[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f1i1EiWSvIynRyxxYqD3bKXOpepUf27ADssoorbn6MP8":3,"$fhMM3uWd3AolRe-AhpC3cjmUE5c-ZI1Q9Z4oJMhOqjI0":468,"$fRqAcT0GD-sQDy0gzvNZOs76bYaCyNoLU1iqmhklR6mE":472},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":18,"download_link":23,"security_score":24,"vuln_count":25,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"discovery_status":29,"vulnerabilities":30,"developer":49,"crawl_stats":36,"alternatives":56,"analysis":166,"fingerprints":448},"offload-videos-bunny-netaws-s3","Offload Videos – Bunny.net, AWS S3","1.0.2","WebGarh Solutions","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebgarh\u002F","\u003Cp>Upload videos to Bunny.net using bunny streaming API’s with TUS protocol and resumable video upload, create individual collection for each user giving option to delete videos directly from bunny streaming storage also AWS S3 storage can be used to upload videos to AWS S3 bucket ,creating individual folder for users giving option to delete videos directly from AWS S3 storage\u003C\u002Fp>\n\u003Cp>For more information, \u003Ca href=\"https:\u002F\u002Fwebgarh.com\" rel=\"nofollow ugc\">please click here\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Functionalities\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Admin settings page to enable service(Bunny.net\u002FAWS S3)\u003C\u002Fli>\n\u003Cli>Upload videos to Bunny.net using streaming API.\u003C\u002Fli>\n\u003Cli>Show list of user uploaded videos from Bunny.net to frontend page with copy option for iframe embed code and delete option for each video which will delete video from Bunny.net.\u003C\u002Fli>\n\u003Cli>TUS protocol is used with resumable upload for uploading videos which will reduce burden on your server and directly upload videos using javascript.\u003C\u002Fli>\n\u003Cli>List of videos from all users on admin side with bulk delete option which will delete video from Bunny.net.\u003C\u002Fli>\n\u003Cli>Upload videos to AWS S3 bucket.\u003C\u002Fli>\n\u003Cli>Show list of user uploaded videos from AWS S3 bucket to frontend page with copy option for iframe embed code and delete option for each video which will delete video from AWS s3 bucket. \u003C\u002Fli>\n\u003Cli>Multipart Upload is used for uploading videos which will rmake easier to upload large videos.\u003C\u002Fli>\n\u003Cli>Show list of videos from all users on admin side with bulk delete option which will delete video from AWS s3 bucket\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Shortcodes\u003C\u002Fh3>\n\u003Cp>[show_users_video_listing]\u003C\u002Fp>\n","Upload videos to Bunny.net and AWS S3 storage via using bunny streaming API's and AWS SDK services",10,3663,100,3,"2024-08-27T09:21:00.000Z","6.6.5","4.7","",[20,21,22],"aws","bunny","offload-videos","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Foffload-videos-bunny-netaws-s3.zip",91,1,0,"2024-09-04 00:00:00","2026-04-06T09:54:40.288Z","no_bundle",[31],{"id":32,"url_slug":33,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":38,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":27,"updated_date":43,"references":44,"days_to_patch":46,"patch_diff_files":47,"patch_trac_url":36,"research_status":36,"research_verified":48,"research_rounds_completed":26,"research_plan":36,"research_summary":36,"research_vulnerable_code":36,"research_fix_diff":36,"research_exploit_outline":36,"research_model_used":36,"research_started_at":36,"research_completed_at":36,"research_error":36,"poc_status":36,"poc_video_id":36,"poc_summary":36,"poc_steps":36,"poc_tested_at":36,"poc_wp_version":36,"poc_php_version":36,"poc_playwright_script":36,"poc_exploit_code":36,"poc_has_trace":48,"poc_model_used":36,"poc_verification_depth":36},"CVE-2024-6719","offload-videos-bunnynet-aws-s3-cross-site-request-forgery","Offload Videos – Bunny.net, AWS S3 \u003C= 1.0.0 - Cross-Site Request Forgery","The Offload Videos – Bunny.net, AWS S3 plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.0. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to update settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.",null,"\u003C=1.0.0","1.0.1","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Cross-Site Request Forgery (CSRF)","2025-05-30 18:23:54",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Ff5e66037-0cce-4881-adec-1b1ff0c3747b?source=api-prod",269,[],false,{"slug":50,"display_name":7,"profile_url":8,"plugin_count":51,"total_installs":52,"avg_security_score":53,"avg_patch_time_days":46,"trust_score":54,"computed_at":55},"webgarh",2,20,92,73,"2026-05-20T04:33:32.680Z",[57,81,107,126,146],{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":65,"downloaded":66,"rating":67,"num_ratings":68,"last_updated":69,"tested_up_to":70,"requires_at_least":71,"requires_php":71,"tags":72,"homepage":78,"download_link":79,"security_score":13,"vuln_count":26,"unpatched_count":26,"last_vuln_date":36,"fetched_at":80},"gosmtp","GoSMTP – SMTP for WordPress","1.2.0","Softaculous","https:\u002F\u002Fprofiles.wordpress.org\u002Fsoftaculous\u002F","\u003Cp>GoSMTP allows you to send emails from your WordPress over SMTP or many of the popular email sending services. Many web hosting companies have strict mail sending rules and limitations which restrict email deliverability. With GoSMTP, you will not be using your hosting providers PHP email but rather sending emails over SMTP or using API’s of various email providers.