[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fOF5lLsAPoKXVenomqDjW_hatLJecxog8m4pcNrbQVVU":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":46,"crawl_stats":36,"alternatives":53,"analysis":156,"fingerprints":216},"media-search-enhanced","Media Search Enhanced","0.9.2","Yoren Chang","https:\u002F\u002Fprofiles.wordpress.org\u002F1fixdotio\u002F","\u003Cp>This plugin is made for:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Search through all fields in Media Library, including: ID, title, caption, alternative text and description.\u003C\u002Fli>\n\u003Cli>Search Taxonomies for Media, include the name, slug and description fields.\u003C\u002Fli>\n\u003Cli>Search media file name.\u003C\u002Fli>\n\u003Cli>Use shortcode \u003Ccode>[mse-search-form]\u003C\u002Fcode> to insert a media search form in posts and template files. It will search for media by all fields mentioned above.\u003C\u002Fli>\n\u003C\u002Ful>\n","Search through all fields in Media Library.",3000,44066,88,27,"2026-01-21T14:32:00.000Z","6.8.5","3.5","",[20,21,22],"attachment","media","media-library","https:\u002F\u002F1fix.io\u002Fmedia-search-enhanced","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmedia-search-enhanced.0.9.2.zip",99,1,0,"2026-01-07 00:00:00","2026-03-15T15:16:48.613Z",[31],{"id":32,"url_slug":33,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":6,"severity":38,"cvss_score":39,"cvss_vector":40,"vuln_type":41,"published_date":28,"updated_date":42,"references":43,"days_to_patch":45},"CVE-2026-23805","media-search-enhanced-authenticated-author-sql-injection","Media Search Enhanced \u003C= 0.9.1 - Authenticated (Author+) SQL Injection","The Media Search Enhanced plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 0.9.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with author-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.",null,"\u003C=0.9.1","medium",6.5,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:H\u002FI:N\u002FA:N","Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')","2026-02-26 19:50:00",[44],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F12ecb8ae-9aa3-4826-959e-cbac8eb5e76c?source=api-prod",51,{"slug":47,"display_name":7,"profile_url":8,"plugin_count":48,"total_installs":49,"avg_security_score":50,"avg_patch_time_days":45,"trust_score":51,"computed_at":52},"1fixdotio",6,4220,87,79,"2026-04-04T05:39:02.550Z",[54,79,100,118,138],{"slug":55,"name":56,"version":57,"author":58,"author_profile":59,"description":60,"short_description":61,"active_installs":62,"downloaded":63,"rating":64,"num_ratings":65,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":69,"tags":70,"homepage":75,"download_link":76,"security_score":77,"vuln_count":26,"unpatched_count":26,"last_vuln_date":78,"fetched_at":29},"wow-media-library-fix","Fix Media Library","2.0","wowpress.host","https:\u002F\u002Fprofiles.wordpress.org\u002Fwowpresshost\u002F","\u003Cp>Fix Media Library fixes inconsistency between wp-content\u002Fuploads folder and\u003Cbr \u002F>\ndatabase.\u003Cbr \u002F>\nFixes corrupted Media Library database records.\u003Cbr \u002F>\nDesigned to run smoothly against huge Media Libraries containing hundreds of thousands of images.\u003C\u002Fp>\n\u003Cp>Useful when:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Really old database is used and there are a lot of problems with Media Library found\u003C\u002Fli>\n\u003Cli>New thumbnail sizes are registered\u003C\u002Fli>\n\u003Cli>Some thumbnail sizes are not used anymore (theme change, upgrade), but image files are still exists\u003C\u002Fli>\n\u003Cli>There are Media Library entries present pointing to image files that don’t exist anymore\u003C\u002Fli>\n\u003Cli>Some entries in Media Library are not displayed, while image files are present (_wp_attachment_metadata meta field corrupted)\u003C\u002Fli>\n\u003Cli>There are a lot of images in wp-content\u002Fuploads folder that are no longer used\u003C\u002Fli>\n\u003Cli>There are duplicate attachments pointing to the same image file\u003C\u002Fli>\n\u003Cli>Images are used by website, but you can’t find them in Media Library\u003C\u002Fli>\n\u003Cli>You want to update attachments GUID fields containing old\u002Fstaging urls\u003C\u002Fli>\n\u003Cli>Detects major database corruptions affecting media library functionality\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>At \u003Ca href=\"https:\u002F\u002Fwowpress.host\u002F\" rel=\"nofollow ugc\">WowPress.host\u003C\u002Fa> company we regularly migrate very old databases and clean it up to make sure website using it is running smoothly. Those databases have all different kinds of inconsistencies collected during years or even decades of usage, and Media Library is the most common problematic piece of data here.