[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fAVaUEe-mSB4T7yAFDkJnD7wOL-eq5bvYu7HVOt0zGwY":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":62,"crawl_stats":38,"alternatives":70,"analysis":176,"fingerprints":214},"m1downloadlist","m1.DownloadList","0.24","maennchen1.de","https:\u002F\u002Fprofiles.wordpress.org\u002Fmaennchen1de\u002F","\u003Cp>This plugin easily displays the folders and files from a selected directory. It can be placed by shortcode with the parameters path and target in any post. Uploads must be done by a separate ftp program. No managing options.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>compatible up to PHP 8.3.20\u003C\u002Fli>\n\u003Cli>need PHP extension \u003Ca href=\"http:\u002F\u002Fphp.net\u002Fmb_string\" rel=\"nofollow ugc\">mb_string\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>available optional shortcode parameters\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>path = directory path, starting by web root (default: wp-content\u002Fuploads\u002F)\u003C\u002Fli>\n\u003Cli>target = browser window name\u003C\u002Fli>\n\u003Cli>sort = by name ASC\u002FDESC (default: ASC)\u003C\u002Fli>\n\u003Cli>sort-order = filename\u002Ffiletype\u002Fftime\u002Ffiletime\u002Ffoldertime (default: filename)\u003C\u002Fli>\n\u003Cli>label = custom top level label\u003C\u002Fli>\n\u003Cli>nosize = displays no file size\u003C\u002Fli>\n\u003Cli>hidedirs = displays no folders, only files\u003C\u002Fli>\n\u003Cli>filetype = (comma separated list) filter files by their extension\u003C\u002Fli>\n\u003Cli>hidefiletype = (comma separated list) hide files with filetype\u003C\u002Fli>\n\u003Cli>hidefilename = (comma separated list) hide named files and folders\u003C\u002Fli>\n\u003Cli>noext = hide the file extensions\u003C\u002Fli>\n\u003Cli>nobreadcrumb = hide breadcrumb \u002F title\u003C\u002Fli>\n\u003Cli>ftime = display file and folder modification date and time (standard = “1” or use date formatting like “Y-m-d H:i”), see \u003Ca href=\"http:\u002F\u002Fphp.net\u002Fdate\" rel=\"nofollow ugc\">PHP date formatting\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>filetime = same as ftime, just for files\u003C\u002Fli>\n\u003Cli>foldertime = same as ftime, just for folders\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>(most of it can be combined together)\u003C\u002Fp>\n\u003Ch4>shortcode examples\u003C\u002Fh4>\n\u003Col>\n\u003Cli>displays content of \u003Ccode>wp-content\u002Fuploads\u002F\u003C\u002Fcode>: \u003Ccode>[m1dll]\u003C\u002Fcode> \u003C\u002Fli>\n\u003Cli>displays content of \u003Ccode>your\u002Ffoldername\u002Fhere\u002F\u003C\u002Fcode>: \u003Ccode>[m1dll path=\"your\u002Ffoldername\u002Fhere\u002F\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>displays content of \u003Ccode>your\u002Ffoldername\u002Fhere\u002F\u003C\u002Fcode> and sort descending: \u003Ccode>[m1dll path=\"your\u002Ffoldername\u002Fhere\u002F\" sort=\"DESC\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>displays content of \u003Ccode>your\u002Ffoldername\u002Fhere\u002F\u003C\u002Fcode>, open files in a new window: \u003Ccode>[m1dll path=\"your\u002Ffoldername\u002Fhere\u002F\" target=\"_blank\"]\u003C\u002Fcode> \u003C\u002Fli>\n\u003Cli>displays content of \u003Ccode>your\u002Ffoldername\u002Fhere\u002F\u003C\u002Fcode>, change label ‘downloads’ to ‘our downloads’: \u003Ccode>[m1dll path=\"your\u002Ffoldername\u002Fhere\u002F\" label=\"our downloads\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>displays content of \u003Ccode>wp-content\u002Fuploads\u002F\u003C\u002Fcode>, displays no file size: \u003Ccode>[m1dll nosize=\"1\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>displays content of \u003Ccode>wp-content\u002Fuploads\u002F\u003C\u002Fcode>, displays no folders: \u003Ccode>[m1dll hidedirs=\"1\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>displays content of \u003Ccode>wp-content\u002Fuploads\u002F\u003C\u002Fcode>, displays only pdf- and docx-documents: \u003Ccode>[m1dll filetype=\"pdf,docx\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>displays content of \u003Ccode>wp-content\u002Fuploads\u002F\u003C\u002Fcode>, do not display pdf- and docx-documents: \u003Ccode>[m1dll hidefiletype=\"pdf,docx\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>displays