[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fsTCqWRpu19H7J5MGawwVNkJz2oSJx5KVwvt3_-sMYbc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":47,"crawl_stats":37,"alternatives":54,"analysis":151,"fingerprints":240},"import-cdn-remote-images","Import CDN-Remote Images","2.1.3","Atakan Au","https:\u002F\u002Fprofiles.wordpress.org\u002Fatakanau\u002F","\u003Cp>By default, adding an image to the WordPress media library requires you to import or upload the image to the WordPress site, which means there must be a copy of the image file stored in the site. This plugin enables you to add an image stored in an external site to the media library by just reading list of remote images using CDN service’s (Cloudinary) API. In this way you can host the images in a dedicated server other than the WordPress site, and still be able to show them by various gallery plugins which only take images from the media library.\u003C\u002Fp>\n\u003Cp>The plugin provides a dedicated ‘Media’ -> ‘Import images’ submenu page.\u003C\u002Fp>\n\u003Cp>Supported CDN services:\u003Cbr \u002F>\n* Cloudinary\u003Cbr \u002F>\n(others coming soon)\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fatakanau.blogspot.com\u002F2020\u002F10\u002Fimport-cdn-remote-images-wp-plugin.html?utm_content=textlink&utm_medium=link&utm_source=wporg&utm_campaign=import-cdn-remote-images-desc\" rel=\"nofollow ugc\">Blog and feedback\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Need a custom work?\u003Cbr \u002F>\nIf you need template customization, optimization or custom software development service, please \u003Ca href=\"https:\u002F\u002Fbit.ly\u002Faaucontact1\" rel=\"nofollow ugc\">contact me\u003C\u002Fa>.\u003C\u002Fp>\n","Add external images to the media library without importing, i.e. uploading them to your WordPress site.",100,5029,4,"2025-07-10T17:13:00.000Z","6.8.5","4.7.4","5.6",[19,20,21,22,23],"cdn-image","cloudinary","external-media","remote-image","remote-media","https:\u002F\u002Fatakanau.blogspot.com\u002F2020\u002F10\u002Fimport-cdn-remote-images-wp-plugin.html","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fimport-cdn-remote-images.2.1.3.zip",99,1,0,"2025-07-16 00:00:00","2026-03-15T15:16:48.613Z",[32],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":6,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":29,"updated_date":43,"references":44,"days_to_patch":46},"CVE-2025-48153","import-cdn-remote-images-cross-site-request-forgery","Import CDN-Remote Images \u003C= 2.1.2 - Cross-Site Request Forgery","The Import CDN-Remote Images plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.2. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to perform an unauthorized action granted they can trick a site administrator into performing an action such as clicking on a link.",null,"\u003C=2.1.2","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Cross-Site Request Forgery (CSRF)","2025-07-21 21:13:25",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F0af3c74e-af3e-4dd5-9612-b1a573737276?source=api-prod",6,{"slug":48,"display_name":7,"profile_url":8,"plugin_count":49,"total_installs":50,"avg_security_score":11,"avg_patch_time_days":51,"trust_score":52,"computed_at":53},"atakanau",10,2230,27,94,"2026-04-04T16:04:08.753Z",[55,76,97,117,136],{"slug":56,"name":57,"version":58,"author":59,"author_profile":60,"description":61,"short_description":62,"active_installs":63,"downloaded":64,"rating":65,"num_ratings":66,"last_updated":67,"tested_up_to":15,"requires_at_least":68,"requires_php":17,"tags":69,"homepage":74,"download_link":75,"security_score":11,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"auto-cloudinary","Auto Cloudinary","1.3.1","Junaid Bhura","https:\u002F\u002Fprofiles.wordpress.org\u002Fjunaidbhura\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fjunaidbhura\u002Fauto-cloudinary\" rel=\"nofollow ugc\">Check out the Github Repository ♥\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>This plugin provides a \u003Cstrong>super simple\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fcloudinary.com\u002Fdocumentation\u002Ffetch_remote_images#auto_upload_remote_resources\" rel=\"nofollow ugc\">Cloudinary auto-upload\u003C\u002Fa> implementation for WordPress.