[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fMbjoW8fpRTyHYsSnlwXwWGtNUoLaXV28_uH9X9qo-7M":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":34,"analysis":133,"fingerprints":184},"media-file-limiter","Media File Limiter","1.0","teamredfox","https:\u002F\u002Fprofiles.wordpress.org\u002Fteamredfox\u002F","\u003Cp>Media File Limiter is a lightweight and efficient plugin designed to strengthen your WordPress upload security.\u003C\u002Fp>\n\u003Cp>It limits the maximum upload file size (in MB) and blocks specific dangerous file extensions (e.g., .exe, .php, .html, .js), preventing malicious or oversized files from being uploaded to your media library.\u003C\u002Fp>\n\u003Cp>Unlike traditional file validation, this plugin operates at the earliest possible stage of the upload process via the wp_handle_upload_prefilter hook, ensuring that dangerous files are blocked before WordPress processes them.\u003C\u002Fp>\n\u003Cp>Key Features\u003Cbr \u002F>\nSet a custom maximum upload size (in MB).\u003C\u002Fp>\n\u003Cp>Define forbidden file extensions (comma-separated).\u003C\u002Fp>\n\u003Cp>Displays current PHP\u002FWordPress upload limits for reference.\u003C\u002Fp>\n\u003Cp>Early-stage security enforcement — before files reach media processing.\u003C\u002Fp>\n\u003Cp>Fully translatable and internationalized (media-file-limiter text domain).\u003C\u002Fp>\n\u003Cp>Compatible with multisite environments.\u003C\u002Fp>\n\u003Cp>Why This Plugin?\u003Cbr \u002F>\nWordPress allows large files and executable extensions under certain misconfigurations, which can lead to:\u003C\u002Fp>\n\u003Cp>Server performance degradation.\u003C\u002Fp>\n\u003Cp>Potential remote code execution (RCE) risks.\u003C\u002Fp>\n\u003Cp>Media library clutter and upload errors.\u003C\u002Fp>\n\u003Cp>Media File Limiter addresses these issues with a simple, configurable interface under the WordPress “Settings \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Media Limit” page.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is free software: you can redistribute it and\u002For modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or any later version.\u003C\u002Fp>\n\u003Cp>This plugin is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.\u003C\u002Fp>\n\u003Ch3>Additional Notes\u003C\u002Fh3>\n\u003Cp>The plugin follows WordPress Coding Standards (WPCS).\u003C\u002Fp>\n\u003Cp>All options use the Settings API (register_setting \u002F add_settings_field).\u003C\u002Fp>\n\u003Cp>Security first: early execution priority (wp_handle_upload_prefilter, priority 1).\u003C\u002Fp>\n\u003Cp>Uninstall hook (register_uninstall_hook) ensures full cleanup.\u003C\u002Fp>\n","Restrict maximum upload file size and block dangerous extensions at upload time. Ensures early-stage validation for enhanced WordPress media security.",0,154,"2025-11-05T11:12:00.000Z","6.8.5","6.8","7.4",[18,19,20,21,22],"file-size","media","mime","security","upload","https:\u002F\u002Fp-fox.jp\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmedia-file-limiter.1.0.zip",100,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},2,30,94,"2026-04-05T00:18:07.848Z",[35,53,74,97,114],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":11,"downloaded":43,"rating":11,"num_ratings":11,"last_updated":44,"tested_up_to":45,"requires_at_least":46,"requires_php":47,"tags":48,"homepage":47,"download_link":52,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"simple-upload-weight-limit","Simple Upload Weight Limit","1.0.0","SimpleWPlugins","https:\u002F\u002Fprofiles.wordpress.org\u002Fsimplewplugins\u002F","\u003Cp>\u003Cstrong>Simple Upload Weight Limit\u003C\u002Fstrong> is a minimalist and essential utility for multi-author blogs, client websites, and community sites. It prevents users from exhausting hosting space and bandwidth by blocking the upload of unoptimized, oversized files.\u003C\u002Fp>\n\u003Cp>Unlike complex membership plugins, this tool focuses on one thing: keeping your Media Library clean and your server performance high.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Custom KB Limit:\u003C\u002Fstrong> Easily set your preferred limit (e.g., 500KB or 2048KB) via the settings page.