content of \u003Ccode>wp-content\u002Fuploads\u002F\u003C\u002Fcode>, do not display file secret.txt and secret.docx: \u003Ccode>[m1dll hidefilename=\"secret.txt,secret.docx\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>displays content of \u003Ccode>wp-content\u002Fuploads\u002F\u003C\u002Fcode>, displays no file extensions: \u003Ccode>[m1dll noext=\"1\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>displays content of \u003Ccode>wp-content\u002Fuploads\u002F\u003C\u002Fcode>, displays no breadcrumb: \u003Ccode>[m1dll nobreadcrumb=\"1\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>displays content of \u003Ccode>wp-content\u002Fuploads\u002F\u003C\u002Fcode>, with file and folder time with own format \u003Ccode>[m1dll ftime=\"Y-m-d, H:i\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>displays content of \u003Ccode>wp-content\u002Fuploads\u002F\u003C\u002Fcode>, with file and folder date and time (standard from WordPress) \u003Ccode>[m1dll ftime=\"1\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>displays content of \u003Ccode>wp-content\u002Fuploads\u002F\u003C\u002Fcode>, with file and folder self formated date \u003Ccode>[m1dll ftime=\"Y-m-d\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>displays content of \u003Ccode>wp-content\u002Fuploads\u002F\u003C\u002Fcode>, with file date and time (standard from WordPress) \u003Ccode>[m1dll filetime=\"1\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>displays content of \u003Ccode>wp-content\u002Fuploads\u002F\u003C\u002Fcode>, with folder date and time (standard from WordPress) \u003Ccode>[m1dll foldertime=\"1\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Fol>\n","This plugin easily displays the folders and files from a selected directory. It can be placed by shortcode in any post.",400,17902,94,21,"2025-11-25T14:32:00.000Z","6.8.5","4.0","",[20,21,22,23,24],"attachment","downloads","file","filemanager","files","http:\u002F\u002Fmaennchen1.de","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fm1downloadlist.0.24.zip",77,2,1,"2025-04-04 00:00:00","2026-03-15T15:16:48.613Z",[33,47],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":38,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":30,"updated_date":44,"references":45,"days_to_patch":38},"CVE-2025-32164","m1downloadlist-authenticated-contributor-sensitive-information-disclosure","m1.DownloadList \u003C= 0.23 - Authenticated (Contributor+) Sensitive Information Disclosure","The m1.DownloadList plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 0.23. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive user or configuration data.",null,"\u003C=0.23","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:L\u002FI:N\u002FA:N","Exposure of Sensitive Information to an Unauthorized Actor","2025-05-05 18:41:45",[46],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fa84aa4fd-9df2-43c7-aa2c-28d41623b6dd?source=api-prod",{"id":48,"url_slug":49,"title":50,"description":51,"plugin_slug":4,"theme_slug":38,"affected_versions":52,"patched_in_version":53,"severity":40,"cvss_score":54,"cvss_vector":55,"vuln_type":56,"published_date":57,"updated_date":58,"references":59,"days_to_patch":61},"CVE-2025-26895","m1downloadlist-authenticated-contributor-stored-cross-site-scripting","m1.DownloadList \u003C= 0.19 - Authenticated (Contributor+) Stored Cross-Site Scripting","The m1.DownloadList plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 0.19 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","\u003C=0.19","0.20",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-03-03 00:00:00","2025-03-10 14:36:38",[60],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fff7f92ec-0412-414f-9afe-e1ba4fa0dbae?source=api-prod",8,{"slug":63,"display_name":7,"profile_url":8,"plugin_count":64,"total_installs":65,"avg_security_score":66,"avg_patch_time_days":67,"trust_score":68,"computed_at":69},"maennchen1de",5,1500,90,68,81,"2026-04-04T14:43:18.116Z",[71,91,114,135,154],{"slug":72,"name":73,"version":74,"author":75,"author_profile":76,"description":77,"short_description":78,"active_installs":79,"downloaded":80,"rating":79,"num_ratings":79,"last_updated":81,"tested_up_to":82,"requires_at_least":83,"requires_php":18,"tags":84,"homepage":88,"download_link":89,"security_score":90,"vuln_count":79,"unpatched_count":79,"last_vuln_date":38,"fetched_at":31},"z-authorized-downloads","Zodan Authorized Downloads","1.2.7","martenmoolenaar","https:\u002F\u002Fprofiles.wordpress.org\u002Fmartenmoolenaar\u002F","\u003Cp>This plugin allows site admins to protect specific attachment file types (e.g. Pdf, Doc(x)) from direct access. Instead, the files are served through WordPress, allowing you to check if a user is logged in or has the required permissions before granting access.