[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fdsxP-MGW8sz8n1VejR38qw4LFMEFoLFQmBFN9k6FVHY":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":39,"analysis":133,"fingerprints":246},"no-frills-gallery","No Frills Gallery","1.3.4","jtibbles","https:\u002F\u002Fprofiles.wordpress.org\u002Fjtibbles\u002F","\u003Cp>No Frills Gallery is a simple image gallery with optional slideshow feature. There are a number of gallery plug-ins for WordPress, but many\u003Cbr \u002F>\nare either too complex, too rigid or too expensive for some developer’s needs. No Frills Gallery has been developed for simplicity, but also\u003Cbr \u002F>\nfor customisation. Thanks to it’s use of shortcodes, which are generated after you have chosen your specific requirements, both the gallery\u003Cbr \u002F>\nand slideshow can be placed anywhere on the site, either in a page or as part of a sidebar, header or any content area via either the standard\u003Cbr \u002F>\nshortcode or PHP’s do_shortcode syntax.\u003C\u002Fp>\n\u003Cp>The styling has remained purposefully simple, allowing you the flexibility you need to build on your own style. All front-end stylings can be\u003Cbr \u002F>\nview in the \u002Fcss\u002Fno-frills.css file. While you can edit this directly, it is not advised as it may be replaced on future plug-in updates.\u003Cbr \u002F>\nInstead simply copy the styles inside this css file and add them to your own theme’s style.css file. Then customise them to suit your needs.\u003C\u002Fp>\n","A very simple, easily customisable image gallery. Uses shortcodes to display your picture gallery and\u002For slideshow.",10,2814,80,1,"2017-07-27T11:02:00.000Z","4.8.0","3.0.1","",[20,21,22,23,24],"gallery","images","pictures","simple","slideshow","http:\u002F\u002Fwww.jamestibbles.co.uk\u002Fno-frills-gallery\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fno-frills-gallery.1.3.5.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":35,"avg_patch_time_days":36,"trust_score":37,"computed_at":38},3,50,90,30,87,"2026-04-04T23:32:20.483Z",[40,58,80,100,117],{"slug":41,"name":42,"version":43,"author":44,"author_profile":45,"description":46,"short_description":47,"active_installs":48,"downloaded":49,"rating":50,"num_ratings":14,"last_updated":51,"tested_up_to":52,"requires_at_least":53,"requires_php":18,"tags":54,"homepage":56,"download_link":57,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"jquery-googleslides","jQuery googleslides","1.3","brady.holt","https:\u002F\u002Fprofiles.wordpress.org\u002Fbradyholt\u002F","\u003Cp>jquery.googleslides is a simply jQuery plugin that displays your Google Photos, including Picasa and Google+ albums.  Visit the \u003Ca href=\"http:\u002F\u002Fbradyholt.github.com\u002Fjquery-googleslides\" rel=\"nofollow ugc\">jquery-googleslides project site\u003C\u002Fa> for more information.\u003C\u002Fp>\n","Integrates the googleslides jQuery plugin to display your Google Photos, including Picasa and Google+ albums.",20,3836,100,"2012-06-15T20:59:00.000Z","3.3.2","2.0.2",[20,21,55,22,24],"jquery","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fjquery-googleslides\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjquery-googleslides.1.3.zip",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":66,"downloaded":67,"rating":68,"num_ratings":69,"last_updated":70,"tested_up_to":71,"requires_at_least":72,"requires_php":18,"tags":73,"homepage":76,"download_link":77,"security_score":78,"vuln_count":14,"unpatched_count":14,"last_vuln_date":79,"fetched_at":30},"facebook-photo-fetcher","Social Photo Fetcher","3.0.4","JK","https:\u002F\u002Fprofiles.wordpress.org\u002Fjustin_k\u002F","\u003Cp>Social Photo Fetcher (previously called “Facebook Photo Fetcher”) allows you to quickly and easily generate WordPress photo galleries from Facebook albums.