\u003C\u002Fp>\n\u003Cp>GoSMTP supports many of your preferred SMTP provider(s) :\u003Cbr \u002F>\n1) SMTP.com\u003Cbr \u002F>\n2) Sendinblue\u003Cbr \u002F>\n3) Mailgun\u003Cbr \u002F>\n4) Sendgrid\u003Cbr \u002F>\n5) Sparkpost\u003Cbr \u002F>\n6) Sendlayer\u003Cbr \u002F>\n7) Postmark\u003Cbr \u002F>\n8) Maileroo\u003Cbr \u002F>\n9) ElasticEmail (Pro)\u003Cbr \u002F>\n10) SMTP2Go (Pro)\u003Cbr \u002F>\n11) Gmail, Gsuite, Google Workspace (Pro)\u003Cbr \u002F>\n12) Outlook \u002F Office 365 (Pro)\u003Cbr \u002F>\n13) AWS (Pro)\u003Cbr \u002F>\n14) Zoho (Pro)\u003Cbr \u002F>\n15) Resend (Pro)\u003Cbr \u002F>\n16) MailerSend (Pro)\u003Cbr \u002F>\n17) Or any custom SMTP provider\u003C\u002Fp>\n\u003Cp>WordPress uses the PHP mail function to send emails generated by WordPress. The PHP mail function sends emails over the IP of your hosting provider’s servers which can have a bad reputation and be blacklisted by many email providers like Gmail, Yahoo, Office 365, Zoho, etc. causing your WordPress originated emails to land in the SPAM folder of your users. By using GoSMTP you ensure that your emails reach the inbox of your user(s).\u003C\u002Fp>\n\u003Cp>You can find our \u003Ca href=\"https:\u002F\u002Fgosmtp.net\u002Fdocs\" rel=\"nofollow ugc\">official documentation\u003C\u002Fa> on our Website \u003Ca href=\"https:\u002F\u002Fgosmtp.net\u002F\" rel=\"nofollow ugc\">GoSMTP.net\u003C\u002Fa> We are also active in our community support forums on wordpress.org if you are one of our free users. Our Premium Support Ticket System is at \u003Ca href=\"https:\u002F\u002Fsoftaculous.deskuss.com\u002Fopen.php?topicId=17\" rel=\"nofollow ugc\">https:\u002F\u002Fsoftaculous.deskuss.com\u002Fopen.php?topicId=17\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgosmtp.net\" title=\"GoSMTP Homepage\" rel=\"nofollow ugc\">Home Page\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fsoftaculous.deskuss.com\u002Fopen.php?topicId=17\" title=\"GoSMTP Support\" rel=\"nofollow ugc\">Support\u003C\u002Fa> | \u003Ca href=\"http:\u002F\u002Fgosmtp.net\u002Fdocs\" title=\"Documents\" rel=\"nofollow ugc\">Documents\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>GoSMTP PRO\u003C\u002Fh3>\n\u003Cp>GoSMTP Pro has many other powerful features and services. \u003Ca href=\"https:\u002F\u002Fgosmtp.net\u002Fpricing\" title=\"Pricing\" rel=\"nofollow ugc\">Click here to purchase now !\u003C\u002Fa> :\u003C\u002Fp>\n\u003Ch3>Email Logs\u003C\u002Fh3>\n\u003Cp>With Email Logging you view all emails sent from your site. This is necessary to keep email records and for auditing outgoing emails. Its also helpful to debug any outgoing email issues.\u003C\u002Fp>\n\u003Ch3>Resend Emails\u003C\u002Fh3>\n\u003Cp>You can resend any email, from the email log wizard. You can also resend multiple emails in bulk.\u003C\u002Fp>\n\u003Ch3>Notifications\u003C\u002Fh3>\n\u003Cp>You can get notified about failed email delivery on your configured channel, we currently support Mail, Slack and Discord.\u003C\u002Fp>\n\u003Ch3>Smart Routing\u003C\u002Fh3>\n\u003Cp>Smart Routing dynamically selects SMTP providers based on content, isolating transactional alerts from marketing to ensure critical emails bypass filters.\u003C\u002Fp>\n\u003Ch3>Premium Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Forward Emails\u003C\u002Fli>\n\u003Cli>Email Reports\u003C\u002Fli>\n\u003Cli>Notifications\u003C\u002Fli>\n\u003Cli>Resend Email\u003C\u002Fli>\n\u003Cli>Smart Routing\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Coming Soon\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Track Email Views\u003C\u002Fli>\n\u003Cli>Track Clicks\u003C\u002Fli>\n\u003Cli>Print Emails\u003C\u002Fli>\n\u003Cli>Multisite Support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>GoSMTP’s Mailer API connecters are derived from Fluent SMTP \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ffluent-smtp\u002F\" rel=\"ugc\">https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ffluent-smtp\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>How to install GoSMTP\u003C\u002Fh3>\n\u003Cp>Go To your WordPress install -> Plugins -> Add New Button -> In Search Box search For GoSMTP -> Click on Install.