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Adds a checkbox to media attachments to mark them as “Authorized only”.\u003Cbr \u002F>\n* Creates an internal page and rewrite rules to intercept requests to protected file types.\u003Cbr \u002F>\n* Checks user login status (or other custom logic you add) before serving files.\u003Cbr \u002F>\n* Provides a settings page to specify which file types should be protected.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is licensed under GPLv2 or later.\u003C\u002Fp>\n","Protect documents from unauthorized download.",0,508,"2026-01-08T15:59:00.000Z","6.9.4","5.5",[85,86,21,24,87],"attachments","authorization","protected-downloads","https:\u002F\u002Fplugins.zodan.nl\u002Fwordpress-authorized-downloads","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fz-authorized-downloads.1.2.7.zip",100,{"slug":92,"name":93,"version":94,"author":95,"author_profile":96,"description":97,"short_description":98,"active_installs":99,"downloaded":100,"rating":101,"num_ratings":102,"last_updated":103,"tested_up_to":104,"requires_at_least":83,"requires_php":105,"tags":106,"homepage":110,"download_link":111,"security_score":112,"vuln_count":29,"unpatched_count":79,"last_vuln_date":113,"fetched_at":31},"file-upload-types","File Upload Types by WPForms","1.5.0","Jared Atchison","https:\u002F\u002Fprofiles.wordpress.org\u002Fjaredatch\u002F","\u003Ch3>WordPress File Upload Types Plugin\u003C\u002Fh3>\n\u003Cp>Do you want to let your WordPress website accept uploads from your users for more file types and to freely upload files? We created the File Upload Types plugin to make it simple for anyone to easily add support for any file types with any extension or MIME type.\u003C\u002Fp>\n\u003Ch4>How WordPress File Uploads Work\u003C\u002Fh4>\n\u003Cp>By default, WordPress only allows \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FUploading_Files#About_Uploading_Files_on_Dashboard\" rel=\"nofollow ugc\">certain file types\u003C\u002Fa> to be uploaded to your website’s media library.\u003C\u002Fp>\n\u003Cp>If someone tries to upload a file type outside of these whitelisted WordPress file extensions, this can be the cause of the \u003Ca href=\"https:\u002F\u002Fwww.wpbeginner.com\u002Fcommon-wordpress-errors-and-how-to-fix-them\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=fileuploadtyes&utm_content=readme\" title=\"common WordPress error\" rel=\"friend nofollow ugc\">common WordPress error\u003C\u002Fa> \u003Ccode>Sorry, this file type is not permitted for security reasons\u003C\u002Fcode> message.\u003C\u002Fp>\n\u003Cp>It can be frustrating if you’ve \u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Fhow-to-create-a-file-upload-form-in-wordpress\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=fileuploadtypes&utm_content=readme\" rel=\"friend\" title=\"\ncreated a file upload form\">created a file upload form\u003C\u002Fa> in WordPress but the file type you want to accept is a file extension that’s not allowed.\u003C\u002Fp>\n\u003Cp>This plugin lets your website upload more file types beyond the limited file extension types that WordPress allows by default.\u003C\u002Fp>\n\u003Ch4>How does the File Upload Types plugin work?\u003C\u002Fh4>\n\u003Cp>The File Upload Types plugin works by letting you adjust the internal file whitelist, letting you manually control which types of file extensions your WordPress website can upload.\u003C\u002Fp>\n\u003Cp>This way, you can accept any file type through your website and\u002For any contact form plugin like \u003Ca href=\"https:\u002F\u002Fwww.wpforms.com\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=fileuploadtypes&utm_content=readme\" title=\"WPForms\" rel=\"friend nofollow ugc\">WPForms\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>What file types can I upload to WordPress with this plugin?