\u003C\u002Fp>\n\u003Cp>The idea was inspired by \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Ffotobook\u002F\" rel=\"ugc\">Fotobook\u003C\u002Fa>, though its approach is fundamentally different: while Fotobook’s emphasis is on automation, this plugin allows a great deal of customization.  With it you can create galleries in any Post or Page you like, right alongside your regular content. You do this simply by putting a “magic HTML tag” in the post’s content – much like \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FGallery_Shortcode\" rel=\"nofollow ugc\">WordPress Shortcode\u003C\u002Fa>. Upon saving, the tag will instantly be populated with the Facebook album content. Presentation is fully customizable via parameters to the “magic tag” – you can choose to show only a subset of an album’s photos, change the number of photos per column, show photo captions, and more.  Plus, Social Photo Fetcher doesn’t limit you to just your own albums: it can create galleries from fanpages as well.\u003C\u002Fp>\n\u003Cp>Features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Uses Facebook’s API to instantly create WordPress photo galleries from Facebook albums.\u003C\u002Fli>\n\u003Cli>Galleries are fully customizable: you can import complete albums, select excerpts, random excerpts, album descriptions, photo captions, and more.\u003C\u002Fli>\n\u003Cli>Galleries can be organized however you like: in any post or page, alone or alongside your other content.\u003C\u002Fli>\n\u003Cli>Simple PHP template function allows programmers to manually embed albums in any template or widget.\u003C\u002Fli>\n\u003Cli>Built-in LightBox: Photos appear in attractive pop-up overlays without the need for any other plugins.\u003C\u002Fli>\n\u003Cli>Admin panel handles all the setup for you: Just login and you’re ready to start making albums.\u003C\u002Fli>\n\u003Cli>No custom database tables required; galleries live in regular post content.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For a Demo Gallery, see the \u003Ca href=\"https:\u002F\u002Fwww.justin-klein.com\u002Fprojects\u002Ffacebook-photo-fetcher\" rel=\"nofollow ugc\">plugin’s homepage\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Donate\u003C\u002Fh3>\n\u003Cp>Many hours have gone into developing & maintaining this plugin, far beyond my own personal needs. If you find it useful, please consider \u003Ca href=\"https:\u002F\u002Fwww.justin-klein.com\u002Fprojects\u002Ffacebook-photo-fetcher\u002F#donate\" rel=\"nofollow ugc\">making a donation\u003C\u002Fa> to help support its continued development.\u003C\u002Fp>\n\u003Ch3>Privacy\u003C\u002Fh3>\n\u003Cp>This plugin uses the Facebook API to fetch photo albums from Facebook. Facebook’s security rules require that apps must authorize from one specific, known location. In order comply with this requirement, when you first authorize the plugin from its admin panel, a Facebook dialog will be initiated via my own authentication server. The dialog itself is shown directly by Facebook, and Facebook handles the entire login process – no personal information will be transferred via my server, as Facebook only supplies a single-use token which I then hand back to your site to be stored. This is what the plugin uses in order to fetch the photos. For more information about how the Facebook authorization process works, please see \u003Ca href=\"https:\u002F\u002Fdevelopers.facebook.com\u002Fdocs\u002Ffacebook-login\u002Fweb\" rel=\"nofollow ugc\">Facebook’s documentation\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Usage of this plugin means the site administrator is consenting to \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fpolicy.php\" rel=\"nofollow ugc\">Facebook’s data policy\u003C\u002Fa>. Fetched album data will be stored in your WordPress database, in posts or pages of your choosing. It can be removed by deleting those posts or pages. You are solely responsible for the security and protection of the fetched data, as it resides on and is hosted within your own WordPress site.