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Role-Based Protection:\u003C\u002Fstrong> The restriction automatically excludes Administrators, ensuring you always have full control.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Smart Feedback:\u003C\u002Fstrong> Provides clear, translatable error messages to users when a file exceeds the limit.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Performance First:\u003C\u002Fstrong> No background processes or bloat. Only clean, secure PHP that runs only during the upload process.\u003C\u002Fli>\n\u003C\u002Ful>\n","Keep your server lean. Set a strict maximum file size for all user uploads except administrators.",88,"2026-02-04T06:56:00.000Z","6.9.4","5.8","",[18,49,50,21,51],"limit-upload","media-library","upload-size","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-upload-weight-limit.1.0.0.zip",{"slug":54,"name":55,"version":56,"author":57,"author_profile":58,"description":59,"short_description":60,"active_installs":61,"downloaded":62,"rating":63,"num_ratings":64,"last_updated":65,"tested_up_to":45,"requires_at_least":66,"requires_php":16,"tags":67,"homepage":70,"download_link":71,"security_score":32,"vuln_count":72,"unpatched_count":11,"last_vuln_date":73,"fetched_at":27},"safe-svg","Safe SVG","2.4.0","10up","https:\u002F\u002Fprofiles.wordpress.org\u002F10up\u002F","\u003Cp>Safe SVG is the best way to Allow SVG Uploads in WordPress!\u003C\u002Fp>\n\u003Cp>It gives you the ability to allow SVG uploads whilst making sure that they’re sanitized to stop SVG\u002FXML vulnerabilities affecting your site.  It also gives you the ability to preview your uploaded SVGs in the media library in all views.\u003C\u002Fp>\n\u003Ch4>Current Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Sanitised SVGs\u003C\u002Fstrong> – Don’t open up security holes in your WordPress site by allowing uploads of unsanitised files.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>SVGO Optimisation\u003C\u002Fstrong> – Runs your SVGs through the SVGO tool on upload to save you space. This feature is disabled by default but can be enabled by adding the following code: \u003Ccode>add_filter( 'safe_svg_optimizer_enabled', '__return_true' );\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>View SVGs in the Media Library\u003C\u002Fstrong> – Gone are the days of guessing which SVG is the correct one, we’ll enable SVG previews in the WordPress media library.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Choose Who Can Upload\u003C\u002Fstrong> – Restrict SVG uploads to certain users on your WordPress site or allow anyone to upload.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Initially a proof of concept for \u003Ca href=\"https:\u002F\u002Fcore.trac.wordpress.org\u002Fticket\u002F24251\" rel=\"nofollow ugc\">#24251\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>SVG Sanitization is done through the following library: \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fdarylldoyle\u002Fsvg-sanitizer\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002Fdarylldoyle\u002Fsvg-sanitizer\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>SVG Optimization is done through the following library: \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsvg\u002Fsvgo\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002Fsvg\u002Fsvgo\u003C\u002Fa>.\u003C\u002Fp>\n","Enable SVG uploads and sanitize them to stop XML\u002FSVG vulnerabilities in your WordPress website.",1000000,12729263,98,77,"2026-01-04T21:05:00.000Z","6.6",[19,20,21,68,69],"svg","vector","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsafe-svg\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsafe-svg.2.4.0.zip",6,"2024-10-17 00:00:00",{"slug":75,"name":76,"version":77,"author":78,"author_profile":79,"description":80,"short_description":81,"active_installs":82,"downloaded":83,"rating":63,"num_ratings":63,"last_updated":84,"tested_up_to":45,"requires_at_least":85,"requires_php":86,"tags":87,"homepage":93,"download_link":94,"security_score":95,"vuln_count":30,"unpatched_count":11,"last_vuln_date":96,"fetched_at":27},"wp-maximum-upload-file-size","EasyMedia – Increase