\u003C\u002Fh4>\n\u003Cp>The File Upload Types plugin lets you allow uploads of any file extension, including custom file types.\u003C\u002Fp>\n\u003Cp>Some common file extension types this plugin lets you add that WordPress doesn’t support natively include:\u003C\u002Fp>\n\u003Cp>.ai\u003Cbr \u002F>\n.zip\u003Cbr \u002F>\n.xml\u003Cbr \u002F>\n.svg\u003Cbr \u002F>\n.csv\u003Cbr \u002F>\n.mobi\u003Cbr \u002F>\n.cad\u003Cbr \u002F>\n.dwg\u003Cbr \u002F>\n.dxf\u003C\u002Fp>\n\u003Cp>…and any other file extensions that exist, including custom file types.\u003C\u002Fp>\n\u003Cp>We hope that you find the File Upload Types plugin helpful!\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>This plugin was created by the team behind \u003Ca href=\"https:\u002F\u002Fwpforms.com\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=fileuploadtyes&utm_content=readme\" rel=\"friend nofollow ugc\">WPForms\u003C\u002Fa> – the best drag & drop form builder for WordPress.\u003C\u002Fp>\n\u003Ch3>What’s Next\u003C\u002Fh3>\n\u003Cp>If you like this plugin, then consider checking out our other projects:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=fileuploadtyes&utm_content=readme\" title=\"OptinMonster\" rel=\"friend nofollow ugc\">WPForms\u003C\u002Fa> – The best WordPress Contact Form Plugin.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Foptinmonster.com\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=fileuploadtyes&utm_content=readme\" title=\"OptinMonster\" rel=\"friend nofollow ugc\">OptinMonster\u003C\u002Fa> – Get more email subscribers with the most popular conversion optimization plugin for WordPress.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.monsterinsights.com\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=fileuploadtyes&utm_content=readme\" title=\"MonsterInsights\" rel=\"friend nofollow ugc\">MonsterInsights\u003C\u002Fa> – See the stats that matter and grow your business with confidence. Best Google Analytics plugin for WordPress.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.seedprod.com\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=fileuploadtyes&utm_content=readme\" title=\"SeedProd\" rel=\"friend nofollow ugc\">SeedProd\u003C\u002Fa> – Jumpstart your website with the #1 Coming Soon & Maintenance Mode plugin for WordPress.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpmailsmtp.com\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=fileuploadtyes&utm_content=readme\" rel=\"nofollow ugc\">WP Mail SMTP\u003C\u002Fa> – Improve email deliverability for your contact form with the most popular SMTP plugin for WordPress.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Frafflepress.com\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=fileuploadtyes&utm_content=readme\" rel=\"nofollow ugc\">RafflePress\u003C\u002Fa> – The Best WordPress giveaway and contest plugin.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Visit \u003Ca href=\"http:\u002F\u002Fwww.wpbeginner.com\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=fileuploadtyes&utm_content=readme\" title=\"WPBeginner\" rel=\"friend nofollow ugc\">WPBeginner\u003C\u002Fa> to learn from our \u003Ca href=\"http:\u002F\u002Fwww.wpbeginner.com\u002Fcategory\u002Fwp-tutorials\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=fileuploadtyes&utm_content=readme\" title=\"WordPress Tutorials\" rel=\"friend nofollow ugc\">WordPress tutorials\u003C\u002Fa> and find out about other \u003Ca href=\"http:\u002F\u002Fwww.wpbeginner.com\u002Fcategory\u002Fplugins\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=fileuploadtyes&utm_content=readme\" title=\"Best WordPress plugins\" rel=\"friend nofollow ugc\">best WordPress plugins\u003C\u002Fa>.\u003C\u002Fp>\n","Easily allow WordPress to accept and upload any file type extension or MIME type, including custom file types.",30000,242227,80,20,"2024-10-23T14:00:00.000Z","6.6.5","7.0",[85,107,24,108,109],"file-upload","mime","upload","https:\u002F\u002Fwpforms.