\u003Cbr \u002F>\nThat plugin helps to solve most common problems related to Media Library data.\u003C\u002Fp>\n\u003Cp>We use a lot of open-source tools in our work, and therefore decided publish our own tools so that those can be used by the community too.\u003C\u002Fp>\n\u003Ch4>Need Help? Found A Bug? Want To Contribute Code?\u003C\u002Fh4>\n\u003Cp>Support for this plugin is provided via the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fwow-media-library-fix\" rel=\"ugc\">WordPress.org forums\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>The source code for this plugin is available on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwowpress-host\u002Fwow-media-library-fix\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Paid support at \u003Ca href=\"https:\u002F\u002Fwowpress.host\u002Fprofessional-services\u002F\" rel=\"nofollow ugc\">WowPress.host\u003C\u002Fa>.\u003C\u002Fp>\n","Fix Media Library inconsistency between database and wp-content\u002Fuploads folder contents. Unused image files, broken media library entries, missing att …",2000,37302,98,32,"2018-12-18T10:26:00.000Z","5.0.25","4.6","5.3",[71,22,72,73,74],"attachments","post-thumbnail","thumbnail","thumbnails","https:\u002F\u002Fwowpress.host\u002Fplugins\u002Fwow-","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwow-media-library-fix.2.0.zip",63,"2025-12-12 00:00:00",{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":87,"downloaded":88,"rating":13,"num_ratings":89,"last_updated":90,"tested_up_to":91,"requires_at_least":92,"requires_php":18,"tags":93,"homepage":97,"download_link":98,"security_score":99,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"upgrade-for-unattach-re-attach-media-attachments","Upgrade for Unattach and Re-attach Media Attachments","1.2.2","laurencebahiirwa","https:\u002F\u002Fprofiles.wordpress.org\u002Flaurencebahiirwa\u002F","\u003Cp>WordPress allows to attach (or assign) images and other attachments organized within the Media Library to posts and pages.\u003C\u002Fp>\n\u003Cp>A file will automatically be attached to a particular post when uploaded using the Add media button in that post. There are also “Attach” links in the Media Library to manually attach files to posts. Once attached there is no way to unattach or re-attach images, pdfs or any attachment in WordPress core.\u003C\u002Fp>\n\u003Cp>This plugin fills this gap by providing two additional links next to “Attach” in the \u003Cstrong>Media Library\u003C\u002Fstrong>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Re-Attach\u003C\u002Fstrong>: Allows user to choose a new post to attach the media file.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Unattach\u003C\u002Fstrong>: Totally removes an existing relation between an attachment and a post.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Bulk Actions\u003C\u002Fh3>\n\u003Cp>The plugin also provides bulk actions for unattaching and re-attaching multiple files at once! Just mark the files you want to change, select your desired action from the \u003Cem>Bulk Actions\u003C\u002Fem> dropdown and hit \u003Cem>Apply\u003C\u002Fem>.\u003C\u002Fp>\n\u003Ch3>Note\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fstackoverflow.com\u002Fquestions\u002F45690582\u002Fimage-post-attachments-not-specific-to-post\u002F45705413#45705413\" rel=\"nofollow ugc\">My initial issue came from here\u003C\u002Fa>. Thanks to \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Funattach-and-re-attach-attachments\u002F\u002F\" rel=\"ugc\">Unattach and Re-attach Media Attachments\u003C\u002Fa> which inspired this plugin. Just adding upgrades of the code to the latter so it is safer for use and have fixed some bugs.\u003C\u002Fp>\n","Allows to unattach and reattach images and other attachments from within the media library page.",300,8933,7,"2022-06-21T09:17:00.000Z","6.0.11","4.9",[71,22,94,95,96],"re-attach","unattach","upgrade","https:\u002F\u002Fgithub.com\u002Fbahiirwa\u002FUpgrade-for-Unattach-Re-Attach-Media-Attachments\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fupgrade-for-unattach-re-attach-media-attachments.1.2.2.zip",85,{"slug":101,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":87,"downloaded":108,"rating":109,"num_ratings":26,"last_updated":110,"tested_up_to":111,"requires_at_least":112,"requires_php":18,"tags":113,"homepage":116,"download_link":117,"security_score":99,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"va-removing-exif","VA Removing Exif","1.0.1","kuck1u","https:\u002F\u002Fprofiles.wordpress.org\u002Fkuck1u\u002F","\u003Cp>Automatically remove all Exif data from the new JPEG images when uploading. Please note that already uploaded images will not be processed. If you want to delete Exif from the already uploaded image, please generate thumbnail image again with “\u003Ca href=\"https:\u002F\u002Fja.wordpress.org\u002Fplugins\u002Fregenerate-thumbnails\u002F\" rel=\"nofollow ugc\">Regenerate Thumbnails\u003C\u002Fa>” etc.