\u003C\u002Fp>\n\u003Cp>It is inspired by \u003Ca href=\"https:\u002F\u002Fdeveloper.wordpress.com\u002Fdocs\u002Fphoton\u002F\" rel=\"nofollow ugc\">Photon\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fhumanmade\u002Ftachyon-plugin\" rel=\"nofollow ugc\">Tachyon\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Cloudinary will \u003Cstrong>automatically fetch and serve the images\u003C\u002Fstrong> from your media library like a \u003Cstrong>CDN\u003C\u002Fstrong>, without you having to worry about the complicated upload API! Just \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fjunaidbhura\u002Fauto-cloudinary\u002Fwiki\u002FSetup\" rel=\"nofollow ugc\">set up auto-upload\u003C\u002Fa> in your Cloudinary settings, enter the details in the plugin’s options, and you’re all set!\u003C\u002Fp>\n\u003Cp>Easy peasy 😎\u003C\u002Fp>\n\u003Ch3>Important\u003C\u002Fh3>\n\u003Cp>This plugin is \u003Cstrong>incompatible with the official Cloudinary plugin\u003C\u002Fstrong>. You’d need to disable that plugin before using this one.\u003C\u002Fp>\n\u003Ch3>Quick Links\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fjunaidbhura\u002Fauto-cloudinary\u002Fwiki\u002FSetup\" rel=\"nofollow ugc\">Setup\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fjunaidbhura\u002Fauto-cloudinary\u002Fissues\" rel=\"nofollow ugc\">Issues\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fjunaidbhura\u002Fauto-cloudinary\u002Fwiki\u002FFunctions\" rel=\"nofollow ugc\">Functions\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fjunaidbhura\u002Fauto-cloudinary\u002Fwiki\u002FFilters\" rel=\"nofollow ugc\">Filters\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fjunaidbhura\u002Fauto-cloudinary\u002Fwiki\u002FBest-Practices\" rel=\"nofollow ugc\">Best Practices\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Why did you build this plugin?\u003C\u002Fh3>\n\u003Cp>There already is an \u003Cstrong>official Cloudinary plugin\u003C\u002Fstrong> available. But in my opinion, it’s a bit of an overkill and takes over the admin UI. This plugin aims to be:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Super simple\u003C\u002Fstrong> and light-weight\u003C\u002Fli>\n\u003Cli>Totally seamless and \u003Cstrong>out of the way\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>A flexible tool for \u003Cstrong>WordPress developers\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>What is Cloudinary Auto-Upload?\u003C\u002Fh3>\n\u003Cp>Cloudinary gives you two options to upload files to it’s servers:\u003C\u002Fp>\n\u003Col>\n\u003Cli>The complicated \u003Cstrong>Upload API\u003C\u002Fstrong> 😱\u003C\u002Fli>\n\u003Cli>The super easy and magical \u003Cstrong>Fetch API\u003C\u002Fstrong> 🎩\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Upload API\u003C\u002Fh4>\n\u003Cp>\u003Cem>TL;DR: Too complicated and in the way\u003C\u002Fem> 👎\u003C\u002Fp>\n\u003Cp>Cloudinary gives you an API, using which, you can manually upload the images to Cloudinary. So you’d need an \u003Cstrong>API key\u003C\u002Fstrong>, etc. The \u003Cstrong>official plugin\u003C\u002Fstrong> uses this method. When you upload an image to the media library, it in turn, uploads it to Cloudinary. This could be a problem if you have thousands of \u003Cstrong>existing images\u003C\u002Fstrong>, and might not be flexible enough to support \u003Cstrong>custom architecture\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Ch4>Fetch API\u003C\u002Fh4>\n\u003Cp>\u003Cem>TL;DR: Magical\u003C\u002Fem> 👍\u003C\u002Fp>\n\u003Cp>This plugin uses the super easy \u003Cstrong>Auto-Upload\u003C\u002Fstrong> feature in the \u003Cstrong>Fetch API\u003C\u002Fstrong>. We just tell Cloudinary where to find the files on our server (or on S3 or anywhere on the Internet), and it \u003Cstrong>automatically downloads\u003C\u002Fstrong> it from there and saves it on to it’s servers the \u003Cstrong>first time you ask for it\u003C\u002Fstrong>, like a CDN would!