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffile-upload-types.1.5.0.zip",91,"2024-10-24 20:07:47",{"slug":115,"name":116,"version":117,"author":118,"author_profile":119,"description":120,"short_description":121,"active_installs":122,"downloaded":123,"rating":66,"num_ratings":124,"last_updated":125,"tested_up_to":16,"requires_at_least":126,"requires_php":127,"tags":128,"homepage":130,"download_link":131,"security_score":132,"vuln_count":133,"unpatched_count":79,"last_vuln_date":134,"fetched_at":31},"download-attachments","Download Attachments","1.3.2","dFactory","https:\u002F\u002Fprofiles.wordpress.org\u002Fdfactory\u002F","\u003Cp>\u003Ca href=\"http:\u002F\u002Fwww.dfactory.co\u002Fproducts\u002Fdownload-attachments\u002F\" rel=\"nofollow ugc\">Download Attachments\u003C\u002Fa> is a new approach to managing downloads in WordPress. Instead of bloated interface it enables simple, drag & drop and AJAX driven metabox where you can insert and manage your Media Library files and automatically or manually display them after, before or inside posts content.\u003C\u002Fp>\n\u003Cp>For more information, check out plugin page at \u003Ca href=\"http:\u002F\u002Fwww.dfactory.co\u002F\" rel=\"nofollow ugc\">dFactory\u003C\u002Fa> site.\u003C\u002Fp>\n\u003Ch4>Features include:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Automatic or manual download links display\u003C\u002Fli>\n\u003Cli>Select post types where Download Attachments should be used\u003C\u002Fli>\n\u003Cli>Select list, table or sortable, dynamic table display style\u003C\u002Fli>\n\u003Cli>Downloads count\u003C\u002Fli>\n\u003Cli>Advanced attachments sorting\u003C\u002Fli>\n\u003Cli>Most Downloaded Attachments widget\u003C\u002Fli>\n\u003Cli>Drag & drop files ordering\u003C\u002Fli>\n\u003Cli>Based on Media Library attachments\u003C\u002Fli>\n\u003Cli>Easy customisation of Frontend & Backend display\u003C\u002Fli>\n\u003Cli>Pretty URLs for download links\u003C\u002Fli>\n\u003Cli>Encrypt URLs by default\u003C\u002Fli>\n\u003Cli>Customizable tamplates engine\u003C\u002Fli>\n\u003Cli>Custom download slug\u003C\u002Fli>\n\u003Cli>Custom permission for metabox display\u003C\u002Fli>\n\u003Cli>Option to exclude selected attachments from display\u003C\u002Fli>\n\u003Cli>Option to select from all Media Library files or only those attached to a post\u003C\u002Fli>\n\u003Cli>2 shortcodes\u003C\u002Fli>\n\u003Cli>5 functions and multiple filter hooks for developers\u003C\u002Fli>\n\u003Cli>Option to use attachment caption and\u002For description for download links description\u003C\u002Fli>\n\u003Cli>Compatible with WPML & Polylang\u003C\u002Fli>\n\u003Cli>.pot file for translations included\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Get involved\u003C\u002Fh4>\n\u003Cp>Feel free to contribute to the source code on the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fdfactoryplugins\" rel=\"nofollow ugc\">dFactory GitHub Repository\u003C\u002Fa>.\u003C\u002Fp>\n","Download Attachments is a new approach to managing downloads in WordPress. It allows you to easily add and display download links in any post or page.",9000,214951,46,"2025-11-15T13:33:00.000Z","6.0","7.0.0",[20,85,129,22,24],"download","http:\u002F\u002Fwww.dfactory.co\u002Fproducts\u002Fdownload-attachments\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdownload-attachments.1.3.2.zip",97,3,"2025-06-19 00:00:00",{"slug":136,"name":137,"version":138,"author":139,"author_profile":140,"description":141,"short_description":142,"active_installs":143,"downloaded":144,"rating":101,"num_ratings":145,"last_updated":146,"tested_up_to":82,"requires_at_least":17,"requires_php":18,"tags":147,"homepage":149,"download_link":150,"security_score":151,"vuln_count":152,"unpatched_count":79,"last_vuln_date":153,"fetched_at":31},"wp-downloadmanager","WP-DownloadManager","1.69.1","Lester Chan","https:\u002F\u002Fprofiles.wordpress.org\u002Fgamerz\u002F","\u003Ch3>General Usage\u003C\u002Fh3>\n\u003Col>\n\u003Cli>You Need To Re-Generate The Permalink \u003Ccode>WP-Admin -> Settings -> Permalinks -> Save Changes\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>To embed a specific file to be downloaded into a post\u002Fpage, use \u003Ccode>[download id=\"2\"]\u003C\u002Fcode> where 2 is your file id.\u003C\u002Fli>\n\u003Cli>To embed multiple files to be downloaded into a post\u002Fpage, use \u003Ccode>[download id=\"1,2,3\"]\u003C\u002Fcode> where 1,2,3 are your file ids.\u003C\u002Fli>\n\u003Cli>To limit the number of embedded downloads shown for each post in a post stream, use the \u003Ccode>stream_limit\u003C\u002Fcode> option.