\u003C\u002Fp>\n","Send emails from your WordPress site using your preferred SMTP provider like Gmail, Outlook, AWS, Zoho, SMTP.com, Brevo (formerly Sendinblue), Mailgun &hellip;",500000,2214142,82,8,"2026-04-13T13:33:00.000Z","7.0","5.5",[73,74,75,76,77],"aws-smtp","gmail-smtp","sendgrid-smtp","smtp","wordpress-smtp","https:\u002F\u002Fgosmtp.net","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgosmtp.1.2.0.zip","2026-04-16T10:56:18.058Z",{"slug":82,"name":83,"version":84,"author":85,"author_profile":86,"description":87,"short_description":88,"active_installs":89,"downloaded":90,"rating":91,"num_ratings":92,"last_updated":93,"tested_up_to":94,"requires_at_least":95,"requires_php":96,"tags":97,"homepage":103,"download_link":104,"security_score":105,"vuln_count":25,"unpatched_count":26,"last_vuln_date":106,"fetched_at":80},"ilab-media-tools","Media Cloud for Bunny CDN, Amazon S3, Cloudflare R2, Google Cloud Storage, DigitalOcean and more","4.6.4","interfacelab","https:\u002F\u002Fprofiles.wordpress.org\u002Finterfacelab\u002F","\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F3tB3rKkwAJY?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>Media cloud is a revolutionary plug-in for WordPress that will supercharge the performance of your website and radically transform the way that you work with media in WordPress.\u003C\u002Fp>\n\u003Cp>Media Cloud works by moving your images, media and other files from your WordPress server to online cloud storage such as Amazon S3, Google Cloud Storage, DigitalOcean Spaces, DreamHost Object Storage and many others.  You can then serve that media through a CDN like Amazon Cloud front, Cloudflare, Fastly and others.\u003C\u002Fp>\n\u003Cp>Beyond cloud storage, Media Cloud also has deep integration with Imgix, the leading real-time image manipulation and optimization CDN.  Media Cloud is the first plugin for WordPress to bring the full benefit of what Imgix offers – simplifying your development efforts, reducing your site’s page load times and opening up creative options that simply haven’t existed until now.\u003C\u002Fp>\n\u003Cp>Media Cloud also provides advanced image editing tools that provide improved cropping options, effects, filters, watermarking and more.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>NOTE\u003C\u002Fstrong>: This plugin requires PHP 7.1 or higher\u003C\u002Fp>\n\u003Ch4>Upload to S3, Cloudflare R2, Minio, Google Cloud Storage, Digital Ocean Spaces, DreamHost Object Storage and others\u003C\u002Fh4>\n\u003Cp>Automatically copy media uploads to the cloud and serve them directly from your cloud storage provider, CloudFront or any other CDN.\u003C\u002Fp>\n\u003Ch4>Video Encoding with Mux\u003C\u002Fh4>\n\u003Cp>Upload videos and encode them nearly instantly to adaptive bitrate HLS that plays back smoothly and beautifully on any device regardless of bandwidth.  Requires an account with \u003Ca href=\"https:\u002F\u002Fmux.com\" rel=\"nofollow ugc\">Mux\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Integrate with Imgix\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fimgix.com\" rel=\"nofollow ugc\">Imgix\u003C\u002Fa> will radically change the way that you build your WordPress sites and themes.  This plugin is the best integration available for WordPress.  Upload your images to S3 with our S3 tool and then host the media with Imgix, providing you with real-time image processing and automatic format delivery.  Forget ImageMagick, Imgix is light years ahead in quality and speed.\u003C\u002Fp>\n\u003Ch4>Native support for Google Cloud Storage\u003C\u002Fh4>\n\u003Cp>Now supports using Google Cloud Storage for uploads without having to use Google’s S3 compatible interop mode.\u003C\u002Fp>\n\u003Ch4>Automatically Tag, Categorize and Caption with Amazon Rekognition\u003C\u002Fh4>\n\u003Cp>Use Amazon’s latest AI tools to tag and categorize your images when uploading to Amazon S3.  With Rekognition, you can automatically detect objects, scenes, and faces in images.\u003C\u002Fp>\n\u003Ch4>Advanced Image Editing\u003C\u002Fh4>\n\u003Cp>When integrating with \u003Ca href=\"https:\u002F\u002Fimgix.com\" rel=\"nofollow ugc\">Imgix\u003C\u002Fa>, Media Cloud by ILAB provides the most advanced WordPress image editor.  Alter contrast, saturation, vibrancy and over 30 other image editing operations – in real time right inside the WordPress admin interface!  Completely non-destructive!\u003C\u002Fp>\n\u003Ch4>Image Cropping\u003C\u002Fh4>\n\u003Cp>Media Cloud by ILAB ships with the most advanced image cropping tool available for WordPress, based on Chen Fengyuan’s amazing Cropper plugin for jQuery.\u003C\u002Fp>\n\u003Ch4>Compatible With Leading Image Optimizers\u003C\u002Fh4>\n\u003Cp>Compatible with Short Pixel, EWWW, Smush and Imagify image optimization plugins!