\u003C\u002Fp>\n\u003Ch3>What does this plugin do?\u003C\u002Fh3>\n\u003Cp>This plugin does two main things:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Provides a simple function \u003Ccode>cloudinary_url()\u003C\u002Fcode> to get a Cloudinary auto-upload URL for any image in your media library, with all the Cloudinary transformations, so you can \u003Cstrong>dynamically manipulate an image on the fly\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>Attempts to automatically convert all image URLs on the front-end into a Cloudinary auto-upload URL, so you can \u003Cstrong>use Cloudinary as an image CDN\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>The magical function 🎩\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>\u003Ccode>cloudinary_url( $identifier, $args )\u003C\u002Fcode>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This function returns a Cloudinary Auto Upload URL for an image. Please read the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fjunaidbhura\u002Fauto-cloudinary\u002Fwiki\u002FBest-Practices\" rel=\"nofollow ugc\">Best Practices\u003C\u002Fa> page before using this.\u003C\u002Fp>\n\u003Ch4>Parameters\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>identifier\u003C\u002Fstrong> (integer\u002Fstring)(required) : Either the ID of the attachment, or a full image URL.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>args\u003C\u002Fstrong> (array)(optional) : Arguments to manipulate the image.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Return Value\u003C\u002Fh4>\n\u003Cp>Returns a URL (string):\u003C\u002Fp>\n\u003Cpre>\u003Ccode>'https:\u002F\u002Fres.cloudinary.com\u002Fcloud-name\u002Fauto-mapping-folder\u002F2017\u002F12\u002Fyour-image.jpg'\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Arguments\u003C\u002Fh4>\n\u003Cp>You can optionally send an array of arguments which can transform the image, and set a dynamic file name. Ex:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>array(\n    'transform' => array( \u002F\u002F Optional. All transformations go here.\n        'width'   => 300,\n        'height'  => 200,\n        'crop'    => 'fill',\n        'quality' => '80',\n        'gravity' => 'face',\n    ),\n    'file_name' => 'whatever-file-name-you-want', \u002F\u002F Optional. If you want to use a dynamic file name for SEO. Don't use the file extension!\n);\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Here’s a \u003Ca href=\"https:\u002F\u002Fcloudinary.com\u002Fdocumentation\u002Fimage_transformations\" rel=\"nofollow ugc\">full list of transformations\u003C\u002Fa> you can achieve with Cloudinary.\u003C\u002Fp>\n\u003Ch3>Examples\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>\u003C?php\n$url_1 = cloudinary_url( 123, array(\n    'transform' => array(\n        'width'   => 300,\n        'height'  => 200,\n        'crop'    => 'fill',\n        'quality' => '80',\n        'gravity' => 'face',\n    ),\n    'file_name' => 'dynamic-file-name',\n) );\n\n$url_2 = cloudinary_url( 'https:\u002F\u002Fwww.yourwebsite.com\u002Fwp-content\u002Fuploads\u002F2017\u002F12\u002Fmy-image.jpg', array(\n    'transform' => array(\n        'width'   => 100,\n        'height'  => 100,\n    ),\n) );\n\n\u002F\u002F $url_1 : https:\u002F\u002Fres.cloudinary.com\u002Fcloud-name\u002Fimages\u002Fw_300,h_200,c_fill,q_80,g_face\u002Fauto-mapping-folder\u002F2017\u002F12\u002Fmy-image\u002Fdynamic-file-name.jpg\n\u002F\u002F $url_2 : https:\u002F\u002Fres.cloudinary.com\u002Fcloud-name\u002Fw_100,h_100\u002Fauto-mapping-folder\u002F2017\u002F12\u002Fmy-image.jpg\n?