\n\u003Col>\n\u003Cli>Example: \u003Ccode>[download id=\"2\" stream_limit=\"4\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>This will only display the first 4 downloads for the post when rendered in a post stream, and display the full list of downloads when viewing the single post.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003C\u002Fli>\n\u003Cli>To sort embedded downloads, use the \u003Ccode>sort_by\u003C\u002Fcode> and \u003Ccode>sort_order\u003C\u002Fcode> options.\n\u003Col>\n\u003Cli>Example: \u003Ccode>[download id=\"2\" sort_by=\"file_id\" sort_order=\"asc\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>This will sort the embedded downloads by file ID in ascending order.\u003C\u002Fli>\n\u003Cli>Valid values for \u003Ccode>sort_by\u003C\u002Fcode> are: \u003Ccode>file_id\u003C\u002Fcode>, \u003Ccode>file\u003C\u002Fcode>, \u003Ccode>file_name\u003C\u002Fcode>, \u003Ccode>file_size\u003C\u002Fcode>, \u003Ccode>file_date\u003C\u002Fcode>, and \u003Ccode>file_hits\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Fol>\n\u003C\u002Fli>\n\u003Cli>To choose what to display within the embedded file, use \u003Ccode>[download id=\"1\" display=\"both\"]\u003C\u002Fcode> where 1 is your file id and both will display both the file name and file desccription, whereas name will only display the filename. Note that this will overwrite the “Download Embedded File” template you have in your Download Templates.\u003C\u002Fli>\n\u003Cli>To embed files as well as categories, use \u003Ccode>[download id=\"1,2,3\" category=\"4,5,6\"]\u003C\u002Fcode> where 1,2,3 are your file id and 4,5,6 are your category ids.\u003C\u002Fli>\n\u003Cli>If you are using Default Permalinks, the file direct download link will be \u003Ccode>http:\u002F\u002Fyoursite.com\u002Findex.php?dl_id=2\u003C\u002Fcode>. If you are using Nice Permalinks, the file direct download link will be \u003Ccode>http:\u002F\u002Fyoursite.com\u002Fdownload\u002F2\u002F\u003C\u002Fcode>, where yoursite.com is your WordPress URL and 2 is your file id.\u003C\u002Fli>\n\u003Cli>The direct download category link will be \u003Ccode>http:\u002F\u002Fyoursite.com\u002Fdownloads\u002F?dl_cat=3\u003C\u002Fcode>, where yoursite.com is your WordPress URL, downloads is your Downloads Page name and 3 is your download category id.\u003C\u002Fli>\n\u003Cli>In order to upload the files straight to the downloads folder, the folder must be first CHMOD to 777. You can specify which folder to be the downloads folder in Download Options.\u003C\u002Fli>\n\u003Cli>You can configure the Download Options in \u003Ccode>WP-Admin -> Downloads -> Download Options\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>You can configure the Download Templates in \u003Ccode>WP-Admin -> Downloads -> Download Templates\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Downloads Page\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Go to \u003Ccode>WP-Admin -> Pages -> Add New\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Type any title you like in the post’s title area\u003C\u002Fli>\n\u003Cli>If you \u003Ccode>ARE\u003C\u002Fcode> using nice permalinks, after typing the title, WordPress will generate the permalink to the page. You will see an ‘Edit’ link just beside the permalink.\u003C\u002Fli>\n\u003Cli>Click ‘Edit’ and type in \u003Ccode>downloads\u003C\u002Fcode> in the text field and click ‘Save’.\u003C\u002Fli>\n\u003Cli>Type \u003Ccode>[page_download]\u003C\u002Fcode> in the post’s content area.\u003C\u002Fli>\n\u003Cli>You can also use \u003Ccode>[page_download category=\"1\"]\u003C\u002Fcode>, this will display all downloads in Category ID 1.\u003C\u002Fli>\n\u003Cli>Click ‘Publish’\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Download Stats (With Widgets)\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Go to \u003Ccode>WP-Admin -> Appearance -> Widgets\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>The widget name is \u003Ccode>Downloads\u003C\u002Fcode>.