[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fe9sIub68Qw7Y4b0O9exEENvP-EuIr6kTYq0JQDC2nC0":3,"$fW7Bf013nqI264j0e_eASZ3hYv1_sHDrtDIwPkOFqMl4":346,"$faTsO1S4u09m9GGWn-jXwfcMFLKAH2AnrMXC6Vb-q7d8":350},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"discovery_status":29,"vulnerabilities":30,"developer":31,"crawl_stats":27,"alternatives":37,"analysis":136,"fingerprints":314},"importyourpost","Import Your Post","1.0","Bratched","https:\u002F\u002Fprofiles.wordpress.org\u002Fbratched\u002F","\u003Cp>With this plugin, you can import and auto traduct single post.This plugin can import item from WordPress or Joomla sites. You can also import HTML directly.The items with source code are managed properly and images are directly imported into the media library. Article becomes identical to a directly entered with WordPress interface. Very usefull to autotraduct post in multisite.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Import a post from a Worpress or Joomla Url\u003C\u002Fli>\n\u003Cli>Import Tags and Categories\u003C\u002Fli>\n\u003Cli>Import linked Image as Media\u003C\u002Fli>\n\u003Cli>Import correctly source code description in Post\u003C\u002Fli>\n\u003Cli>Translate Post (with Bing Translator)\u003C\u002Fli>\n\u003Cli>Import from a source HTML page\u003C\u002Fli>\n\u003C\u002Ful>\n","Import Your Post can import and auto traduct single post from an other site (Worpress, Joomla,...). Very usefull to autotraduct post in multisite.",10,3254,0,"2013-11-12T00:03:00.000Z","3.7.41","3.0.1","",[19,20,21,22,23],"import","joomla","media","post","translate","http:\u002F\u002Fwww.bratched.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fimportyourpost.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":32,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"bratched",1,30,84,"2026-05-20T12:50:40.337Z",[38,60,83,99,117],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":53,"tags":54,"homepage":57,"download_link":58,"security_score":35,"vuln_count":33,"unpatched_count":13,"last_vuln_date":59,"fetched_at":28},"add-from-server","Add From Server","3.4.5","Dion Hulse","https:\u002F\u002Fprofiles.wordpress.org\u002Fdd32\u002F","\u003Cp>This plugin offers limited support. Please do not expect new features or too many bugfixes. Features may be removed at any time.\u003C\u002Fp>\n\u003Cp>Add From Server is designed to help ease the pain of bad web hosts, allowing you to upload files via FTP or SSH and later import them into WordPress.\u003C\u002Fp>\n\u003Cp>This plugin is NOT designed to..\u003Cbr \u002F>\n * Be used as a replacement for the file uploader\u003Cbr \u002F>\n * Be used for migration of websites\u003Cbr \u002F>\n * Re-import your files after moving webhosting\u003Cbr \u002F>\n * Batch import media\u003C\u002Fp>\n\u003Cp>This plugins IS designed to..\u003Cbr \u002F>\n * Import files which are larger than your hosting allows to be uploaded.\u003Cbr \u002F>\n * Import files which are too large for your internet connections upload speed.\u003C\u002Fp>\n\u003Cp>WordPress does a better job of file uploads than this plugin, so please consider your needs before you use it.\u003C\u002Fp>\n\u003Cp>You may also want to look at using WP-CLI for media import purposes:\u003Cbr \u002F>\nhttps:\u002F\u002Fdeveloper.wordpress.org\u002Fcli\u002Fcommands\u002Fmedia\u002Fimport\u002F\u003C\u002Fp>\n","Add From Server is designed to help ease the pain of bad web hosts, allowing you to upload files via FTP or SSH and later import them into WordPress.",60000,1320732,92,239,"2020-12-11T07:32:00.000Z","5.5.18","5.4","7.0",[55,19,21,22,56],"admin","uploads","https:\u002F\u002Fdd32.id.au\u002Fwordpress-plugins\u002Fadd-from-server\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadd-from-server.3.4.5.zip","2016-08-08 00:00:00",{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":68,"downloaded":69,"rating":70,"num_ratings":71,"last_updated":72,"tested_up_to":73,"requires_at_least":74,"requires_php":75,"tags":76,"homepage":81,"download_link":82,"security_score":70,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"post-export-import-with-media","Post Export Import with Media","1.4.1","wpazleen","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpazleen\u002F","\u003Cp>\u003Cstrong>Post Export Import with Media\u003C\u002Fstrong> is a simple yet powerful WordPress plugin that helps you securely transfer posts, pages, media, widgets, menus, themes, plugins & settings along with their media files between WordPress sites. Unlike the default exporter, this plugin ensures that images and attachments are included, so you don’t end up with broken links or missing media.