_FileUploader.php:80)",{"nodes":294,"edges":303},[295,299],{"id":254,"type":255,"label":296,"file":297,"line":298},"$_FILES","inc\\GFMU_FileUploader.php",256,{"id":259,"type":264,"label":300,"file":297,"line":301,"wp_function":302},"fopen() [File Access]",257,"fopen",[304],{"from":254,"to":259,"sanitized":213},{"entryPoint":306,"graph":307,"unsanitizedCount":89,"severity":270},"\u003CGFMU_FileUploader> (inc\\GFMU_FileUploader.php:0)",{"nodes":308,"edges":311},[309,310],{"id":254,"type":255,"label":296,"file":297,"line":298},{"id":259,"type":264,"label":300,"file":297,"line":301,"wp_function":302},[312],{"from":254,"to":259,"sanitized":213},{"summary":314,"deductions":315},"The \"gf-multi-uploader\" v1.1.8 plugin presents a mixed security picture. While it demonstrates good practices in SQL query sanitization and output escaping, with 86% of SQL queries using prepared statements and 98% of outputs properly escaped, significant concerns arise from its attack surface and vulnerability history.  The plugin has a considerable number of AJAX handlers (6) with a critical flaw: all of them lack authentication checks. This means any unauthenticated user can potentially trigger these actions, creating a substantial security risk.\n\nThe taint analysis, while limited in scope with only 4 flows analyzed, highlights 4 flows with unsanitized paths. Although no critical or high severity issues were flagged in this specific analysis, the presence of unsanitized paths is a red flag, especially when combined with the unprotected AJAX endpoints. The vulnerability history is also concerning, with two critical historical CVEs. The types of these vulnerabilities, 'Path Traversal' and 'Unrestricted Upload of File with Dangerous Type,' are severe and directly align with potential risks indicated by the taint analysis and the large number of file operations (29) the plugin performs. The fact that these critical vulnerabilities existed in the past, even if none are currently unpatched, suggests a historical pattern of significant security weaknesses.\n\nIn conclusion, while the plugin shows strengths in data handling, the complete lack of authentication checks on its AJAX endpoints and the historical presence of critical vulnerabilities like path traversal and unrestricted uploads are major weaknesses. These factors, combined with the unsanitized paths identified in the taint analysis, create a high-risk profile for this plugin. Organizations should exercise extreme caution and consider alternative solutions or rigorous security auditing before deploying this plugin.",[316,318,320,323,326,328],{"reason":317,"points":112},"AJAX handlers without auth checks",{"reason":319,"points":112},"Total entry points without auth checks",{"reason":321,"points":322},"Flows with unsanitized paths",8,{"reason":324,"points":325},"Critical CVEs in vulnerability history",20,{"reason":327,"points":205},"Nonce checks missing on entry points",{"reason":329,"points":205},"Capability checks missing on entry points","2026-03-16T22:26:14.336Z",{"wat":332,"direct":351},{"assetPaths":333,"generatorPatterns":341,"scriptPaths":342,"versionParams":343},[334,335,336,337,338,339,340],"\u002Fwp-content\u002Fplugins\u002Fgf-multi-uploader\u002Fassets\u002Fcss\u002Fgfmu-style.css","\u002Fwp-content\u002Fplugins\u002Fgf-multi-uploader\u002Fassets\u002Fjs\u002Fgfmu.js","\u002Fwp-content\u002Fplugins\u002Fgf-multi-uploader\u002Fassets\u002Fjs\u002Fplupload.full.min.js","\u002Fwp-content\u002Fplugins\u002Fgf-multi-uploader\u002Fassets\u002Fjs\u002Fjquery.ui.widget.js","\u002Fwp-content\u002Fplugins\u002Fgf-multi-uploader\u002Fassets\u002Fjs\u002Fjquery.iframe-transport.js","\u002Fwp-content\u002Fplugins\u002Fgf-multi-uploader\u002Fassets\u002Fjs\u002Fjquery.fileupload.js","\u002Fwp-content\u002Fplugins\u002Fgf-multi-uploader\u002Fassets\u002Fjs\u002Fplupload.settings.js",[],[335,336,337,338,339,340],[344,345,346,347,348,349,350],"gf-multi-uploader\u002Fassets\u002Fcss\u002Fgfmu-style.css?ver=","gf-multi-uploader\u002Fassets\u002Fjs\u002Fgfmu.js?ver=","gf-multi-uploader\u002Fassets\u002Fjs\u002Fplupload.full.min.js?ver=","gf-multi-uploader\u002Fassets\u002Fjs\u002Fjquery.ui.widget.js?ver=","gf-multi-uploader\u002Fassets\u002Fjs\u002Fjquery.iframe-transport.js?ver=","gf-multi-uploader\u002Fassets\u002Fjs\u002Fjquery.fileupload.js?ver=","gf-multi-uploader\u002Fassets\u002Fjs\u002Fplupload.settings.js?ver=",{"cssClasses":352,"htmlComments":357,"htmlAttributes":358,"restEndpoints":361,"jsGlobals":362,"shortcodeOutput":364},[353,354,355,356],"gfmu-container","gfmu-file-list","gfmu-file-item","gfmu-upload-wrapper",[],[359,360],"data-gfmu-settings","data-field-id",[],[363],"gfmu_plupload_settings",[]]