\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Upload to any of a variety of cloud storage providers (Amazon S3, Cloudflare R2, Google Cloud Storage, Minio, Backblaze, DigitalOcean Spaces or any other S3 compatible service)\u003C\u002Fli>\n\u003Cli>Host your media directly from your cloud storage provider or specify a CDN\u003C\u002Fli>\n\u003Cli>Integrate with Imgix media hosting\u003C\u002Fli>\n\u003Cli>Use Amazon Rekognition to automatically tag and categorize images\u003C\u002Fli>\n\u003Cli>Use third party cloud file providers that use S3 compatible APIs\u003C\u002Fli>\n\u003Cli>Advanced image cropping tool\u003C\u002Fli>\n\u003Cli>Advanced image editing with saturation, contrast, auto-correct,\u003Cbr \u002F>\nsharpen, blur and more (only when integrated with Imgix)\u003C\u002Fli>\n\u003Cli>Automatically import your settings from WP Offload Media and WP-Stateless\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Premium Upgrade with Improved Support Options and More Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Built-in image optimization using leading image optimization services like ShortPixel, TinyPNG, Imagify and Kraken.io.  No more third party plugins needed because it’s built into Media Cloud’s process.\u003C\u002Fli>\n\u003Cli>Advanced security for encoded videos and a feature rich video player\u003C\u002Fli>\n\u003Cli>Easily import your existing media library with the push of a button\u003C\u002Fli>\n\u003Cli>WP-CLI support: Import your media library to the cloud, regenerate thumbnails and process your library with Amazon Rekognition using WP-CLI commands.\u003C\u002Fli>\n\u003Cli>Direct uploads integrated directly into WordPress’s media library\u003C\u002Fli>\n\u003Cli>Cloud storage browser that allows you to import media to your media library from the cloud\u003C\u002Fli>\n\u003Cli>WPML, WooCommerce and Easy Digital Downloads integration\u003C\u002Fli>\n\u003Cli>Blubrry Pod Casting, Ultimate Membership integrations\u003C\u002Fli>\n\u003Cli>Push\u002Fpull your CSS and JS assets to the cloud and serve them from a CDN\u003C\u002Fli>\n\u003Cli>Use Google Cloud Vision as a computer vision provider\u003C\u002Fli>\n\u003Cli>Image size manager\u003C\u002Fli>\n\u003Cli>Network level multisite support\u003C\u002Fli>\n\u003Cli>and more!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fmediacloud.press\u002Fcomparison\u002F\" rel=\"nofollow ugc\">Compare the premium plans\u003C\u002Fa>\u003C\u002Fp>\n","Automatically store media on Amazon S3, Cloudflare R2, Google Cloud Storage, DigitalOcean Spaces + others. Serve CSS\u002FJS assets through CDNs.",7000,542755,70,116,"2024-04-09T11:12:00.000Z","6.5.8","4.9","7.4",[98,99,100,101,102],"amazon","bunnycdn","cloudflare","offload","s3","https:\u002F\u002Fgithub.com\u002Finterfacelab\u002Filab-media-tools","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Filab-media-tools.4.6.4.zip",85,"2024-03-25 00:00:00",{"slug":108,"name":109,"version":110,"author":111,"author_profile":112,"description":113,"short_description":114,"active_installs":115,"downloaded":116,"rating":117,"num_ratings":14,"last_updated":118,"tested_up_to":119,"requires_at_least":120,"requires_php":96,"tags":121,"homepage":124,"download_link":125,"security_score":13,"vuln_count":26,"unpatched_count":26,"last_vuln_date":36,"fetched_at":80},"c3-cloudfront-clear-cache","C3 Cloudfront Cache Controller","7.3.2","hide","https:\u002F\u002Fprofiles.wordpress.org\u002Fhideokamoto\u002F","\u003Cp>This is simple plugin that clear all cloudfront cache if you publish posts.\u003Cbr \u002F>\nYou can easy use CloudFront in front of WordPress.\u003C\u002Fp>\n\u003Ch3>Fixtures\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>wp_is_mobile()\u003Cbr \u002F>\nCheck device viewer type by CloudFront header.\u003Cbr \u002F>\nNow supports \u003Ccode>HTTP_CLOUDFRONT_IS_MOBILE_VIEWER\u003C\u002Fcode> and \u003Ccode>HTTP_CLOUDFRONT_IS_TABLET_VIEWER\u003C\u002Fcode>.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>preview url\u003Cbr \u002F>\nIn preview page, plugin add \u003Ccode>post_date\u003C\u002Fcode> query to avoid CloudFront cache.\u003Cbr \u002F>\nAnd set \u003Ccode>wordpress_loginuser_last_visit\u003C\u002Fcode> cookie for avoid CloudFront cache too.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The \u003Ccode>wordpress_loginuser_last_visit\u003C\u002Fcode> cookie will be removed if user sign out.\u003C\u002Fp>\n\u003Ch4>Invalidation(Clear Cache) Page URL\u003C\u002Fh4>\n\u003Cp>This plugin send following page url to CloudFront Invalidation API.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>TOP page URL\u003C\u002Fli>\n\u003Cli>Published Post Page URL\u003C\u002Fli>\n\u003Cli>Category Archive Page URL\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>AWS IAM Policy Example\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>{\n    \"Version\": \"2012-10-17\",\n    \"Statement\": [\n        {\n            \"Action\": [\n                \"cloudfront:GetDistribution\",\n                \"cloudfront:ListInvalidations\",\n                \"cloudfront:GetStreamingDistribution\",\n                \"cloudfront:GetDistributionConfig\",\n                \"cloudfront:GetInvalidation\",\n                \"cloudfront:CreateInvalidation\"\n            ],\n            \"Effect\": \"Allow\",\n            \"Resource\": \"*\"\n        }\n    ]\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong> The \u003Ccode>cloudfront:GetInvalidation\u003C\u002Fcode> permission is required for viewing detailed invalidation information. If this permission is not granted, the detail view feature will be disabled gracefully without affecting other plugin functionality.