Media Upload File Size | Role-Based Upload Limit | Increase Execution Time","3.0.4","CodePopular","https:\u002F\u002Fprofiles.wordpress.org\u002Fcodepopular\u002F","\u003Ch3>\u003Cstrong>Increases the upload file size limit to any value with one click\u003C\u002Fstrong>\u003C\u002Fh3>\n\u003Cp>The \u003Cstrong>EasyMedia\u003C\u002Fstrong> plugin automatically detects your WordPress and server upload limits, displaying them in a simple dashboard. Instantly increase your upload size and easily upload large files like backups, videos, or ZIP archives directly to your WordPress media library — even if your hosting restricts upload limits.\u003C\u002Fp>\n\u003Ch3>If you ever searched for:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>“Increase WordPress upload limit plugin”\u003C\u002Fli>\n\u003Cli>“Best plugin to upload large files”\u003C\u002Fli>\n\u003Cli>“Set upload quota for users or roles”\u003C\u002Fli>\n\u003Cli>“Restrict file types for authors”\u003C\u002Fli>\n\u003Cli>“Show upload logs in WordPress”\u003C\u002Fli>\n\u003Cli>“Media manager plugin with file stats”\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>✅ Then \u003Cstrong>EasyMedia\u003C\u002Fstrong> is the solution you need.\u003C\u002Fp>\n\u003Ch3>🧩 \u003Cstrong>Core Features (Free Version)\u003C\u002Fstrong>\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>🔼 Increase Upload File Size Limit\u003C\u002Fstrong>\u003Cbr \u002F>\nRaise your WordPress upload limit to any value without editing code or php.ini files. Upload big videos, ZIPs, and backups seamlessly.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>⏱️ Increase Maximum Execution Time\u003C\u002Fstrong>\u003Cbr \u002F>\nAvoid “Maximum Execution Time Exceeded” errors. Increase execution time to handle large file uploads smoothly.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>👥 Role-Based Upload Limits\u003C\u002Fstrong>\u003Cbr \u002F>\nSet custom upload size limits for different WordPress roles (Administrator, Editor, Author, etc.) to prevent storage overuse.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>💾 Memory Limit Set\u003C\u002Fstrong>\u003Cbr \u002F>\nLarge file uploads often fail due to low PHP memory limits. You can easily increase the memory limit from the plugin setting page.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>💽 System Status Dashboard\u003C\u002Fstrong>\u003Cbr \u002F>\nView your current PHP upload limit, max execution time, memory limit, and other important settings at a glance.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>🧰 Simple, Clean UI\u003C\u002Fstrong>\u003Cbr \u002F>\nAccess settings easily from your WP \u003Cstrong>Dashboard \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Media \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> EasyMedia\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Ch3>\u003Cstrong>Where to find the Option to Increase Upload Limit.\u003C\u002Fstrong>\u003C\u002Fh3>\n\u003Cp>After installing and activating the plugin, go to your dashboard and navigate to \u003Cstrong>Media > EasyMedia\u003C\u002Fstrong>. From there, you can easily adjust your upload limits and execution time settings.\u003C\u002Fp>\n\u003Ch3>\u003Cstrong>Increase Maximum Execution Time.\u003C\u002Fstrong>\u003C\u002Fh3>\n\u003Cp>Sometimes WordPress users can’t upload new files due to extended execution time limits. With this plugin, you can increase the execution time to avoid these issues. Simply set the execution time in the input field according to your needs.\u003C\u002Fp>\n\u003Ch3>\u003Cstrong>Plugin Renamed: MaxUploader is now EasyMedia\u003C\u002Fstrong>\u003C\u002Fh3>\n\u003Cp>We’ve rebranded MaxUploader to EasyMedia for a better, more user-friendly experience.\u003Cbr \u002F>\nDon’t worry — all your existing settings will remain intact. The plugin continues to provide the same core functionality, including increasing upload file size limits and execution time, with an improved interface and additional features.\u003C\u002Fp>\n\u003Cp>If you previously used MaxUploader, you can safely update to EasyMedia — it’s the same plugin, just with a new name and enhanced design.\u003C\u002Fp>\n\u003Ch3>💬 \u003Cstrong>Why EasyMedia?