\u003C\u002Fp>\n\u003Cp>I do not store or process any of your data.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>Please direct all support requests \u003Ca href=\"https:\u002F\u002Fwww.justin-klein.com\u002Fprojects\u002Ffacebook-photo-fetcher#feedback\" rel=\"nofollow ugc\">here\u003C\u002Fa>\u003C\u002Fp>\n","Allows you to automatically create Wordpress photo galleries from Facebook albums.  Simple to use and highly customizable.",1000,258658,74,12,"2024-04-04T23:45:00.000Z","6.5.8","2.5",[74,20,21,75,22],"facebook","photos","https:\u002F\u002Fwww.justin-klein.com\u002Fprojects\u002Ffacebook-photo-fetcher","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffacebook-photo-fetcher.3.0.4.zip",70,"2025-12-08 00:00:00",{"slug":81,"name":82,"version":83,"author":84,"author_profile":85,"description":86,"short_description":87,"active_installs":88,"downloaded":89,"rating":34,"num_ratings":90,"last_updated":91,"tested_up_to":92,"requires_at_least":93,"requires_php":18,"tags":94,"homepage":96,"download_link":97,"security_score":98,"vuln_count":14,"unpatched_count":14,"last_vuln_date":99,"fetched_at":30},"gpp-slideshow","GPP Slideshow","1.3.5","Thad Allender","https:\u002F\u002Fprofiles.wordpress.org\u002Fendortrails\u002F","\u003Cp>The GPP Slideshow plugin for WordPress allows you to create minimalist image slideshows using the new Gallery post type or using WordPress’ built in [gallery] shortcode on Posts and Pages.  The plugin comes with a  Widget for easily inserting a specific gallery into any widgetized are on your theme.  This plugin requires WordPress 3.1 and works best with \u003Ca href=\"http:\u002F\u002Fgraphpaperpress.com\u002Fthemes\u002F\" rel=\"nofollow ugc\">a Graph Paper Press theme\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fdemo.graphpaperpress.com\u002Fgpp-slideshow\u002F\" rel=\"nofollow ugc\">Live demo\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fgraphpaperpress.com\u002Fplugins\u002Fgpp-slideshow\u002F\" rel=\"nofollow ugc\">Release info\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fgraphpaperpress.com\u002Fsupport\u002F\" rel=\"nofollow ugc\">Support\u003C\u002Fa>\u003C\u002Fp>\n","A minimalist slideshow plugin that creates a new gallery post type. Add slideshows to widgets, posts, pages and gallery posts.",200,69652,2,"2014-01-07T08:13:00.000Z","3.7.41","3.5",[20,21,75,95,24],"portfolio","http:\u002F\u002Fgraphpaperpress.com\u002Fplugins\u002Fgpp-slideshow\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgpp-slideshow.1.3.5.zip",63,"2025-06-05 00:00:00",{"slug":101,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":88,"downloaded":108,"rating":109,"num_ratings":110,"last_updated":111,"tested_up_to":112,"requires_at_least":72,"requires_php":18,"tags":113,"homepage":115,"download_link":116,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"thickbox","ThickBox","1.6.1","Christian Schenk","https:\u002F\u002Fprofiles.wordpress.org\u002Fchschenk\u002F","\u003Cp>Allows you to embed ThickBox into your blog. Simply insert ThickBox compliant markup\u003Cbr \u002F>\nwhere ever you want and you’re all set. It is a pretty lightweight plugin but here\u003Cbr \u002F>\nare some of its features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>comes with an expert mode that allows you include the JavaScript and CSS for ThickBox only on those pages that actually need it\u003C\u002Fli>\n\u003Cli>you can opt to use the script and style already bundled with WordPress\u003C\u002Fli>\n\u003Cli>automatically adds the correct class attribute when using the gallery shortcode\u003C\u002Fli>\n\u003Cli>and also contains SmoothBox\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Licence\u003C\u002Fh3>\n\u003Cp>This plugin is released under the GPL.