[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fMZLDurszUTuOTs2b1UlkcHzYbs4eQXSI2gvAYsfQxzc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":36,"analysis":140,"fingerprints":212},"link-to-wp-files","Link to WordPress Files","1.0.2","gaupoit","https:\u002F\u002Fprofiles.wordpress.org\u002Fgaupoit\u002F","\u003Cp>On WordPress linking text to any external URL or existing content is a piece of cake but not to your Media files. Now with “Link to WordPress Files”, you can easily link any text on your article directly to your Media Files with a click.\u003C\u002Fp>\n\u003Cp>You no longer need to go to Media, simply choose and copy the file URL then come back and insert it to your content any more.\u003C\u002Fp>\n\u003Cp>For more information, please \u003Ca href=\"https:\u002F\u002Fwww.buildwps.com\u002Flink-wordpress-files-plugin\u002F?utm_source=wp.org&utm_medium=plugin-desc\" rel=\"nofollow ugc\">visit our website\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Todo\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Be able to configure link attributes such as title, class, id or events onclick and hover.\u003C\u002Fli>\n\u003Cli>Tracking file data such as clicks and click source.\u003C\u002Fli>\n\u003C\u002Fol>\n","\"Link to WordPress files\" helps link your content to media files easily and quickly.",20,1747,0,"2022-03-15T08:23:00.000Z","4.9.29","3.0.1","",[19,20,21,22,23],"files","insert-links","linking-wordpress-files","media","uploaded-files","http:\u002F\u002Fwww.buildwps.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flink-to-wp-files.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":26,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},2,120,30,84,"2026-04-05T08:51:38.759Z",[37,60,83,100,119],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":57,"download_link":58,"security_score":59,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"simple-social-icons","Simple Social Icons","4.0.0","OsomPress","https:\u002F\u002Fprofiles.wordpress.org\u002Fosompress\u002F","\u003Cp>Simple Social Icons is an easy to use, customizable way to display icons that link visitors to your various social profiles. You can choose which profiles to link to, customize the color and size of your icons, and align them to the left, center, or right.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Two Ways to Use Social Icons:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>\u003Cstrong>Widget (WordPress 4.0+):\u003C\u002Fstrong> The traditional widget works on all supported WordPress versions. Simply drag the “Simple Social Icons” widget into any widget area and configure it from the widget form. All available icons are accessible through the widget.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Block Variations (WordPress 6.9+):\u003C\u002Fstrong> On WordPress 6.9+, this plugin extends the core Social Icons block with additional icon variations. These icons automatically appear when adding a Social Icons block in the block editor. Block variations only add icons that are not already available in WordPress core, so you get the best of both worlds: core icons plus these additional options.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>\u003Cstrong>Important:\u003C\u002Fstrong> If you’re currently using the widget, nothing changes for you. The widget continues to work exactly as before on all WordPress versions. Block variations are an additional feature that only activates on WordPress 6.9+ and doesn’t affect existing widget functionality.\u003C\u002Fp>\n\u003Cp>*Note: The simple_social_default_glyphs filter has been deprecated from this plugin.