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Development\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Flesterchan\u002Fwp-downloadmanager\" title=\"https:\u002F\u002Fgithub.com\u002Flesterchan\u002Fwp-downloadmanager\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002Flesterchan\u002Fwp-downloadmanager\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Translations\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fdev.wp-plugins.org\u002Fbrowser\u002Fwp-downloadmanager\u002Fi18n\u002F\" title=\"http:\u002F\u002Fdev.wp-plugins.org\u002Fbrowser\u002Fwp-downloadmanager\u002Fi18n\u002F\" rel=\"nofollow ugc\">http:\u002F\u002Fdev.wp-plugins.org\u002Fbrowser\u002Fwp-downloadmanager\u002Fi18n\u002F\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Plugin icon by \u003Ca href=\"http:\u002F\u002Fwww.freepik.com\" rel=\"nofollow ugc\">Freepik\u003C\u002Fa> from \u003Ca href=\"http:\u002F\u002Fwww.flaticon.com\" rel=\"nofollow ugc\">Flaticon\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Icons courtesy of \u003Ca href=\"http:\u002F\u002Fwww.famfamfam.com\u002F\" title=\"FamFamFam\" rel=\"nofollow ugc\">FamFamFam\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Download Icon by \u003Ca href=\"http:\u002F\u002Fwww.imvain.com\u002F\"\" title=\"Ryan Zimmerman\" rel=\"nofollow ugc\">Ryan Zimmerman\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Donations\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>I spent most of my free time creating, updating, maintaining and supporting these plugins, if you really love my plugins and could spare me a couple of bucks, I will really appreciate it. If not feel free to use it without any obligations.\u003C\u002Fli>\n\u003C\u002Ful>\n","Adds a simple download manager to your WordPress blog.",3000,308742,37,"2026-02-13T01:54:00.000Z",[129,21,22,24,148],"manager","https:\u002F\u002Flesterchan.net\u002Fportfolio\u002Fprogramming\u002Fphp\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-downloadmanager.1.69.1.zip",89,10,"2026-02-17 21:55:19",{"slug":155,"name":156,"version":157,"author":158,"author_profile":159,"description":160,"short_description":161,"active_installs":162,"downloaded":163,"rating":164,"num_ratings":165,"last_updated":166,"tested_up_to":167,"requires_at_least":168,"requires_php":169,"tags":170,"homepage":18,"download_link":174,"security_score":175,"vuln_count":79,"unpatched_count":79,"last_vuln_date":38,"fetched_at":31},"hotlink-file-prevention","Hotlink File Prevention","2.0.0","swinggraphics","https:\u002F\u002Fprofiles.wordpress.org\u002Fswinggraphics\u002F","\u003Cp>Hotlink File Prevention (HFP) offers simple hotlink protection that can be turned on\u002Foff for individual files in the WordPress media library.\u003C\u002Fp>\n\u003Cp>“Hotlinking” is when a file, such as an image or PDF, is linked to from another website or entered manually in a web browser’s location bar. HFP only allows your file to be viewed on your website.\u003C\u002Fp>\n\u003Cp>Hotlink protection is provided via \u003Ccode>.htaccess\u003C\u002Fcode> rules in the \u003Ccode>wp-content\u002Fuploads\u003C\u002Fcode> directory.\u003C\u002Fp>\n\u003Ch3>Basic Usage\u003C\u002Fh3>\n\u003Cp>Once the HFP plugin is activated, you will have two new features in the media library:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Within the Screen Options tab (list view only), check box for the “Hotlink Prevention” column.\u003C\u002Fli>\n\u003Cli>To protect a file, edit the file and scroll down to the checkbox labelled “Hotlink Protection”.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Any asset that is checked will have “Yes” displayed in the “Hotlink Prevention” column; otherwise, this column will be blank.\u003C\u002Fp>\n\u003Ch4>Note about “Open in new tab” option\u003C\u002Fh4>\n\u003Cp>When you use the “Open in new tab” option for links, WordPress adds \u003Ccode>rel=\"noreferrer\"\u003C\u002Fcode>, which effectively makes the link act like direct access, and the link will be blocked for files protected using HFP.