\u003C\u002Fp>\n\u003Cp>Whether you’re moving to a new host, creating staging sites, or backing up your content, this plugin handles everything with professional-grade reliability, user-friendly interface and powerful built-in Batch Processing for high-performance transfers all designed for simplicity and control.\u003C\u002Fp>\n\u003Ch3>✨ Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Export and import posts with all attached media files, metadata, categories, tags, and custom fields  \u003C\u002Fli>\n\u003Cli>Automatic media file detection and download during import\u003C\u002Fli>\n\u003Cli>Real-time progress tracking for smooth migration  \u003C\u002Fli>\n\u003Cli>Smart image handling – reuses existing media, downloads missing files\u003C\u002Fli>\n\u003Cli>Support for featured images and inline content images\u003C\u002Fli>\n\u003Cli>Selective Export & Import\n\u003Cul>\n\u003Cli>Export specific posts or pages instead of entire content\u003C\u002Fli>\n\u003Cli>Preview and choose content before importing\u003C\u002Fli>\n\u003Cli>Set status before import (Public, Private, Draft)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Bulk delete functionality with confirmation dialogs\u003C\u002Fli>\n\u003Cli>Secure data handling to prevent errors or data loss  \u003C\u002Fli>\n\u003Cli>Lightweight and beginner-friendly interface  \u003C\u002Fli>\n\u003Cli>Works for bloggers, developers, and site administrators  \u003C\u002Fli>\n\u003Cli>Batch Processing Settings (Optimized for large-scale websites)\u003C\u002Fli>\n\u003Cli>Scheduled Exports (Automated Backups)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>\u003Cstrong>Pages Export\u002FImport\u003C\u002Fstrong>\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Complete page hierarchy preservation\u003C\u002Fli>\n\u003Cli>Template assignments and page metadata\u003C\u002Fli>\n\u003Cli>Featured images and content images handling\u003C\u002Fli>\n\u003Cli>Parent-child page relationships maintained\u003C\u002Fli>\n\u003Cli>Supports selective export\u002Fimport for pages\u003C\u002Fli>\n\u003Cli>Custom page attributes and settings\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>\u003Cstrong>WordPress Settings Backup\u003C\u002Fstrong>\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>7 settings categories: General, Writing, Reading, Discussion, Media, Permalinks, Privacy\u003C\u002Fli>\n\u003Cli>Site icon export\u002Fimport with URL information\u003C\u002Fli>\n\u003Cli>Selective import – choose which settings to import\u003C\u002Fli>\n\u003Cli>Detailed import logs showing success\u002Ffailure for each setting\u003C\u002Fli>\n\u003Cli>Handles deprecated WordPress options automatically\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>\u003Cstrong>Widgets & Navigation Menus\u003C\u002Fstrong>\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Complete widget configuration export\u002Fimport\u003C\u002Fli>\n\u003Cli>Widget positions and sidebar assignments\u003C\u002Fli>\n\u003Cli>Navigation menu structure with all items\u003C\u002Fli>\n\u003Cli>Menu locations and theme assignments\u003C\u002Fli>\n\u003Cli>Menu item hierarchy and custom properties\u003C\u002Fli>\n\u003Cli>Support for all widget types including custom HTML, media widgets\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>\u003Cstrong>Themes & Plugins Backup\u003C\u002Fstrong>\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Export active theme, all themes, or selected themes\u003C\u002Fli>\n\u003Cli>Export active plugins, all plugins, or selected plugins\u003C\u002Fli>\n\u003Cli>ZIP file creation with proper directory structure\u003C\u002Fli>\n\u003Cli>Import with replace existing or keep both options\u003C\u002Fli>\n\u003Cli>Automatic theme\u002Fplugin activation after import\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>\u003Cstrong>Advanced Admin Features\u003C\u002Fstrong>\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Admin Download Buttons\u003C\u002Fstrong> – Add download buttons to WordPress themes.php and plugins.php pages\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Media Statistics\u003C\u002Fstrong> – Comprehensive media library analysis with file types, sizes, and usage\u003C\u002Fli>\n\u003Cli>\u003Cstrong>System Configuration Test\u003C\u002Fstrong> – Check server capabilities and requirements\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Plugin