\u003C\u002Fstrong>\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>🖼️ Upload large files easily (no manual PHP editing)\u003C\u002Fli>\n\u003Cli>👥 Limit upload size by role or user\u003C\u002Fli>\n\u003Cli>🧩 Restrict specific file types\u003C\u002Fli>\n\u003Cli>⚡ Increase execution time in one click\u003C\u002Fli>\n\u003Cli>📊 Monitor uploads and media usage\u003C\u002Fli>\n\u003Cli>💪 Compatible with all hosting providers\u003C\u002Fli>\n\u003Cli>🔒 Improves security and accountability\u003C\u002Fli>\n\u003Cli>🧠 Recommended by developers for smart file management\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>\u003Cstrong>🚀 Upgrade to EasyMedia Pro for Advanced Features\u003C\u002Fstrong>\u003C\u002Fh3>\n\u003Cp>Take your media management to the next level with \u003Ca href=\"http:\u002F\u002Fcodepopular.com\u002Fproduct\u002Feasymedia\" rel=\"nofollow ugc\">EasyMedia Pro\u003C\u002Fa>!\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Pro Features Include:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>📊 Upload Logs & Tracking\u003C\u002Fstrong> – Monitor all file uploads with detailed logging, including user, file name, size, type, and timestamp. With the EasyMedia Pro Upload Logs module, you can see where each attachment is used across your site (posts, pages, or products).\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>👥 Set User Storage Disk Limit\u003C\u002Fstrong> – Set individual upload limits for specific users that override global settings. With this module, you can specially set the disk limit per individual user. This way we can handle over upload issue from the Editor and Author\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>📄 File Type Restriction\u003C\u002Fstrong> – The EasyMedia plugin sets user file type restriction. With this module, you can only allow specific types of files for the user. Sometimes, Editor or Author roles only need specific file types (like images), and ZIP or executable uploads can be disallowed for them. This feature makes that possible.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>🎭 Role-Based Restrictions\u003C\u002Fstrong> – Configure different upload limits based on WordPress user roles (Administrator, Editor, Author, etc.) This module can help to define the upload limit per role which WordPress by default does not come with\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>📁 Media Manager\u003C\u002Fstrong> – Display file sizes directly in media library columns and attachment details. This feature is acting as a File management plugin where you can manager your WordPress site all files and folders.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>📈 Upload Statistics Dashboard\u003C\u002Fstrong> – View comprehensive statistics including top uploads, recent uploads, and overall usage. You can see the graphical interface of your media library and the top uploader list.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>🔍 Advanced Reporting\u003C\u002Fstrong> – Export upload logs and generate detailed reports for analysis\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>⚡ Auto-Install Dependency\u003C\u002Fstrong> – Automatically installs and configures the main plugin if needed\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>🛡️ Better Security\u003C\u002Fstrong> – Track who uploads what and when for improved security and accountability\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>🎯 Priority Support\u003C\u002Fstrong> – Get faster support and regular updates. We focus on one-to-one priority support.