\u003C\u002Fp>\n\u003Ch4>How to use\u003C\u002Fh4>\n\u003Cp>Usage is easy. Just activate the plugin. This plugin requires PHP modules of the ImageMagick or GD.\u003C\u002Fp>\n\u003Ch4>Requires\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WordPress 4.4+\u003C\u002Fli>\n\u003Cli>PHP 5.4+ & ImageMagick or GD modules\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Contribute\u003C\u002Fh4>\n\u003Cp>You can fork the plugin from \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fvisualive\u002Fva-removing-exif\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Attention\u003C\u002Fh4>\n\u003Cp>This plugin is intended to save your privacy and should not be used for illegal activity like copyright violations.\u003C\u002Fp>\n","Automatically remove all Exif data from the new JPEG images when uploading.",11441,100,"2016-12-19T05:40:00.000Z","4.7.32","4.4",[20,71,114,22,115],"exif","privacy","https:\u002F\u002Fgithub.com\u002Fvisualive\u002Fva-removing-exif","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fva-removing-exif.zip",{"slug":119,"name":120,"version":121,"author":122,"author_profile":123,"description":124,"short_description":125,"active_installs":109,"downloaded":126,"rating":127,"num_ratings":128,"last_updated":129,"tested_up_to":91,"requires_at_least":130,"requires_php":18,"tags":131,"homepage":135,"download_link":136,"security_score":77,"vuln_count":26,"unpatched_count":26,"last_vuln_date":137,"fetched_at":29},"acclectic-media-organizer","Acclectic Media Organizer","1.4","Acclectic Media","https:\u002F\u002Fprofiles.wordpress.org\u002Facclectic\u002F","\u003Cp>Acclectic Media Organizer creates a virtual file system that lets you better organize attachments and everything in your media library. Simply create folders and subfolders, and then drag and drop items directly within the media library. When you are ready to use attachments in your content, find them easily by selecting their folder. No more sifting through thousands of items to find the right one!\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Hierarchical File System\u003C\u002Fstrong>\u003Cbr \u002F>\nCreate folders and subfolders, just like in a real file system.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Virtual File System\u003C\u002Fstrong>\u003Cbr \u002F>\nAcclectic Media Organizer creates a virtual file system, so all links to your media files will remain the same and continue to work.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Direct Upload to Folder\u003C\u002Fstrong>\u003Cbr \u002F>\nUpload new items directly to a folder simply by selecting the folder when you add them to the media library.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Detailed upload status tracker\u003C\u002Fstrong>\u003Cbr \u002F>\nA detailed upload status tracker keeps you up-to-date when uploading many files to a folder.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Rearrange Folders\u003C\u002Fstrong>\u003Cbr \u002F>\nRearrange your folder tree by simply dragging and dropping folders directly within the folder tree.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Drag & Drop Items\u003C\u002Fstrong>\u003Cbr \u002F>\nAssign attachments and media items to a folder by simply dragging and dropping them onto the folder in the folder tree.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Edit Folders Via Context Menu\u003C\u002Fstrong>\u003Cbr \u002F>\nCreate subfolders, rename, or delete a folder by a convenient context menu directly in the folder tree.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Resizable Control Panel\u003C\u002Fstrong>\u003Cbr \u002F>\nThe control panel is designed to be comprehensive but unobtrusive, and it is easily resizable.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Filter Items When Attaching\u003C\u002Fstrong>\u003Cbr \u002F>\nSee only the items you want when adding attachments to posts and pages by clicking on the appropriate folder in the media browser dialog.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Multi-Mode Support\u003C\u002Fstrong>\u003Cbr \u002F>\nAcclectic Media Organizer works in both List and Grid modes in the Media Library. It is also shown in the media browser dialog when adding attachments.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>No Limits\u003C\u002Fstrong>\u003Cbr \u002F>\nAll supported features are fully available to you with no limits of any kind. Create as many folders or subfolders as you want; add as many items to each folder as you want; and use this for as long as you want.