\u003C\u002Fp>\n\u003Ch3>Adding your configuration through env vars\u003C\u002Fh3>\n\u003Cp>The plugin can be configured by defining the following variables:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>AWS_ACCESS_KEY_ID\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>AWS_SECRET_ACCESS_KEY\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>C3_DISTRIBUTION_ID\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can put these variables like the code into the wp-config.php\u003C\u002Fp>\n\u003Cpre>\u003Ccode>php\ndefine( 'AWS_ACCESS_KEY_ID', '' );\ndefine( 'AWS_SECRET_ACCESS_KEY', '' );\ndefine( 'C3_DISTRIBUTION_ID', '' );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Cookie\u003C\u002Fh3>\n\u003Cp>This plugin set a Cookie named \u003Ccode>wordpress_loginuser_last_visit\u003C\u002Fcode> to the user.\u003Cbr \u002F>\nIt prevents CDN caching when the user is previewing his posts or contents.\u003Cbr \u002F>\nOnce logging out from Dashboard, plugin removes this cookie from user.\u003C\u002Fp>\n\u003Ch3>7.1.0\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>[Feature] Add invalidation detail view with modal popup showing invalidation paths, caller reference, and status\u003C\u002Fli>\n\u003Cli>[Fix] Fix invalid path returned for post type without archive page\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>7.0.1\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>[Update] Improved AWS API call processing for better security and PHP 8.x compatibility\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>7.0.0\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>[Breaking Change] Remove AWS SDK dependency and implement custom HTTP CloudFront API client\u003C\u002Fli>\n\u003Cli>[Update] Add comprehensive invalidation logging with c3_log_invalidation_list filter\u003C\u002Fli>\n\u003Cli>[Update] Add configurable CloudFront region and HTTP timeout settings\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>6.1.6\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>[Fix] Fixed PHP 8 syntax errors by adding nullable type hints\u003C\u002Fli>\n\u003Cli>[Fix] Fixed deprecation warnings about creation of dynamic properties in Invalidation_Service.php\u003C\u002Fli>\n\u003Cli>[Fix] Fixed deprecation warnings about creation of dynamic properties in Cron_Service.php\u003C\u002Fli>\n\u003Cli>[Fix] Fixed PHP 7.4 syntax errors in test files\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>6.1.5\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>[Fix] Changed to install the AWS SDK using composer instead of aws.phar.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>6.1.4\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>[Update] Support post_type_archive_link\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>6.1.3\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>[Fix] Lost filter c3_invalidation_items From v6.0.0\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>6.1.2\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>[Fix] php version compare issue\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>6.1.1\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>[Fix] Plugin deactivation issue\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>6.1.0\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>[Update] Flush cache by post_ids\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>6.0.0\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>[Breaking Change] Re-write entire code\u003C\u002Fli>\n\u003Cli>[Update] Add \u003Ccode>c3_log_cron_invalidation_task\u003C\u002Fcode> filter to show cron job Logs\u003C\u002Fli>\n\u003Cli>[Update] Add \u003Ccode>c3_aws_sdk_path\u003C\u002Fcode> filter to change or remove bundled AWS SDK path\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>5.5.1\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>[Update] Replace the top level menu with a Settings submenu\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>5.5.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>[Update] Can use defined variables for AWS Credentials\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>5.4.2\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>[Bug fix] Set cookie path in preview page\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>5.4.1\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>[Bug fix] Undefined Paths index in invalidation query cron event\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>5.4.