\u003C\u002Fp>\n","This plugin provides two ways to display social icons: a traditional widget (available on all WordPress versions) and block variations for the core So &hellip;",100000,3241683,86,91,"2025-12-16T12:19:00.000Z","6.9.4","4.0","7.4",[54,55,56],"social-media","social-networking","social-profiles","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsimple-social-icons\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-social-icons.4.0.0.zip",100,{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":68,"downloaded":69,"rating":70,"num_ratings":71,"last_updated":72,"tested_up_to":50,"requires_at_least":73,"requires_php":52,"tags":74,"homepage":78,"download_link":79,"security_score":80,"vuln_count":81,"unpatched_count":13,"last_vuln_date":82,"fetched_at":28},"media-cleaner","Media Cleaner: Clean your WordPress!","7.0.5","Jordy Meow","https:\u002F\u002Fprofiles.wordpress.org\u002Ftigroumeow\u002F","\u003Cp>Media Cleaner is a powerful plugin that helps you clean up your WordPress media library by deleting unused media entries and files, as well as fixing broken entries. With an internal trash feature, you can preview and confirm changes before permanently deleting anything. Plus, Media Cleaner uses smart analysis to ensure compatibility with specific plugins and themes.\u003C\u002Fp>\n\u003Cp>Use it alongside \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdatabase-cleaner\u002F\" rel=\"ugc\">Database Cleaner\u003C\u002Fa> for the ultimate clean-up experience.\u003C\u002Fp>\n\u003Cp>Media Cleaner is like a ninja assassin for your Media Library – it’ll stealthily take out all the unnecessary media and broken entries that are cluttering up the place. Just make sure you have a \u003Cstrong>solid backup plan\u003C\u002Fstrong> in place before you let this bad boy loose.\u003C\u002Fp>\n\u003Cp>To learn more about compatibility, features, and the Pro version, check out the \u003Ca href=\"https:\u002F\u002Fmeowapps.com\u002Fmedia-cleaner\u002Ftutorial\u002F\" rel=\"nofollow ugc\">tutorial\u003C\u002Fa> on the \u003Ca href=\"https:\u002F\u002Fmeowapps.com\u002Fmedia-cleaner\u002F\" rel=\"nofollow ugc\">official website\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FqmDSgWZWnSw?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch3>COMPATIBILITY\u003C\u002Fh3>\n\u003Cp>This plugin is compatible with all media types, including retina and WebP versions. It has been tested on a wide range of WordPress versions, including the latest version with Gutenberg, as well as on various themes with a large community of users. It also supports WooCommerce. For users with more complex plugins for handling website content, the Pro version may be necessary for optimal compatibility. We are constantly working to increase compatibility with other plugins.\u003C\u002Fp>\n\u003Ch3>PRO VERSION\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fmeowapps.com\u002Fmedia-cleaner\u002F\" rel=\"nofollow ugc\">Media Cleaner Pro\u003C\u002Fa> adds extra features to the free version of Media Cleaner:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Filesystem Analysis: Scans your physical \u002Fuploads directory and matches it against the Media Library.\u003C\u002Fli>\n\u003Cli>Extra support for complex plugins, such as ACF, Metabox, Divi Builder, Fusion Builder (Avada), WPBakery Page Builder, Visual Composer, Elementor, Beaver Builder, Brizy Builder, Oxygen Builder, Slider Revolution, Justified Image Grid, Avia Framework, and many more!\u003C\u002Fli>\n\u003Cli>Live Site Scan: Analyzes the online version of your website, potentially improving accuracy in some cases.\u003C\u002Fli>\n\u003Cli>WP-CLI support: Allows you to run the plugin at a higher speed or automatically with direct server access (via SSH).\u003C\u002Fli>\n\u003C\u002Ful>\n","Clean your WordPress! Eliminate unused and broken media files. For a faster, and better website.",90000,4405648,92,741,"2026-03-09T22:57:00.000Z","6.0",[75,19,76,77,22],"clean","images","library","https:\u002F\u002Fmeowapps.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmedia-cleaner.7.0.5.zip",99,1,"2024-04-29 00:00:00",{"slug":84,"name":85,"version":86,"author":87,"author_profile":88,"description":89,"short_description":90,"active_installs":91,"downloaded":92,"rating":70,"num_ratings":93,"last_updated":94,"tested_up_to":50,"requires_at_least":95,"requires_php":17,"tags":96,"homepage":17,"download_link":99,"security_score":59,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"clean-image-filenames","Clean Image Filenames","1.5","Upperdog","https:\u002F\u002Fprofiles.wordpress.org\u002Fupperdog\u002F","\u003Cp>This plugin automatically converts language accent characters in filenames when uploading to the media library. Characters are converted into browser and server friendly, non-accent characters.