\u003C\u002Fp>\n\u003Ch3>How-Tos\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Create a root folder\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Click on the \u003Cem>Create Folder\u003C\u002Fem> button in the control panel.\u003C\u002Fli>\n\u003Cli>A new folder with the temporary name [New Folder] appears in the folder tree.\u003C\u002Fli>\n\u003Cli>Edit a new name for the new folder and press Enter.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Create a sub-folder\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Right-click the parent folder in which you want to create the sub-folder.\u003C\u002Fli>\n\u003Cli>In the context menu, select \u003Cem>Create Folder\u003C\u002Fem>.\u003C\u002Fli>\n\u003Cli>A new folder with the temporary name [New Folder] appears in the folder tree.\u003C\u002Fli>\n\u003Cli>Edit a new name for the new folder and press Enter.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Move a folder\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>In the folder tree, drag and drop the folder to its new parent.\u003C\u002Fli>\n\u003Cli>A status icon indicates where the move is possible. For example, moving a parent folder into one of its sub-folders cannot be performed.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Rename a folder\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Right-click the folder that you want to rename.\u003C\u002Fli>\n\u003Cli>In the context menu, select \u003Cem>Rename Folder\u003C\u002Fem>.\u003C\u002Fli>\n\u003Cli>Edit a new name for the folder and press Enter.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Delete a folder\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Right-click the folder that you want to delete.\u003C\u002Fli>\n\u003Cli>Confirm the action in the popup dialog.\u003C\u002Fli>\n\u003Cli>All subfolders in this folder will also be deleted, and all items in this folder and all subfolders will become unassigned.\u003C\u002Fli>\n\u003Cli>Don’t worry–no files will ever be deleted when you delete a folder.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Assign one item to a folder\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Drag the item to the destination folder.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Assign multiple items to a folder\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>In \u003Cem>Grid view\u003C\u002Fem>: enable \u003Cem>Bulk select\u003C\u002Fem>. Then drag the items to the destination folder.\u003C\u002Fli>\n\u003Cli>In \u003Cem>List view\u003C\u002Fem>: select multiple items with check-boxes. Then drag the items to the destination folder.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Move items out of any folder\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Drag and drop the items to the \u003Cem>Unassigned Items\u003C\u002Fem> category in the control panel.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Upload new files directly to a specific folder\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>In \u003Cem>Grid View\u003C\u002Fem>: Select the folder in which the new files should be uploaded. Then drag and drop items from your computer to the Media Library.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Supported Languages\u003C\u002Fh3>\n\u003Cp>Acclectic Media Organizer is available in these languages:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Chinese (Simplified)\u003C\u002Fli>\n\u003Cli>Chinese (Traditional)\u003C\u002Fli>\n\u003Cli>English\u003C\u002Fli>\n\u003Cli>French\u003C\u002Fli>\n\u003Cli>German\u003C\u002Fli>\n\u003Cli>Italian\u003C\u002Fli>\n\u003Cli>Japanese\u003C\u002Fli>\n\u003Cli>Portugese\u003C\u002Fli>\n\u003Cli>Polish\u003C\u002Fli>\n\u003Cli>Russian\u003C\u002Fli>\n\u003Cli>Spanish\u003C\u002Fli>\n\u003C\u002Ful>\n","A file manager for your media library. Organize your attachments, photos, and other media items into folders, and easily filter items by folder when y …",2626,96,4,"2022-09-14T15:42:00.000Z","5.0.0",[132,21,133,22,134],"attachment-folders","media-categories","media-library-folders","https:\u002F\u002Fwww.acclectic.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Facclectic-media-organizer.1.4.zip","2025-08-22 00:00:00",{"slug":139,"name":140,"version":141,"author":142,"author_profile":143,"description":144,"short_description":145,"active_installs":146,"downloaded":147,"rating":27,"num_ratings":27,"last_updated":148,"tested_up_to":149,"requires_at_least":150,"requires_php":18,"tags":151,"homepage":154,"download_link":155,"security_score":99,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"attachment-page-comment-control","Attachment Page Comment Control","1.0.2","laceous","https:\u002F\u002Fprofiles.wordpress.org\u002Flaceous\u002F","\u003Cp>Just like regular posts and pages, attachments have their own \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FUsing_Image_and_File_Attachments#Inserting_Images\" rel=\"nofollow ugc\">pages\u003C\u002Fa> where guests can leave comments (and can also accept trackbacks\u002Fpingbacks).  