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fcodepopular.com\u002Fproduct\u002Feasymedia\" rel=\"nofollow ugc\">\u003Cstrong>Get EasyMedia Pro Now \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan>\u003C\u002Fstrong>\u003C\u002Fa> \u003Ca href=\"https:\u002F\u002Fcodepopular.com\u002Fdocs\u002Feasymedia\" rel=\"nofollow ugc\">\u003Cstrong>Get Read Documentation \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan>\u003C\u002Fstrong>\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Recommended Elementor Plugin\u003C\u002Fh4>\n\u003Cblockquote>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Funlimited-theme-addons\u002F\" rel=\"ugc\">Unlimited Theme Addons\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fblockquote>\n","EasyMedia - Increase the maximum upload file size limit to any value. Increase upload limit - upload large files effortlessly.",80000,1218819,"2026-01-25T08:18:00.000Z","4.0","7.0",[88,89,90,91,92],"easymedia","increase-file-size-limit","increase-upload-limit","large-file-upload","max-upload-file-size","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-maximum-upload-file-size\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-maximum-upload-file-size.3.0.4.zip",99,"2024-11-22 17:05:12",{"slug":98,"name":99,"version":6,"author":100,"author_profile":101,"description":102,"short_description":103,"active_installs":104,"downloaded":105,"rating":63,"num_ratings":106,"last_updated":107,"tested_up_to":108,"requires_at_least":109,"requires_php":47,"tags":110,"homepage":111,"download_link":112,"security_score":113,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"disable-real-mime-check","Disable Real MIME Check","Sergey Biryukov","https:\u002F\u002Fprofiles.wordpress.org\u002Fsergeybiryukov\u002F","\u003Cp>With the upgrade to WordPress 4.7.1, some non-image files fail to upload on certain server setups. This will be fixed in 4.7.3, see the \u003Ca href=\"https:\u002F\u002Fcore.trac.wordpress.org\u002Fticket\u002F39550\" rel=\"nofollow ugc\">Trac ticket\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>In the meantime, this plugin is a workaround that disables the recently introduced strict MIME check to restore the upload functionality.\u003C\u002Fp>\n\u003Cp>Don’t forget to remove the plugin once WordPress 4.7.3 is available!\u003C\u002Fp>\n","Restores the ability to upload non-image files in WordPress 4.7.1 and 4.7.2.",10000,157182,34,"2017-11-28T16:06:00.000Z","4.7.32","4.7.1",[19,20,22],"https:\u002F\u002Fcore.trac.wordpress.org\u002Fticket\u002F39550","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-real-mime-check.1.0.zip",85,{"slug":115,"name":116,"version":117,"author":118,"author_profile":119,"description":120,"short_description":121,"active_installs":122,"downloaded":123,"rating":25,"num_ratings":124,"last_updated":125,"tested_up_to":14,"requires_at_least":126,"requires_php":16,"tags":127,"homepage":131,"download_link":132,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"blob-mimes","Lord of the Files: Enhanced Upload Security","1.4.2","Blobfolio","https:\u002F\u002Fprofiles.wordpress.org\u002Fblobfolio\u002F","\u003Cp>WordPress relies mostly on name-based validation when deciding whether or not to allow a particular file, leaving the door open for various kinds of attacks.\u003C\u002Fp>\n\u003Cp>Lord of the Files adds to this content-based validation and sanitizing, making sure that files are what they say they are and safe for inclusion on your site.\u003C\u002Fp>\n\u003Cp>The main features include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Robust \u003Cem>real\u003C\u002Fem> filetype detection;\u003C\u002Fli>\n\u003Cli>Full MIME alias mapping;\u003C\u002Fli>\n\u003Cli>SVG sanitization (if SVG uploads have been independently allowed);\u003C\u002Fli>\n\u003Cli>File upload validation debugger;\u003C\u002Fli>\n\u003Cli>Fixes issues related to \u003Ca href=\"https:\u002F\u002Fcore.trac.wordpress.org\u002Fticket\u002F40175\" rel=\"nofollow ugc\">#40175\u003C\u002Fa> that have been present since WordPress \u003Ccode>4.7.1\u003C\u002Fcode>.\u003C\u002Fli>\n\u003Cli>Fixes ambiguous media extensions \u003Ca href=\"https:\u002F\u002Fcore.trac.wordpress.org\u002Fticket\u002F40921\" rel=\"nofollow ugc\">#40921\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Requirements\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>WordPress 5.2 or later.\u003C\u002Fli>\n\u003Cli>PHP 7.4 or later.\u003C\u002Fli>\n\u003Cli>\u003Ccode>dom\u003C\u002Fcode> PHP extension.\u003C\u002Fli>\n\u003Cli>\u003Ccode>fileinfo\u003C\u002Fcode> PHP extension.\u003C\u002Fli>\n\u003Cli>\u003Ccode>mbstring\u003C\u002Fcode> PHP extension.\u003C\u002Fli>\n\u003Cli>\u003Ccode>xml\u003C\u002Fcode> PHP extension.