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Converts accent characters to non-accent, latin equivalents in Swedish, Danish, German, and more.\u003C\u002Fli>\n\u003Cli>Removes special characters like exclamation marks, periods, hashtags, and more.\u003C\u002Fli>\n\u003Cli>Lets you choose if you want to convert only image files, or all file types.\u003C\u002Fli>\n\u003Cli>Makes site and server migrations easier thanks to non-accent character filenames.\u003C\u002Fli>\n\u003Cli>Provides filter hook for developers who want to specify which file types to convert.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Examples\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Räksmörgås.jpg \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> raksmorgas.jpg\u003C\u002Fli>\n\u003Cli>Æblegrød_FTW!.gif \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> aeblegrod-ftw.gif\u003C\u002Fli>\n\u003Cli>Château de Ferrières.png \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> chateau-de-ferrieres.png\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Worth noting\u003C\u002Fh3>\n\u003Cp>The plugin only converts filenames when the files are being uploaded. It can not convert existing files.\u003C\u002Fp>\n\u003Ch3>Filter for developers\u003C\u002Fh3>\n\u003Cp>This filter provides developers a way to specify which file types the plugin should convert. This filter overrides the plugin settings on the media settings page. For a complete list of mime types, see \u003Ca href=\"http:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FInternet_media_type\" rel=\"nofollow ugc\">Wikipedia\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>The following example will convert PDF, JPEG and PNG files only:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>function my_clean_image_filenames_mime_types() {\n    $mime_types = array(\n        'application\u002Fpdf',\n        'image\u002Fjpeg',\n        'image\u002Fpng',\n    );\n    return $mime_types;\n}\nadd_filter( 'clean_image_filenames_mime_types', 'my_clean_image_filenames_mime_types' );\n\u003C\u002Fcode>\u003C\u002Fpre>\n","This plugin automatically converts language accent characters to non-accent characters in filenames when uploading to the media library.",30000,335219,21,"2026-01-14T09:45:00.000Z","2.9",[19,76,22,97,98],"sanitize","upload","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fclean-image-filenames.1.5.zip",{"slug":101,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":91,"downloaded":108,"rating":109,"num_ratings":110,"last_updated":111,"tested_up_to":112,"requires_at_least":113,"requires_php":17,"tags":114,"homepage":117,"download_link":118,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"lightweight-social-icons","Lightweight Social Icons","1.1","Tom","https:\u002F\u002Fprofiles.wordpress.org\u002Fedge22\u002F","\u003Cp>Lightweight Social Icons is an easy to use, lightweight social icon widget which lets you display your favorite social profile icons.\u003C\u002Fp>\n\u003Cp>The icons use an icon font, meaning you can choose the size, border radius (roundess), color and hover color of your icons!\u003C\u002Fp>\n\u003Cp>Check out GeneratePress, our awesome WordPress theme! (https:\u002F\u002Fwordpress.org\u002Fthemes\u002Fgeneratepress)\u003C\u002Fp>\n\u003Ch4>Features include:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Choose your own order\u003C\u002Fli>\n\u003Cli>Icon size\u003C\u002Fli>\n\u003Cli>Border radius\u003C\u002Fli>\n\u003Cli>Background color\u003C\u002Fli>\n\u003Cli>Text\u002Ficon color\u003C\u002Fli>\n\u003Cli>Background color on hover\u003C\u002Fli>\n\u003Cli>Text\u002Ficon color on hover\u003C\u002Fli>\n\u003Cli>Open links in new window\u003C\u002Fli>\n\u003Cli>Enable\u002Fdisable tooltips\u003C\u002Fli>\n\u003Cli>Alignment of icons\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Included