>\n\n\u003Cimg src=\"\u003C?php echo esc_url( $url_1 ); ?>\" width=\"300\" height=\"200\" alt=\"\">\n\u003Cimg src=\"\u003C?php echo esc_url( $url_2 ); ?>\" width=\"100\" height=\"100\" alt=\"\">\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Super simple Cloudinary auto-upload implementation for WordPress.",200,32236,88,14,"2025-09-19T11:42:00.000Z","4.4",[70,20,71,72,73],"cdn","dynamic-images","image-manipulation","image-optimization","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fauto-cloudinary.1.3.1.zip",{"slug":77,"name":78,"version":79,"author":80,"author_profile":81,"description":82,"short_description":83,"active_installs":84,"downloaded":85,"rating":86,"num_ratings":13,"last_updated":87,"tested_up_to":88,"requires_at_least":89,"requires_php":74,"tags":90,"homepage":94,"download_link":95,"security_score":96,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"auto-save-remote-images","Auto Save Remote Image","1.3","prebhdevsingh","https:\u002F\u002Fprofiles.wordpress.org\u002Fprebhdevsingh\u002F","\u003Cp>The purpose of this plugin is very simple – when a post is published, it will fetch the first remote\u002Fexternal image that is referenced.  The image that is retrieved is then attached to the post as the featured image.  There are no settings to configure.\u003C\u002Fp>\n\u003Cp>Please do not use this plugin to violate copyrights.\u003C\u002Fp>\n\u003Cp>Sample uses: You maintain multiple blogs; copy paste the post contents from one blog to the other and this plugin will automatically save the first external image to the second blog.  There is no need to re-upload images to multiple sites.\u003C\u002Fp>\n\u003Cp>This plugin can also retrieve and save images from sites like Flickr, Facebook, Picasa, etc.\u003C\u002Fp>\n","This plugin automatically downloads the first remote image from a post and sets it as the featured image.",60,17582,86,"2012-11-08T23:43:00.000Z","3.4.2","3.0",[91,92,93,22],"attachment","auto-download","featured","http:\u002F\u002Fwww.devsaab.com\u002Fwordpress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fauto-save-remote-images.1.3.zip",85,{"slug":98,"name":99,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":105,"downloaded":106,"rating":86,"num_ratings":107,"last_updated":108,"tested_up_to":109,"requires_at_least":89,"requires_php":74,"tags":110,"homepage":115,"download_link":116,"security_score":96,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"archive-remote-images","Archive Remote Images","1.0.7","kasonzhao","https:\u002F\u002Fprofiles.wordpress.org\u002Fkasonzhao\u002F","\u003Cp>Archive Remote Images allows you to scan a post to fetch remote images; then updates its content automatically.\u003C\u002Fp>\n\u003Cp>A new metabox will appear when editing a post.\u003Cbr \u002F>\nIf “Archive Remote Images” is checked, the plugin will grab all remote images and update the content when saving that post.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Settings page with lot of options (see screenshot #2)\u003C\u002Fli>\n\u003Cli>Several hooks allow advanced users to change the plugin’s behaviour.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Contributors\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fgordielachance\u002Farchive-remote-images\u002Fcontributors\" rel=\"nofollow ugc\">Contributors are listed here\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Notes\u003C\u002Fh4>\n\u003Cp>For feature request and bug reports, \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Farchive-remote-images#postform\" rel=\"ugc\">please use the forums\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>If you are a plugin developer, \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fgordielachance\u002Farchive-remote-images\" rel=\"nofollow ugc\">we would like to hear from you\u003C\u002Fa>. Any contribution would be very welcome.