\u003C\u002Fp>\n","Simple hotlink protection for individual files in the media library.",700,7815,98,7,"2024-04-15T22:00:00.000Z","6.5.8","4.6","5.6",[171,85,24,172,173],"admin","hotlink","images","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhotlink-file-prevention.2.0.0.zip",92,{"attackSurface":177,"codeSignals":193,"taintFlows":201,"riskAssessment":202,"analyzedAt":213},{"hooks":178,"ajaxHandlers":185,"restRoutes":186,"shortcodes":187,"cronEvents":192,"entryPointCount":29,"unprotectedCount":79},[179],{"type":180,"name":181,"callback":182,"file":183,"line":184},"action","wp_enqueue_scripts","m1dll_css","index.php",365,[],[],[188],{"tag":189,"callback":190,"file":183,"line":191},"m1dll","m1dll_shortcode",366,[],{"dangerousFunctions":194,"sqlUsage":195,"outputEscaping":197,"fileOperations":79,"externalRequests":79,"nonceChecks":79,"capabilityChecks":79,"bundledLibraries":200},[],{"prepared":79,"raw":79,"locations":196},[],{"escaped":198,"rawEcho":79,"locations":199},11,[],[],[],{"summary":203,"deductions":204},"The m1downloadlist plugin v0.24 exhibits a mixed security posture.  On the positive side, the static analysis reveals strong coding practices in several key areas.  All identified SQL queries utilize prepared statements, and all output operations are properly escaped, mitigating common injection and cross-site scripting risks.  Furthermore, there are no detected dangerous functions, file operations, or external HTTP requests, and the attack surface is small with no apparent unprotected entry points like unauthenticated AJAX handlers or REST API routes.  However, the plugin's vulnerability history is a significant concern.  With two known CVEs, one of which remains unpatched, and both classified as medium severity, this indicates a pattern of past security weaknesses. The historical vulnerability types, Exposure of Sensitive Information and Cross-site Scripting, are particularly concerning, even if currently addressed by static analysis. The lack of nonce checks and capability checks on the single shortcode is a potential area for exploitation if the shortcode handles user-supplied input, which could lead to privilege escalation or unauthorized actions, especially given the historical XSS vulnerabilities. The absence of taint analysis results (0 flows analyzed) is also noteworthy, suggesting either a lack of complex data processing or an incomplete analysis, which could mask underlying issues.",[205,207,209,211],{"reason":206,"points":102},"Unpatched CVEs",{"reason":208,"points":165},"Missing nonce checks on shortcode",{"reason":210,"points":165},"Missing capability checks on shortcode",{"reason":212,"points":64},"No taint analysis performed","2026-03-16T19:47:25.696Z",{"wat":215,"direct":239},{"assetPaths":216,"generatorPatterns":236,"scriptPaths":237,"versionParams":238},[217,218,219,220,221,222,223,224,225,226,227,228,229,230,231,232,233,234,235],"\u002Fwp-content\u002Fplugins\u002Fm1downloadlist\u002Ficons\u002Fcfile.gif","\u002Fwp-content\u002Fplugins\u002Fm1downloadlist\u002Ficons\u002Fcppfile.gif","\u002Fwp-content\u002Fplugins\u002Fm1downloadlist\u002Ficons\u002Fdocfile.gif","\u002Fwp-content\u002Fplugins\u002Fm1downloadlist\u002Ficons\u002Fexefile.gif","\u002Fwp-content\u002Fplugins\u002Fm1downloadlist\u002Ficons\u002Ffile.gif","\u002Fwp-content\u002Fplugins\u002Fm1downloadlist\u002Ficons\u002Ffolder.gif","\u002Fwp-content\u002Fplugins\u002Fm1downloadlist\u002Ficons\u002Fhfile.gif","\u002Fwp-content\u002Fplugins\u002Fm1downloadlist\u002Ficons\u002Fhtmfile.gif","\u002Fwp-content\u002Fplugins\u002Fm1downloadlist\u002Ficons\u002Fimgfile.gif","\u002Fwp-content\u002Fplugins\u002Fm1downloadlist\u002Ficons\u002Fjsfile.gif","\u002Fwp-content\u002Fplugins\u002Fm1downloadlist\u002Ficons\u002Fmfile.gif","\u002Fwp-content\u002Fplugins\u002Fm1downloadlist\u002Ficons\u002Fmpgfile.gif","\u002Fwp-content\u002Fplugins\u002Fm1downloadlist\u002Ficons\u002Fpdffile.gif","\u002Fwp-content\u002Fplugins\u002Fm1downloadlist\u002Ficons\u002Fpptfile.gif","\u002Fwp-content\u002Fplugins\u002Fm1downloadlist\u002Ficons\u002Frarfile.gif","\u002Fwp-content\u002Fplugins\u002Fm1downloadlist\u002Ficons\u002Fswffile.gif","\u002Fwp-content\u002Fplugins\u002Fm1downloadlist\u002Ficons\u002Ftxtfile.gif","\u002Fwp-content\u002Fplugins\u002Fm1downloadlist\u002Ficons\u002Fxlsfile.gif","\u002Fwp-content\u002Fplugins\u002Fm1downloadlist\u002Ficons\u002Fzipfile.gif",[],[],[],{"cssClasses":240,"htmlComments":243,"htmlAttributes":244,"restEndpoints":246,"jsGlobals":247,"shortcodeOutput":248},[241,242],"m1dll_subdirpath","m1dll_filelist",[],[245],"data-m1dll-index",[],[],[249,250,251],"\u003Cp class=\"m1dll_subdirpath\">\u003Cstrong>path:\u003C\u002Fstrong> \u003Ca href=\"","\u003Cstrong>downloads\u003C\u002Fstrong>","\u002F\u003Ca href=\""]