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Please note: it is \u003Cstrong>not safe\u003C\u002Fstrong> to run WordPress atop a version of PHP that has reached its \u003Ca href=\"http:\u002F\u002Fphp.net\u002Fsupported-versions.php\" rel=\"nofollow ugc\">End of Life\u003C\u002Fa>. Future releases of this plugin might, out of necessity, drop support for old, unmaintained versions of PHP. To ensure you continue to receive plugin updates, bug fixes, and new features, just make sure PHP is kept up-to-date. 🙂\u003C\u002Fp>\n\u003Ch3>Privacy Policy\u003C\u002Fh3>\n\u003Cp>This plugin does not make use of or collect any “Personal Data”.\u003C\u002Fp>\n","This plugin expands file-related security and sanity around the upload process.",1000,95238,11,"2025-09-17T03:38:00.000Z","5.2",[128,20,129,68,130],"file-validation","security-plugin","upload-security","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fblob-mimes\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblob-mimes.1.4.2.zip",{"attackSurface":134,"codeSignals":163,"taintFlows":174,"riskAssessment":175,"analyzedAt":183},{"hooks":135,"ajaxHandlers":159,"restRoutes":160,"shortcodes":161,"cronEvents":162,"entryPointCount":11,"unprotectedCount":11},[136,142,145,150,155],{"type":137,"name":138,"callback":139,"file":140,"line":141},"action","admin_menu","mflimit_add_admin_menu","media-file-limiter.php",29,{"type":137,"name":143,"callback":144,"file":140,"line":31},"admin_init","mflimit_settings_init",{"type":146,"name":147,"callback":148,"file":140,"line":149},"filter","upload_size_limit","mflimit_set_upload_size_limit",271,{"type":146,"name":151,"callback":152,"priority":153,"file":140,"line":154},"wp_handle_upload_prefilter","mflimit_check_upload_pre_filter",1,298,{"type":146,"name":156,"callback":157,"priority":153,"file":140,"line":158},"wp_handle_upload","mflimit_recheck_after_upload",465,[],[],[],[],{"dangerousFunctions":164,"sqlUsage":165,"outputEscaping":167,"fileOperations":153,"externalRequests":11,"nonceChecks":11,"capabilityChecks":30,"bundledLibraries":173},[],{"prepared":11,"raw":11,"locations":166},[],{"escaped":168,"rawEcho":153,"locations":169},31,[170],{"file":140,"line":171,"context":172},199,"raw output",[],[],{"summary":176,"deductions":177},"The media-file-limiter plugin v1.0 exhibits a generally strong security posture based on the provided static analysis. The absence of AJAX handlers, REST API routes, shortcodes, and cron events significantly limits the plugin's attack surface. Furthermore, the code demonstrates good practices by not using dangerous functions, all SQL queries utilizing prepared statements, and a very high percentage of output properly escaped. The plugin also includes capability checks, indicating an awareness of user permissions. The vulnerability history is clean, with no known CVEs, which is a positive sign of the developer's security diligence.\n\nHowever, there are a few areas for potential concern. The presence of a file operation without explicit details on its nature or sanitization warrants cautious consideration, as file operations can be a source of vulnerabilities if not handled correctly. The complete lack of nonce checks, while not directly indicated as a vulnerability in this analysis due to the absence of AJAX\u002FREST endpoints, is a common security practice that should be considered for any future development or if such endpoints are added. The absence of taint analysis results could mean no flows were found, or that the analysis was not comprehensive enough to identify potential issues. Overall, the plugin appears secure for its current version and feature set, but vigilance regarding file operations and adherence to broader security best practices for future iterations is recommended.",[178,181],{"reason":179,"points":180},"File operation detected without details",5,{"reason":182,"points":180},"No nonce checks implemented","2026-03-17T06:54:55.770Z",{"wat":185,"direct":190},{"assetPaths":186,"generatorPatterns":187,"scriptPaths":188,"versionParams":189},[],[],[],[],{"cssClasses":191,"htmlComments":195,"htmlAttributes":196,"restEndpoints":198,"jsGlobals":199,"shortcodeOutput":200},[192,193,194],"wrap","notice","notice-info",[],[197],"aria-describedby",[],[],[]]