Recommendations\u003C\u002Fstrong> – Curated list of useful WordPress plugins\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🎯 \u003Cstrong>Perfect For\u003C\u002Fstrong>\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Web Developers\u003C\u002Fstrong> – Quickly clone sites for development and testing\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Site Migrations\u003C\u002Fstrong> – Move WordPress sites between hosts seamlessly  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Backup Solutions\u003C\u002Fstrong> – Create complete site backups including media\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Staging Sites\u003C\u002Fstrong> – Duplicate production sites for safe testing\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Client Handoffs\u003C\u002Fstrong> – Package complete sites for client delivery\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multi-site Management\u003C\u002Fstrong> – Sync content between multiple WordPress installations\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🔧 \u003Cstrong>Technical Excellence\u003C\u002Fstrong>\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Security First\u003C\u002Fstrong> – All operations use WordPress nonces and capability checks\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Memory Efficient\u003C\u002Fstrong> – Handles large sites without memory issues\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Cross-Platform\u003C\u002Fstrong> – Works on Windows, Linux, and macOS servers\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Error Recovery\u003C\u002Fstrong> – Comprehensive error handling and user feedback\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Progress Tracking\u003C\u002Fstrong> – Real-time updates during long operations\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Clean Code\u003C\u002Fstrong> – Well-documented, maintainable codebase following WordPress standards\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>📊 \u003Cstrong>Real-time Progress & Logging\u003C\u002Fstrong>\u003C\u002Fh3>\n\u003Cp>Every operation provides detailed feedback:\u003Cbr \u002F>\n* Progress bars showing completion percentage\u003Cbr \u002F>\n* Timestamped logs with success\u002Fwarning\u002Ferror indicators\u003Cbr \u002F>\n* Detailed statistics (items imported, skipped, failed)\u003Cbr \u002F>\n* Clear error messages with actionable solutions\u003Cbr \u002F>\n* Import\u002Fexport summaries with file information\u003C\u002Fp>\n\u003Ch3>🎨 \u003Cstrong>User Experience\u003C\u002Fstrong>\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Intuitive Interface\u003C\u002Fstrong> – Clean, modern admin interface\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Responsive Design\u003C\u002Fstrong> – Works perfectly on desktop and mobile\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Modal Confirmations\u003C\u002Fstrong> – Safe operations with confirmation dialogs\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Detailed Help\u003C\u002Fstrong> – Comprehensive descriptions and usage instructions\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Professional Styling\u003C\u002Fstrong> – Matches WordPress admin design language\u003C\u002Fli>\n\u003C\u002Ful>\n","Easily export and import WP posts, pages, media, widgets, menus, themes, plugins & settings with their media files- secure, fast, and with real-ti &hellip;",700,4100,100,3,"2026-04-10T17:32:00.000Z","6.9.4","6.7","7.4",[77,19,78,79,80],"export-media","migration","page-export","post-export","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpost-export-import-with-media\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpost-export-import-with-media.1.4.1.zip",{"slug":84,"name":85,"version":86,"author":87,"author_profile":88,"description":17,"short_description":89,"active_installs":11,"downloaded":90,"rating":13,"num_ratings":13,"last_updated":91,"tested_up_to":92,"requires_at_least":17,"requires_php":17,"tags":93,"homepage":97,"download_link":98,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"liveinternet-importer","Liveinternet Importer","2012.05","seyfer","https:\u002F\u002Fprofiles.wordpress.org\u002Fseyfer\u002F","Import posts for users from a Liveinternet