icons:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Facebook\u003C\u002Fli>\n\u003Cli>Twitter\u003C\u002Fli>\n\u003Cli>Google+\u003C\u002Fli>\n\u003Cli>Instagram\u003C\u002Fli>\n\u003Cli>LinkedIn\u003C\u002Fli>\n\u003Cli>Pinterest\u003C\u002Fli>\n\u003Cli>Flickr\u003C\u002Fli>\n\u003Cli>Email\u003C\u002Fli>\n\u003Cli>RSS\u003C\u002Fli>\n\u003Cli>Stumbleupon\u003C\u002Fli>\n\u003Cli>Tumblr\u003C\u002Fli>\n\u003Cli>Vimeo\u003C\u002Fli>\n\u003Cli>YouTube\u003C\u002Fli>\n\u003Cli>Github\u003C\u002Fli>\n\u003Cli>Soundcloud\u003C\u002Fli>\n\u003Cli>DeviantArt\u003C\u002Fli>\n\u003Cli>Phone\u003C\u002Fli>\n\u003Cli>Skype\u003C\u002Fli>\n\u003Cli>Dribbble\u003C\u002Fli>\n\u003Cli>Foursquare\u003C\u002Fli>\n\u003Cli>Reddit\u003C\u002Fli>\n\u003Cli>Spotify\u003C\u002Fli>\n\u003Cli>Digg\u003C\u002Fli>\n\u003Cli>Vine\u003C\u002Fli>\n\u003Cli>Codepen\u003C\u002Fli>\n\u003Cli>Delicious\u003C\u002Fli>\n\u003Cli>JSFiddle\u003C\u002Fli>\n\u003Cli>Stack Overflow\u003C\u002Fli>\n\u003Cli>WordPress\u003C\u002Fli>\n\u003Cli>Dropbox\u003C\u002Fli>\n\u003Cli>Steam\u003C\u002Fli>\n\u003Cli>Behance\u003C\u002Fli>\n\u003Cli>iTunes\u003C\u002Fli>\n\u003Cli>Yelp\u003C\u002Fli>\n\u003Cli>500px\u003C\u002Fli>\n\u003Cli>AngelList\u003C\u002Fli>\n\u003Cli>Blog Lovin’\u003C\u002Fli>\n\u003Cli>Paper Plane (Newsletter)\u003C\u002Fli>\n\u003Cli>VK\u003C\u002Fli>\n\u003Cli>Xing\u003C\u002Fli>\n\u003Cli>Bandcamp\u003C\u002Fli>\n\u003Cli>BitBucket\u003C\u002Fli>\n\u003Cli>Snapchat\u003C\u002Fli>\n\u003Cli>Trip Advisor\u003C\u002Fli>\n\u003Cli>Houzz\u003C\u002Fli>\n\u003Cli>Mixcloud\u003C\u002Fli>\n\u003Cli>Last.fm\u003C\u002Fli>\n\u003C\u002Ful>\n","Looking to add simple social icons to your widget areas? Choose the size and color of your icons, and then choose from 47 different social profiles.",464772,94,63,"2020-03-18T17:14:00.000Z","5.4.19","4.5",[115,116,54,55,56],"social-icon-widget","social-icons","http:\u002F\u002Fgeneratepress.com\u002Flightweight-social-icons","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flightweight-social-icons.1.1.zip",{"slug":120,"name":121,"version":122,"author":123,"author_profile":124,"description":125,"short_description":126,"active_installs":127,"downloaded":128,"rating":129,"num_ratings":130,"last_updated":131,"tested_up_to":50,"requires_at_least":132,"requires_php":133,"tags":134,"homepage":138,"download_link":139,"security_score":59,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"bulk-media-register","Bulk Media Register","1.41","Katsushi Kawamori","https:\u002F\u002Fprofiles.wordpress.org\u002Fkatsushi-kawamori\u002F","\u003Cp>Bulk register files on the server to the Media Library.\u003C\u002Fp>\n\u003Ch4>Register to media library\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Maintain folder structure.\u003C\u002Fli>\n\u003Cli>This create a thumbnail of the image file.\u003C\u002Fli>\n\u003Cli>This create a metadata(Images, Videos, Audios).\u003C\u002Fli>\n\u003Cli>Change the date\u002Ftime.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Sibling plugin\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmoving-media-library\u002F\" rel=\"ugc\">Moving Media Library\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmedia-from-ftp\u002F\" rel=\"ugc\">Media from FTP\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmedia-from-zip\u002F\" rel=\"ugc\">Media from ZIP\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Note\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>If you want to use a multi-byte file name, use UTF-8. The file name is used as the title during registration, but is sanitized and changed to a different file name.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>How it works\u003C\u002Fh4>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FVa92SMlFDxk?