Unlike regular posts and pages, attachment pages don’t offer any UI controls that let you choose (on an individual basis) which attachment pages should allow comments and pings.\u003C\u002Fp>\n\u003Cp>This plugin corrects this issue by giving you the ability to turn comments and pings on or off for individual attachment pages within your media library.\u003C\u002Fp>\n\u003Cp>The global setting to allow comments or pings by default already applies to attachment pages.\u003C\u002Fp>\n","Gives you the ability to turn comments and pings on or off for individual attachment pages within your media library.",30,3509,"2010-06-03T19:42:00.000Z","3.0.5","2.5",[71,152,22,153],"comments","pings","http:\u002F\u002Fmoggy.laceous.com\u002F2010\u002F04\u002F04\u002Fattachment-page-comment-control\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fattachment-page-comment-control.zip",{"attackSurface":157,"codeSignals":196,"taintFlows":205,"riskAssessment":206,"analyzedAt":215},{"hooks":158,"ajaxHandlers":188,"restRoutes":189,"shortcodes":190,"cronEvents":195,"entryPointCount":26,"unprotectedCount":27},[159,165,170,175,179,184],{"type":160,"name":161,"callback":162,"file":163,"line":164},"action","plugins_loaded","get_instance","media-search-enhanced.php",46,{"type":160,"name":166,"callback":167,"file":168,"line":169},"init","load_plugin_textdomain","public\\class-media-search-enhanced.php",66,{"type":171,"name":172,"callback":172,"priority":173,"file":168,"line":174},"filter","posts_clauses",20,69,{"type":171,"name":176,"callback":177,"file":168,"line":178},"the_excerpt","get_the_image",75,{"type":171,"name":180,"callback":181,"priority":182,"file":168,"line":183},"attachment_link","get_the_url",10,78,{"type":171,"name":185,"callback":186,"file":168,"line":187},"get_search_form","search_form_on_search",81,[],[],[191],{"tag":192,"callback":193,"file":168,"line":194},"mse-search-form","search_form",72,[],{"dangerousFunctions":197,"sqlUsage":198,"outputEscaping":201,"fileOperations":27,"externalRequests":27,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":204},[],{"prepared":199,"raw":27,"locations":200},12,[],{"escaped":202,"rawEcho":27,"locations":203},2,[],[],[],{"summary":207,"deductions":208},"The \"media-search-enhanced\" plugin v0.9.2 demonstrates some good security practices, notably the exclusive use of prepared statements for all SQL queries and proper output escaping. The static analysis also shows no critical or high severity taint flows, a clean slate for file operations and external HTTP requests. The attack surface is minimal with only one shortcode and no unprotected entry points identified in this analysis.\n\nHowever, there are significant concerns. The plugin completely lacks nonce checks and capability checks. This means that any authenticated user, regardless of their role, could potentially trigger actions associated with the shortcode. The presence of a past medium severity SQL injection vulnerability, even if currently patched, is a red flag and suggests potential for similar issues if sanitization or input validation is not consistently applied. The fact that a vulnerability was recorded as recently as 2026-01-07 (though likely a typo and meant to be in the past) also warrants attention.\n\nIn conclusion, while the plugin has made strides in secure coding for SQL and output handling, the absence of proper authorization and capability checks presents a substantial risk. Coupled with the history of an SQL injection vulnerability, this plugin requires careful monitoring and potentially further security hardening before being considered robustly secure.",[209,211,213],{"reason":210,"points":182},"Missing nonce checks",{"reason":212,"points":182},"Missing capability checks",{"reason":214,"points":182},"Past medium SQL injection vulnerability","2026-03-16T18:22:54.027Z",{"wat":217,"direct":226},{"assetPaths":218,"generatorPatterns":221,"scriptPaths":222,"versionParams":223},[219,220],"\u002Fwp-content\u002Fplugins\u002Fmedia-search-enhanced\u002Fpublic\u002Fcss\u002Fmedia-search-enhanced.css","\u002Fwp-content\u002Fplugins\u002Fmedia-search-enhanced\u002Fpublic\u002Fjs\u002Fmedia-search-enhanced.js",[],[220],[224,225],"\u002Fwp-content\u002Fplugins\u002Fmedia-search-enhanced\u002Fpublic\u002Fcss\u002Fmedia-search-enhanced.css?ver=","\u002Fwp-content\u002Fplugins\u002Fmedia-search-enhanced\u002Fpublic\u002Fjs\u002Fmedia-search-enhanced.js?ver=",{"cssClasses":227,"htmlComments":228,"htmlAttributes":229,"restEndpoints":230,"jsGlobals":231,"shortcodeOutput":232},[],[],[192],[],[],[233],"[mse-search-form]"]