blog.",7605,"2012-03-18T10:18:00.000Z","3.3.0",[94,95,21,22,96],"importer","liveinternet","xml","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fliveinternet-importer\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fliveinternet-importer.2012.05.zip",{"slug":100,"name":101,"version":102,"author":103,"author_profile":104,"description":105,"short_description":106,"active_installs":11,"downloaded":107,"rating":13,"num_ratings":13,"last_updated":108,"tested_up_to":109,"requires_at_least":110,"requires_php":17,"tags":111,"homepage":114,"download_link":115,"security_score":70,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":116},"sm-easy-post-migrator","SM Easy Post Migrator","1.1.3","steviemathew","https:\u002F\u002Fprofiles.wordpress.org\u002Fsteviemathew\u002F","\u003Cp>SM Easy Post Migrator helps you move your WordPress content from one site to another. Use it to migrate posts, pages, images, and other media files between WordPress sites without losing your content or breaking links.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What You Can Do:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Migrate Posts and Pages:\u003C\u002Fstrong> Copy your blog posts, pages, and content from your old site to your new site. All your text, formatting, and content structure is preserved.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Move Images and Media:\u003C\u002Fstrong> Automatically download and import all images, videos, and media files from your source site. The plugin checks for duplicates so you don’t end up with multiple copies of the same file.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Fix Internal Links:\u003C\u002Fstrong> When you move content, all the links between your posts and pages are automatically updated to work on your new site. No broken links!\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Choose What to Migrate:\u003C\u002Fstrong> Browse your source site and pick exactly which posts, pages, or media files you want to move. You’re in control.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Track Your Progress:\u003C\u002Fstrong> See detailed logs of what was migrated, what succeeded, and what had issues. Export these logs to CSV if you need to review them later.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Easy to Use:\u003C\u002Fstrong> Connect to your source site using your WordPress username and application password, then select what you want to migrate. The plugin handles the rest.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Perfect for moving your blog to a new domain, consolidating multiple sites, or backing up your content to a new location.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is licensed under the GPL v2 or later.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>For support, feature requests, or bug reports, visit \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fsm-easy-post-migrator\u002F\" rel=\"ugc\">https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fsm-easy-post-migrator\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Contributors & Developers\u003C\u002Fh3>\n\u003Cp>“SM Easy Post Migrator” is open source software. The following people have contributed to this plugin.\u003C\u002Fp>\n","Migrate posts, pages, media, and internal links between WordPress sites without breaking links or losing images.",224,"2025-11-13T16:53:00.000Z","6.8.5","5.0",[19,21,78,112,113],"pages","posts","https:\u002F\u002Fstevenmathew.dev\u002Fcontent-migration-pro","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsm-easy-post-migrator.1.1.3.zip","2026-03-15T15:16:48.613Z",{"slug":118,"name":119,"version":120,"author":121,"author_profile":122,"description":123,"short_description":124,"active_installs":13,"downloaded":125,"rating":13,"num_ratings":13,"last_updated":126,"tested_up_to":73,"requires_at_least":127,"requires_php":75,"tags":128,"homepage":134,"download_link":135,"security_score":70,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"kotia-content-integration","Kotia Content Integration","2.4.1","serg250","https:\u002F\u002Fprofiles.wordpress.org\u002Fserg250\u002F","\u003Cp>Kotia Content Integration provides a secure REST API for content import:\u003C\u002Fp>\n\u003Cp>✔ Create posts via REST\u003Cbr \u002F>\n✔ Upload media\u003Cbr \u002F>\n✔ Create categories and tags\u003Cbr \u002F>\n✔ Set featured images\u003Cbr \u002F>\n✔ SEO fields support\u003Cbr \u002F>\n✔ Yoast SEO compatibility (if installed)\u003Cbr \u002F>\n✔ Status endpoint for connection checks\u003Cbr \u002F>\n✔ Token-based authentication\u003C\u002Fp>\n\u003Cp>If Yoast SEO is not installed, SEO fields are stored as custom fields and rendered in page head.