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>[Update] Update preview fix plugin\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>5.3.4\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>[Bug fix] Small bug fix\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>5.3.3\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>[Change SDK] replace sdk\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>5.3.2\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>[Bug fix] Use EC2 role if using as AMIMOTO Managed hosting\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>5.3.1\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>[Add filter] Can select AWS SDK version by filter\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>5.3.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>[Update SDK] Use AWS SDK v3 when you using php 5.6 or later\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>5.2.1\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>[For AMIMOTO Managed] bug fix to run by WP-CLI\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>5.2.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>[Add filter] We can disable to register wp-cron that retry request invalidation.\u003C\u002Fli>\n\u003Cli>[Readme] Update readme to see IAM Policy example.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>5.1.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>[Update preview fixture] Set cookie to avoid CloudFront cache if user sign in\u003C\u002Fli>\n\u003Cli>[Update preview fixture] Unset cookie for avoide CloudFront cache if user sign out\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>5.0.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Support CloudFront viewer params on \u003Ccode>wp_is_mobile()\u003C\u002Fcode>.(4.9.0 or later)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>4.4.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Fix small bug\u003C\u002Fli>\n\u003Cli>Add some feature for AMIMOTO Managed hosting user\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>4.3.1\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Fix cron interval\u003C\u002Fli>\n\u003Cli>add filters \u003Ccode>'c3_invalidation_interval\u003C\u002Fcode>, \u003Ccode>c3_invalidation_cron_interval\u003C\u002Fcode>, \u003Ccode>c3_invalidation_item_limits\u003C\u002Fcode>.\u003C\u002Fli>\n\u003Cli>update default invalidation interval & items.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>4.3.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Schedule cron event if you published many post at the same time\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>4.2.1\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Fix ‘c3_credential’ filter position\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>4.2.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Support AMIMOT Dashboard\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>4.1.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Show Invalidation Logs\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>4.0.3\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Auto Deploy by Travis\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>4.0.2\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Add WP-CLI param check ( wp c3 flush)\u003C\u002Fli>\n\u003Cli>change transient_key\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>4.0.1\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Bug fix ( conflict Nephila Clavata )\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>4.0.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Support AWS SDK Version3\u003C\u002Fli>\n\u003Cli>Remove action hook -> ‘c3_add_setting_before’\u003Cbr \u002F>\nuse ‘c3_after_title’ filter hook instead.\u003C\u002Fli>\n\u003Cli>Remove action hook -> ‘c3_add_setting_after’\u003Cbr \u002F>\nuse ‘c3_after_auth_form’ filter hook instead.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>3.0.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Include CF Preview Fix plugin\u003C\u002Fli>\n\u003Cli>Rename\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>2.4.3\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Fix Catch Exception BUG\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>2.4.2\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Fix CLI BUG\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>2.4.1\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Fix CLI BUG\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>2.4.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Add WP-CLI Command ( Update Settings )\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>2.3.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Add WP-CLI Command\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>2.2.2\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Force Invalidation\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>2.2.1\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Fix Typo\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>2.2.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Add Filter for using EC2 Instance Role.\u003C\u002Fli>\n\u003Cli>Translationable in t.w.org\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>2.1.1\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Fix too many invalidation url error.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>2.1.