\u003C\u002Fp>\n","Embed ThickBox into your posts and pages.",97645,52,5,"2014-06-21T10:43:00.000Z","3.9.40",[20,21,22,114,101],"smoothbox","http:\u002F\u002Fwww.christianschenk.org\u002Fprojects\u002Fwordpress-thickbox-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fthickbox.1.6.1.zip",{"slug":118,"name":119,"version":120,"author":121,"author_profile":122,"description":123,"short_description":124,"active_installs":50,"downloaded":125,"rating":13,"num_ratings":90,"last_updated":126,"tested_up_to":127,"requires_at_least":128,"requires_php":18,"tags":129,"homepage":18,"download_link":132,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"easy-gallery-slider","Easy Gallery Slider","0.6.6","iNexi","https:\u002F\u002Fprofiles.wordpress.org\u002Finexi\u002F","\u003Cp>This slider is easy to use, but powerful. It is designed to be responsive, and works perfectly with mobile devices. It can be automatically displayed on posts and pages, inserted by shortcode or PHP. The slides are pulled on each post from the attached images (gallery).\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Automatically display slider for every post and\u002For page\u003C\u002Fli>\n\u003Cli>Slides are created from images attached to the post\u002Fpage it is displayed on (WordPress Gallery)\u003C\u002Fli>\n\u003Cli>Responsive slider performs the same on every platform (desktop or mobile)\u003C\u002Fli>\n\u003Cli>Fade or slide effects\u003C\u002Fli>\n\u003Cli>Navigation with buttons, “dots”, keyboard, scroll-wheel, automatic timer\u003C\u002Fli>\n\u003Cli>Show titles and descriptions with an overlay\u003C\u002Fli>\n\u003Cli>Link individual slides to any URL\u003C\u002Fli>\n\u003Cli>Show a “zoom” button to integrate with a Lightbox plugin\u003C\u002Fli>\n\u003Cli>Many options available through an easy to use admin interface\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Please visit my homepage to submit bug reports and feature requests.\u003C\u002Fp>\n\u003Cp>Plugin Homepage: \u003Ca href=\"http:\u002F\u002Finexi.com\u002Fwordpress\" title=\"iNexi: WordPress Plugins\" rel=\"nofollow ugc\">iNexi.com\u003C\u002Fa>\u003C\u002Fp>\n","Responsive slider uses the images attached to a post or page. Simple to customize and configure.",36461,"2012-09-26T06:32:00.000Z","3.4.2","3.0",[20,21,22,130,131],"responsive","slider","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feasy-gallery-slider.0.6.6.zip",{"attackSurface":134,"codeSignals":173,"taintFlows":205,"riskAssessment":234,"analyzedAt":245},{"hooks":135,"ajaxHandlers":156,"restRoutes":162,"shortcodes":163,"cronEvents":172,"entryPointCount":33,"unprotectedCount":14},[136,142,146,149,152],{"type":137,"name":138,"callback":139,"file":140,"line":141},"action","admin_enqueue_scripts","nfg_media_enqueue","no-frills-gallery.php",22,{"type":137,"name":143,"callback":144,"file":140,"line":145},"init","nfg_additional_images_sizes",32,{"type":137,"name":143,"callback":147,"priority":14,"file":140,"line":148},"nfg_register_gallery_table",81,{"type":137,"name":150,"callback":147,"file":140,"line":151},"switch_blog",82,{"type":137,"name":153,"callback":154,"file":140,"line":155},"admin_menu","nfg_admin_menu",94,[157],{"action":158,"nopriv":159,"callback":160,"hasNonce":159,"hasCapCheck":159,"file":140,"line":161},"get_thumb",false,"nfg_get_thumb",142,[],[164,168],{"tag":165,"callback":166,"file":140,"line":167},"gallery_slideshow","nfg_create_slideshow",814,{"tag":169,"callback":170,"file":140,"line":171},"gallery_album_photos","nfg_create_gallery_album_photos",947,[],{"dangerousFunctions":174,"sqlUsage":175,"outputEscaping":188,"fileOperations":28,"externalRequests":28,"nonceChecks":14,"capabilityChecks":33,"bundledLibraries":204},[],{"prepared":176,"raw":33,"locations":177},14,[178,182,185],{"file":179,"line":180,"context":181},"admin\\nfg-edit-album-admin.php",26,"$wpdb->get_row() with