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n","Bulk register files on the server to the Media Library.",8000,122281,90,22,"2025-11-25T21:42:00.000Z","4.6","8.0",[19,135,136,22,137],"ftp","import","uploads","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbulk-media-register\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbulk-media-register.1.41.zip",{"attackSurface":141,"codeSignals":186,"taintFlows":205,"riskAssessment":206,"analyzedAt":211},{"hooks":142,"ajaxHandlers":182,"restRoutes":183,"shortcodes":184,"cronEvents":185,"entryPointCount":13,"unprotectedCount":13},[143,148,152,158,161,163,166,168,171,174,177,179],{"type":144,"name":145,"callback":146,"file":147,"line":32},"filter","mce_external_plugins","magiclink_mce_plugin","admin\\class-pda-wp-magic-link-admin.php",{"type":144,"name":149,"callback":150,"file":147,"line":151},"mce_buttons","register_magiclink_button",121,{"type":153,"name":154,"callback":155,"file":156,"line":157},"action","plugins_loaded","anonymous","includes\\class-pda-link-to-wp-file.php",154,{"type":153,"name":159,"callback":155,"file":156,"line":160},"admin_enqueue_scripts",169,{"type":153,"name":159,"callback":155,"file":156,"line":162},170,{"type":153,"name":164,"callback":155,"file":156,"line":165},"init",172,{"type":153,"name":164,"callback":155,"file":156,"line":167},173,{"type":153,"name":169,"callback":155,"file":156,"line":170},"widgets_init",174,{"type":144,"name":172,"callback":155,"file":156,"line":173},"mce_css",176,{"type":153,"name":175,"callback":155,"file":156,"line":176},"wp_enqueue_scripts",191,{"type":153,"name":175,"callback":155,"file":156,"line":178},192,{"type":144,"name":180,"callback":155,"file":156,"line":181},"nav_menu_link_attributes",194,[],[],[],[],{"dangerousFunctions":187,"sqlUsage":188,"outputEscaping":190,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":31,"bundledLibraries":204},[],{"prepared":81,"raw":13,"locations":189},[],{"escaped":191,"rawEcho":192,"locations":193},18,5,[194,197,199,201,202],{"file":147,"line":195,"context":196},181,"raw output",{"file":147,"line":198,"context":196},183,{"file":147,"line":200,"context":196},189,{"file":147,"line":200,"context":196},{"file":147,"line":203,"context":196},219,[],[],{"summary":207,"deductions":208},"The \"link-to-wp-files\" plugin v1.0.2 exhibits a generally positive security posture based on the provided static analysis. There are no identified AJAX handlers, REST API routes, shortcodes, or cron events that present an immediate attack surface. The code also shows good practices in its handling of SQL queries, exclusively using prepared statements, and a high percentage of output escaping, minimizing the risk of cross-site scripting vulnerabilities. The absence of file operations and external HTTP requests further reduces potential attack vectors. The plugin also includes capability checks, which is a good security measure.  However, the complete absence of nonce checks is a significant concern. While the static analysis did not identify any direct vulnerabilities or a history of CVEs, the lack of nonce checks on any entry points (even though there are none currently) implies a potential for cross-site request forgery (CSRF) if new entry points were to be added without proper security considerations.  The taint analysis showing zero flows is positive, but it's important to remember that this is based on the current code structure, and new vulnerabilities could be introduced with future updates if security best practices are not maintained. Overall, the plugin appears to be developed with security in mind, but the oversight regarding nonce checks is a notable weakness that could be exploited if the plugin's functionality were expanded.",[209],{"reason":210,"points":192},"No nonce checks implemented","2026-03-16T22:46:47.833Z",{"wat":213,"direct":223},{"assetPaths":214,"generatorPatterns":217,"scriptPaths":218,"versionParams":220},[215,216],"\u002Fwp-content\u002Fplugins\u002Flink-to-wp-files\u002Fadmin\u002Fcss\u002Fpda-link-to-wp-file-admin.css","\u002Fwp-content\u002Fplugins\u002Flink-to-wp-files\u002Fadmin\u002Fjs\u002Fpda-link-wp-file-admin.js",[],[219],"\u002Fwp-content\u002Fplugins\u002Flink-to-wp-files\u002Fadmin\u002Fjs\u002Flink-wp-file-mce-button.js",[221,222],"pda-link-to-wp-file-admin.css?ver=","pda-link-wp-file-admin.js?ver=",{"cssClasses":224,"htmlComments":225,"htmlAttributes":226,"restEndpoints":227,"jsGlobals":228,"shortcodeOutput":229},[],[],[],[],[],[]]