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Add hook to customize invalidation URL\u003C\u002Fli>\n\u003Cli>support new invalidation url, terms.\u003C\u002Fli>\n\u003Cli>Manualy invalidation button added\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>2.0.2\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Change AWS SDK\u003C\u002Fli>\n\u003Cli>code refactoring by wokamoto\u003C\u002Fli>\n\u003Cli>Invalidation URL\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>2.0.1\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Change AWS SDK\u003C\u002Fli>\n\u003Cli>code refactoring by wokamoto\u003C\u002Fli>\n\u003Cli>Invalidation URL\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>1.0\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Initial released.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>6.1.0\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>[Fix] Plugin deactivation issue\u003C\u002Fli>\n\u003C\u002Ful>\n","This is simple plugin that clear all cloudfront cache if you publish posts.",3000,278063,86,"2026-03-23T07:54:00.000Z","6.9.4","4.9.0",[20,122,123],"cdn","cloudfront","https:\u002F\u002Fgithub.com\u002Famimoto-ami\u002Fc3-cloudfront-clear-cache","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fc3-cloudfront-clear-cache.7.3.2.zip",{"slug":127,"name":128,"version":129,"author":130,"author_profile":131,"description":132,"short_description":133,"active_installs":115,"downloaded":134,"rating":135,"num_ratings":11,"last_updated":136,"tested_up_to":137,"requires_at_least":138,"requires_php":139,"tags":140,"homepage":142,"download_link":143,"security_score":144,"vuln_count":14,"unpatched_count":26,"last_vuln_date":145,"fetched_at":80},"smtp-amazon-ses","SMTP for Amazon SES – YaySMTP","1.9.1","YayCommerce","https:\u002F\u002Fprofiles.wordpress.org\u002Fyaycommerce\u002F","\u003Cp>\u003Cstrong>Send WordPress emails through Amazon SES server using YaySMTP\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Amazon Simple Email Service (SES)\u003C\u002Fstrong> is a versatile mail service provider. It is a powerhouse for sending emails, but tapping into its full potential within WordPress can be tricky… until now!\u003C\u002Fp>\n\u003Cp>Introducing YaySMTP, your seamless bridge between \u003Cstrong>Amazon SES and WordPress\u003C\u002Fstrong> for turbocharged email delivery.\u003C\u002Fp>\n\u003Cp>It costs nothing to connect with AWS \u002F Amazon SES.\u003C\u002Fp>\n\u003Cp>YaySMTP for WP SES comes without baffling configuration options. Any WordPress beginner can set it up successfully.\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FsiEe9YyPg6k?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>Moreover, this WP SES plugin provides advanced options that you can’t find in other Amazon SES SMTP free plugins.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Easy to set up\u003C\u002Fstrong>: Clear interface and simple user experience. \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Boosted deliverability\u003C\u002Fstrong>: Experience lightning-fast email sending and enhanced reliability—no more frustrating delays.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Email log\u003C\u002Fstrong>: Set time frame for auto-delete, show\u002Fhide columns.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Email actions\u003C\u002Fstrong>: Display, search, view, and delete emails easily.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Send test email\u003C\u002Fstrong>: One click to send an email for testing.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Compact UI\u003C\u002Fstrong>: Do everything without leaving the page or browser tab.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Detailed tracking\u003C\u002Fstrong>: Monitor email performance like a pro with comprehensive analytics and insights into opens, clicks, senders, etc.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Export\u002FImport\u003C\u002Fstrong>: Quickly export your CSV files to reserve the email sending history.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>⚡️ HOW IT WORKS\u003C\u002Fh3>\n\u003Cp>YaySMTP plugin makes Amazon SES server and your WordPress site become friends very quickly.\u003C\u002Fp>\n\u003Cp>To enable SES SMTP for your WordPress emails, you will need to register an \u003Ca href=\"https:\u002F\u002Fportal.aws.amazon.com\u002Fbilling\u002Fsignup#\u002Fstart\" rel=\"nofollow ugc\">AWS account\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Amazon’s SMTP service provider offers an affordable Pay-as-you-go plan, if not the best and cheapest.\u003C\u002Fp>\n\u003Cp>The configuration process is easy. Just follow our \u003Ca href=\"https:\u002F\u002Fyaycommerce.gitbook.io\u002Fyaysmtp\u002Fhow-to-set-up-smtps\u002Fhow-to-connect-amazon-ses\" rel=\"nofollow ugc\">WP SES documentation\u003C\u002Fa>, and it takes you only a few minutes.