variable interpolation",{"file":179,"line":183,"context":184},53,"$wpdb->get_results() with variable interpolation",{"file":140,"line":186,"context":187},43,"$wpdb->get_var() with variable interpolation",{"escaped":189,"rawEcho":189,"locations":190},6,[191,194,196,198,200,202],{"file":179,"line":192,"context":193},86,"raw output",{"file":179,"line":195,"context":193},95,{"file":179,"line":197,"context":193},99,{"file":179,"line":199,"context":193},155,{"file":140,"line":201,"context":193},138,{"file":140,"line":203,"context":193},232,[],[206,223],{"entryPoint":207,"graph":208,"unsanitizedCount":14,"severity":222},"nfg_get_thumb (no-frills-gallery.php:132)",{"nodes":209,"edges":220},[210,215],{"id":211,"type":212,"label":213,"file":140,"line":214},"n0","source","$_POST",134,{"id":216,"type":217,"label":218,"file":140,"line":201,"wp_function":219},"n1","sink","echo() [XSS]","echo",[221],{"from":211,"to":216,"sanitized":159},"medium",{"entryPoint":224,"graph":225,"unsanitizedCount":28,"severity":233},"\u003Cno-frills-gallery> (no-frills-gallery.php:0)",{"nodes":226,"edges":230},[227,229],{"id":211,"type":212,"label":228,"file":140,"line":214},"$_POST (x2)",{"id":216,"type":217,"label":218,"file":140,"line":201,"wp_function":219},[231],{"from":211,"to":216,"sanitized":232},true,"low",{"summary":235,"deductions":236},"The no-frills-gallery plugin v1.3.4 presents a mixed security posture. While it shows good practices like a high percentage of prepared SQL statements and a clean vulnerability history with no recorded CVEs, there are significant areas of concern arising from the static analysis.  The presence of an AJAX handler without any authentication checks represents a direct and immediate risk, as it can be triggered by any user, potentially leading to unauthorized actions. Furthermore, the analysis reveals a flow with an unsanitized path, which, although not classified as critical or high severity in the taint analysis, still indicates a potential weakness where user input might be improperly handled, leading to unexpected behavior or exploitation if combined with other factors. The plugin's limited attack surface is a positive, but the unprotected entry point outweighs this benefit.  Overall, the plugin has strengths in its lack of historical vulnerabilities and its general code quality concerning SQL and output escaping for the majority of cases, but the unprotected AJAX handler and the identified unsanitized path require immediate attention and mitigation.",[237,239,242],{"reason":238,"points":11},"AJAX handler without authentication check",{"reason":240,"points":241},"Flow with unsanitized path identified",7,{"reason":243,"points":244},"50% of outputs not properly escaped",4,"2026-03-17T01:20:22.637Z",{"wat":247,"direct":259},{"assetPaths":248,"generatorPatterns":256,"scriptPaths":257,"versionParams":258},[249,250,251,252,253,254,255],"\u002Fwp-content\u002Fplugins\u002Fno-frills-gallery\u002Fcss\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Fno-frills-gallery\u002Fcss\u002Fno-frills.css","\u002Fwp-content\u002Fplugins\u002Fno-frills-gallery\u002Fcss\u002Fslideshow.css","\u002Fwp-content\u002Fplugins\u002Fno-frills-gallery\u002Fjs\u002Falbum-tools.js","\u002Fwp-content\u002Fplugins\u002Fno-frills-gallery\u002Fjs\u002Finit-sort.js","\u002Fwp-content\u002Fplugins\u002Fno-frills-gallery\u002Fjs\u002Fjquery.sortable.min.js","\u002Fwp-content\u002Fplugins\u002Fno-frills-gallery\u002Fjs\u002Fslideshow.js",[],[],[],{"cssClasses":260,"htmlComments":261,"htmlAttributes":262,"restEndpoints":264,"jsGlobals":265,"shortcodeOutput":267},[],[],[263],"id=\"nfg-gallery-container\"",[],[266],"nfg_wp_vars",[268,269],"[nfg-gallery]","[nfg-slideshow]"]