\u003C\u002Fp>\n\u003Ch3>REST API Endpoints\u003C\u002Fh3>\n\u003Cp>POST:\u003Cbr \u002F>\n– \u002Fwp-json\u002Fkotia-content-integration\u002Fv1\u002Fpost\u003Cbr \u002F>\n– \u002Fwp-json\u002Fkotia-content-integration\u002Fv1\u002Fmedia\u003Cbr \u002F>\n– \u002Fwp-json\u002Fkotia-content-integration\u002Fv1\u002Fcategory\u003Cbr \u002F>\n– \u002Fwp-json\u002Fkotia-content-integration\u002Fv1\u002Ftag\u003Cbr \u002F>\n– \u002Fwp-json\u002Fkotia-content-integration\u002Fv1\u002Fset-thumbnail\u003C\u002Fp>\n\u003Cp>GET:\u003Cbr \u002F>\n– \u002Fwp-json\u002Fkotia-content-integration\u002Fv1\u002Fstatus\u003C\u002Fp>\n\u003Cp>Authentication:\u003Cbr \u002F>\nAuthorization: Bearer TOKEN\u003C\u002Fp>\n\u003Ch3>SEO Fields\u003C\u002Fh3>\n\u003Cp>Supported fields in post creation:\u003C\u002Fp>\n\u003Cp>{\u003Cbr \u002F>\n  “meta_title”: “SEO Title”,\u003Cbr \u002F>\n  “meta_description”: “SEO Description”,\u003Cbr \u002F>\n  “focus_keyword”: “Keyword”\u003Cbr \u002F>\n}\u003C\u002Fp>\n\u003Cp>If Yoast SEO is installed, fields are automatically mapped to Yoast meta.\u003C\u002Fp>\n\u003Cp>If not installed:\u003Cbr \u002F>\n– fields are stored as custom meta\u003Cbr \u002F>\n– fields are available in admin\u003Cbr \u002F>\n– fields are rendered in \u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>GPLv2 or later\u003C\u002Fp>\n","Secure REST API content importer for WordPress.",358,"2026-03-10T14:51:00.000Z","5.8",[129,130,131,132,133],"content-import","media-upload","post-import","rest-api","seo","https:\u002F\u002Fgithub.com\u002FSerg25001\u002Fkotia-content-integration","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkotia-content-integration.2.4.1.zip",{"attackSurface":137,"codeSignals":160,"taintFlows":219,"riskAssessment":302,"analyzedAt":313},{"hooks":138,"ajaxHandlers":156,"restRoutes":157,"shortcodes":158,"cronEvents":159,"entryPointCount":13,"unprotectedCount":13},[139,144,148,152],{"type":140,"name":141,"callback":142,"file":143,"line":11},"action","wp_enqueue_script","load_jquery","addPosts.php",{"type":140,"name":145,"callback":145,"file":146,"line":147},"admin_init","importyourpost.php",86,{"type":140,"name":149,"callback":150,"file":146,"line":151},"admin_menu","add_menu",87,{"type":140,"name":153,"callback":154,"file":146,"line":155},"init","liste_plugin_load_text_domain",88,[],[],[],[],{"dangerousFunctions":161,"sqlUsage":162,"outputEscaping":172,"fileOperations":216,"externalRequests":164,"nonceChecks":13,"capabilityChecks":217,"bundledLibraries":218},[],{"prepared":163,"raw":164,"locations":165},11,2,[166,170],{"file":167,"line":168,"context":169},"historypost.php",47,"$wpdb->get_results() with variable interpolation",{"file":167,"line":171,"context":169},91,{"escaped":13,"rawEcho":173,"locations":174},18,[175,179,181,183,185,187,189,191,193,195,197,200,203,205,207,210,212,214],{"file":176,"line":177,"context":178},"AccessTokenAuthentication.php",54,"raw output",{"file":143,"line":180,"context":178},134,{"file":143,"line":182,"context":178},197,{"file":143,"line":184,"context":178},229,{"file":143,"line":186,"context":178},252,{"file":143,"line":188,"context":178},253,{"file":143,"line":190,"context":178},254,{"file":143,"line":192,"context":178},255,{"file":143,"line":194,"context":178},292,{"file":143,"line":196,"context":178},326,{"file":198,"line":199,"context":178},"bingtranslator.php",53,{"file":201,"line":202,"context":178},"pagination.class.php",76,{"file":204,"line":173,"context":178},"settings.php",{"file":204,"line":206,"context":178},22,{"file":208,"line":209,"context":178},"simple_html_dom.php",158,{"file":208,"line":211,"context":178},163,{"file":208,"line":213,"context":178},234,{"file":215,"line":173,"context":178},"transformpost.php",6,5,[],[220,238,253],{"entryPoint":221,"graph":222,"unsanitizedCount":33,"severity":237},"trace_post (addPosts.php:279)",{"nodes":223,"edges":234},[224,229],{"id":225,"type":226,"label":227,"file":143,"line":228},"n0","source","$_SERVER",290,{"id":230,"type":231,"label":232,"file":143,"line":194,"wp_function":233},"n1","sink","echo() [XSS]","echo",[235],{"from":225,"to":230,"sanitized":236},false,"medium",{"entryPoint":239,"graph":240,"unsanitizedCount":33,"severity":237},"handle_submit (addPosts.php:295)",{"nodes":241,"edges":250},[242,245,248],{"id":225,"type":226,"label":243,"file":143,"line":244},"$_POST['btnUpdate']",315,{"id":230,"type":246,"label":247,"file":143,"line":244},"transform","→ UpdatePost()",{"id":249,"type":231,"label":232,"file":143,"line":196,"wp_function":233},"n2",[251,252],{"from":225,"to":230,"sanitized":236},{"from":230,"to":249,"sanitized":236},{"entryPoint":254,"graph":255,"unsanitizedCount":71,"severity":301},"\u003CaddPosts> (addPosts.php:0)",{"nodes":256,"edges":291},[257,259,260,261,263,265,267,269,273,276,280,283,286],{"id":225,"type":226,"label":258,"file":143,"line":180},"$_POST['import_url']",{"id":230,"type":231,"label":232,"file":143,"line":180,"wp_function":233},{"id":249,"type":226,"label":227,"file":143,"line":228},{"id":262,"type":231,"label":232,"file":143,"line":194,"wp_function":233},"n3",{"id":264,"type":226,"label":243,"file":143,"line":244},"n4",{"id":266,"type":246,"label":247,"file":143,"line":244},"n5",{"id":268,"type":231,"label":232,"file":143,"line":196,"wp_function":233},"n6",{"id":270,"type":226,"label":271,"file":143,"line":272},"n7","$_POST",334,{"id":274,"type":246,"label":275,"file":143,"line":272},"n8","→ TransformPost()",{"id":277,"type":231,"label":278,"file":215,"line":192,"wp_function":279},"n9","file_get_contents() [SSRF\u002FLFI]","file_get_contents",{"id":281,"type":226,"label":271,"file":143,"line":282},"n10",337,{"id":284,"type":246,"label":285,"file":143,"line":282},"n11","→ InsertPostInHistory()",{"id":287,"type":231,"label":288,"file":167,"line":289,"wp_function":290},"n12","query() [SQLi]",74,"query",[292,294,295,296,297,298,299,300],{"from":225,"to":230,"sanitized":293},true,{"from":249,"to":262,"sanitized":293},{"from":264,"to":266,"sanitized":236},{"from":266,"to":268,"sanitized":236},{"from":270,"to":274,"sanitized":236},{"from":274,"to":277,"sanitized":236},{"from":281,"to":284,"sanitized":236},{"from":284,"to":287,"sanitized":236},"high",{"summary":303,"deductions":304},"The \"importyourpost\" plugin v1.0 exhibits a mixed security posture. On one hand, it demonstrates good practices by having no recorded CVEs, a low number of file operations and external HTTP requests, and a high percentage of SQL queries using prepared statements. The absence of AJAX handlers, REST API routes, shortcodes, and cron events significantly limits its direct attack surface. However, several concerning signals emerge from the static analysis.\n\nThe most significant concern is the complete lack of nonce checks, which is a fundamental WordPress security mechanism for preventing CSRF attacks. Additionally, 100% of outputs are not properly escaped, presenting a clear risk of cross-site scripting (XSS) vulnerabilities across all its output points. The taint analysis reveals one high-severity flow, indicating a potential for serious security issues that needs further investigation within the codebase.\n\nGiven the lack of historical vulnerabilities, it's difficult to draw conclusions about past patterns. However, the current static analysis points to a critical oversight in output sanitization and a complete absence of nonce protection. While the plugin appears to have a small attack surface and uses prepared statements for most SQL queries, these specific weaknesses in output escaping and nonce checks are significant security flaws that require immediate attention. Addressing these issues is crucial for improving the plugin's overall security.",[305,308,311],{"reason":306,"points":307},"100% of outputs are not properly escaped",8,{"reason":309,"points":310},"No nonce checks found",7,{"reason":312,"points":11},"1 high severity taint flow found","2026-03-17T00:09:11.548Z",{"wat":315,"direct":326},{"assetPaths":316,"generatorPatterns":320,"scriptPaths":321,"versionParams":322},[317,318,319],"\u002Fwp-content\u002Fplugins\u002Fimportyourpost\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fimportyourpost\u002Fjs\u002Fcustom.js","\u002Fwp-content\u002Fplugins\u002Fimportyourpost\u002Fjs\u002Fjquery.js",[],[318,319],[323,324,325],"importyourpost\u002Fcss\u002Fstyle.css?ver=","importyourpost\u002Fjs\u002Fcustom.js?ver=","importyourpost\u002Fjs\u002Fjquery.js?ver=",{"cssClasses":327,"htmlComments":330,"htmlAttributes":333,"restEndpoints":341,"jsGlobals":342,"shortcodeOutput":344},[328,329],"nav-tab","nav-tab-active",[331,332],"\u003C![CDATA[","\u002F\u002F]]>",[334,335,336,337,338,339,340],"data-id=\"import-post\"","data-id=\"translate_section\"","data-id=\"translate_options\"","data-id=\"div_addPost\"","data-id=\"div_updatePost\"","data-id=\"tab_addPost\"","data-id=\"tab_updatePost\"",[],[343],"jQuery",[345],"IYP Import new Post",{"error":293,"url":347,"statusCode":348,"statusMessage":349,"message":349},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fimportyourpost\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":13,"versions":351},[]]