\u003C\u002Fp>\n","Archive Remote Images allows you to scan a post to fetch remote images; then updates its content automatically.",50,9084,3,"2015-02-27T08:01:00.000Z","4.0.38",[98,111,112,113,114],"auto-save-images","cache-images","grab-images","image-archive","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Farchive-remote-images","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Farchive-remote-images.zip",{"slug":118,"name":119,"version":120,"author":121,"author_profile":122,"description":123,"short_description":124,"active_installs":105,"downloaded":125,"rating":28,"num_ratings":28,"last_updated":126,"tested_up_to":127,"requires_at_least":128,"requires_php":74,"tags":129,"homepage":74,"download_link":135,"security_score":96,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"grab-image-from-remote-url","Grab Image From Remote URL","1.0","mrcook76","https:\u002F\u002Fprofiles.wordpress.org\u002Fmrcook76\u002F","\u003Cp>Grab Image From Remote URL plugin simply allows you to download image from Remote URL to save fully compatible WordPress Media Gallery. It also generates thumbnails and supports renaming the filename and title of the grabbed image.\u003C\u002Fp>\n\u003Cp>Location of the Plugin:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Under the “Media” tab, click “Grab URL”.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>List of Features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Direct Image Download from Remote URL\u003C\u002Fli>\n\u003Cli>(Optional) Filename renaming\u003C\u002Fli>\n\u003Cli>(Optional) Title renaming\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Influenced by \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsave-import-image-from-url\u002F\" rel=\"ugc\">Save & Import Image from URL\u003C\u002Fa> plugin, but more advanced security, filename and title renaming.\u003C\u002Fli>\n\u003C\u002Ful>\n","Allows you to download image from Remote URL to save Wordpress Media Gallery.",1990,"2018-10-04T06:31:00.000Z","4.9.29","4.0.0",[130,131,132,133,134],"image","image-grabber","remote-image-uploader","remote-upload","remote-url","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgrab-image-from-remote-url.zip",{"slug":137,"name":138,"version":139,"author":140,"author_profile":141,"description":142,"short_description":143,"active_installs":49,"downloaded":144,"rating":28,"num_ratings":28,"last_updated":145,"tested_up_to":146,"requires_at_least":89,"requires_php":74,"tags":147,"homepage":148,"download_link":149,"security_score":96,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":150},"lh-cache-remote-images","LH Cache Remote Images","1.04","shawfactor","https:\u002F\u002Fprofiles.wordpress.org\u002Fshawfactor\u002F","\u003Cp>LH Cache Remote Images allows you to scan a post, page, or cpt to fetch remote images; then updates its content.\u003C\u002Fp>\n\u003Cp>Unlike other similar plugins this plugin adds the images and updates post_content asynchronously. Thus ensuring the publishing experience is not slowed down.\u003C\u002Fp>\n","LH Cache Remote Images allows you to scan a post to fetch remote images; then updates its content automatically.",1969,"2017-10-08T02:14:00.000Z","4.8.28",[98,111,112,113,114],"https:\u002F\u002Flhero.org\u002Fplugins\u002Flh-cache-remote-images\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flh-cache-remote-images.zip","2026-03-15T14:54:45.397Z",{"attackSurface":152,"codeSignals":182,"taintFlows":228,"riskAssessment":229,"analyzedAt":239},{"hooks":153,"ajaxHandlers":173,"restRoutes":179,"shortcodes":180,"cronEvents":181,"entryPointCount":27,"unprotectedCount":28},[154,160,164,169],{"type":155,"name":156,"callback":157,"file":158,"line":159},"action","plugins_loaded","aauicri_load_textdomain","import-cdn-remote-images.php",90,{"type":155,"name":161,"callback":162,"file":158,"line":163},"admin_menu","ui",103,{"type":165,"name":166,"callback":167,"priority":49,"file":158,"line":168},"filter","plugin_row_meta","aauicri_plugin_meta_links",108,{"type":155,"name":170,"callback":171,"file":158,"line":172},"admin_init","init_admin",111,[174],{"action":175,"nopriv":176,"callback":175,"hasNonce":177,"hasCapCheck":176,"file":158,"line":178},"aauicri_admin_ajax",false,true,105,[],[],[],{"dangerousFunctions":183,"sqlUsage":184,"outputEscaping":187,"fileOperations":28,"externalRequests":107,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":227},[],{"prepared":185,"raw":28,"locations":186},2,[],{"escaped":188,"rawEcho":189,"locations":190},44,20,[191,194,195,197,199,201,203,204,206,208,209,211,213,215,217,219,221,223,224,225],{"file":158,"line":192,"context":193},563,"raw output",{"file":158,"line":192,"context":193},{"file":158,"line":196,"context":193},568,{"file":158,"line":198,"context":193},613,{"file":158,"line":200,"context":193},614,{"file":158,"line":202,"context":193},653,{"file":158,"line":202,"context":193},{"file":158,"line":205,"context":193},702,{"file":158,"line":207,"context":193},703,{"file":158,"line":207,"context":193},{"file":158,"line":210,"context":193},704,{"file":158,"line":212,"context":193},705,{"file":158,"line":214,"context":193},706,{"file":158,"line":216,"context":193},707,{"file":158,"line":218,"context":193},830,{"file":158,"line":220,"context":193},910,{"file":158,"line":222,"context":193},911,{"file":158,"line":222,"context":193},{"file":158,"line":222,"context":193},{"file":158,"line":226,"context":193},912,[],[],{"summary":230,"deductions":231},"The 'import-cdn-remote-images' plugin version 2.1.3 exhibits a generally good security posture, with several positive indicators. The absence of dangerous functions, the use of prepared statements for all SQL queries, and the limited attack surface are commendable. Furthermore, the plugin correctly implements nonce and capability checks for its single AJAX entry point. The lack of critical or high-severity taint analysis findings is also a positive sign.\n\nHowever, there are areas for improvement. While the majority of output is properly escaped, a significant portion (31%) is not, which could lead to cross-site scripting (XSS) vulnerabilities if user-controlled data is improperly handled. The plugin also makes three external HTTP requests, which, while not inherently insecure, represent potential vectors for man-in-the-middle attacks or other network-level issues if not implemented with care and secure protocols. The historical vulnerability data, while showing no currently unpatched issues, does indicate a past medium-severity Cross-Site Request Forgery (CSRF) vulnerability, suggesting that thorough security practices are necessary.\n\nIn conclusion, the plugin has strengths in its foundational security practices like input sanitization for SQL and access control for its entry points. The primary concerns revolve around the potential for XSS due to unescaped output and the inherent risks associated with external HTTP requests. The past CSRF vulnerability reinforces the need for ongoing vigilance. Overall, the security is moderately strong, but not without potential weaknesses that warrant attention.",[232,235,237],{"reason":233,"points":234},"Unescaped output detected",8,{"reason":236,"points":107},"External HTTP requests detected",{"reason":238,"points":49},"Past medium severity CSRF vulnerability","2026-03-16T20:53:19.030Z",{"wat":241,"direct":250},{"assetPaths":242,"generatorPatterns":245,"scriptPaths":246,"versionParams":247},[243,244],"\u002Fwp-content\u002Fplugins\u002Fimport-cdn-remote-images\u002Fassets\u002Fcss\u002Faauicri.css","\u002Fwp-content\u002Fplugins\u002Fimport-cdn-remote-images\u002Fassets\u002Fjs\u002Faauicri.js",[],[244],[248,249],"import-cdn-remote-images\u002Fassets\u002Fcss\u002Faauicri.css?ver=","import-cdn-remote-images\u002Fassets\u002Fjs\u002Faauicri.js?ver=",{"cssClasses":251,"htmlComments":252,"htmlAttributes":253,"restEndpoints":254,"jsGlobals":255,"shortcodeOutput":257},[],[],[],[],[256],"aauicri_ajax",[]]