\u003C\u002Fp>\n\u003Cp>If you want hands-free setup support, just buy \u003Ca href=\"https:\u002F\u002Fyaycommerce.com\u002Fyaysmtp-wordpress-mail-smtp\u002F\" rel=\"nofollow ugc\">YaySMTP\u003C\u002Fa> and let us handle all the config. Our team is always ready to help you unleash the full power of WordPress SMTP and Amazon SES.\u003C\u002Fp>\n\u003Ch3>🎏 Supported Themes and Plugins\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Complete compatibility with all themes, page builders, and major plugins.\u003C\u002Fli>\n\u003Cli>Perfect with \u003Ca href=\"https:\u002F\u002Fyaycommerce.com\u002Fyaymail-woocommerce-email-customizer\u002F\" rel=\"nofollow ugc\">YayMail – WooCommerce Email Customizer\u003C\u002Fa> plugin.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>📝 Documentation and Support\u003C\u002Fh3>\n\u003Cp>If you’re having issues, do let us know, and we’ll be \u003Ca href=\"https:\u002F\u002Fyaycommerce.com\u002Fsupport\u002F\" rel=\"nofollow ugc\">happy to help\u003C\u002Fa>.\u003C\u002Fp>\n","Send WordPress emails through Amazon SES server using YaySMTP",35751,84,"2025-07-12T04:16:00.000Z","6.8.5","4.0","5.3",[98,20,141,76,77],"ses","https:\u002F\u002Fyaycommerce.com\u002Fyaysmtp-wordpress-mail-smtp","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsmtp-amazon-ses.zip",94,"2025-07-16 00:00:00",{"slug":147,"name":148,"version":149,"author":150,"author_profile":151,"description":152,"short_description":153,"active_installs":154,"downloaded":155,"rating":117,"num_ratings":11,"last_updated":156,"tested_up_to":157,"requires_at_least":158,"requires_php":159,"tags":160,"homepage":164,"download_link":165,"security_score":105,"vuln_count":26,"unpatched_count":26,"last_vuln_date":36,"fetched_at":80},"replace-google-fonts-with-bunny-fonts","Replace Google Fonts with Bunny Fonts","2.1.2","Antonio Leutsch","https:\u002F\u002Fprofiles.wordpress.org\u002Fantonioleutsch\u002F","\u003Cp>Replace Google Fonts with Bunny Fonts in the HTML Markup of your WordPress site.\u003Cbr \u002F>\nIt also replaces the preconnects with the correct ones.\u003C\u002Fp>\n\u003Cp>To disable creating a preconnect to fonts.bunny.net, add the following line to your functions.php:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>add_filter('al_bunny_insert_al_bunny_preconnect', '__return_false');\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>To disable removing the google fonts preconnect, add the following line to your functions.php:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>add_filter('al_bunny_remove_google_preconnect', '__return_false');\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>To disable removing the google fonts dns-prefetch, add the following line to your functions.php:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>add_filter('al_bunny_remove_google_prefetch', '__return_false');\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Supported Cache Plugins\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Autoptimize\u003C\u002Fli>\n\u003Cli>SiteGround Optimizer\u003C\u002Fli>\n\u003Cli>Swift Performance Lite\u003C\u002Fli>\n\u003Cli>W3 Total Cache\u003C\u002Fli>\n\u003Cli>WP Fastest Cache Plugin\u003C\u002Fli>\n\u003Cli>WP Rocket\u003C\u002Fli>\n\u003Cli>WP Super Cache\u003C\u002Fli>\n\u003C\u002Ful>\n","Replace Google Fonts with Bunny Fonts in the HTML Markup of your WordPress site.",1000,9747,"2022-12-06T20:11:00.000Z","6.1.0","4.5","5.6",[161,162,163],"bunny-fonts","google-fonts","replace","https:\u002F\u002Fgithub.com\u002FAntonioLeutsch\u002FReplace-Google-Fonts-with-Bunny-Fonts-WordPress-Plugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Freplace-google-fonts-with-bunny-fonts.2.1.2.zip",{"attackSurface":167,"codeSignals":248,"taintFlows":329,"riskAssessment":434,"analyzedAt":447},{"hooks":168,"ajaxHandlers":214,"restRoutes":240,"shortcodes":241,"cronEvents":246,"entryPointCount":247,"unprotectedCount":26},[169,175,179,183,188,191,193,196,198,200,202,207,210],{"type":170,"name":171,"callback":172,"file":173,"line":174},"action","admin_menu","offload_video_admin_menu","admin\u002Fclass-offload-video-admin.php",53,{"type":170,"name":176,"callback":177,"file":173,"line":178},"admin_notices","offload_video_admin_notice__success",54,{"type":170,"name":180,"callback":181,"file":173,"line":182},"admin_head","offload_video_define_admin",55,{"type":170,"name":184,"callback":185,"file":186,"line":187},"plugins_loaded","anonymous","includes\u002Fclass-offload-video.php",142,{"type":170,"name":189,"callback":185,"file":186,"line":190},"admin_enqueue_scripts",157,{"type":170,"name":189,"callback":185,"file":186,"line":192},158,{"type":170,"name":194,"callback":185,"file":186,"line":195},"wp_enqueue_scripts",176,{"type":170,"name":194,"callback":185,"file":186,"line":197},177,{"type":170,"name":194,"callback":185,"file":186,"line":199},184,{"type":170,"name":194,"callback":185,"file":186,"line":201},185,{"type":170,"name":203,"callback":204,"file":205,"line":206},"wp_head","offload_video_define_frontend","public\u002Fclass-offload-video-public.php",65,{"type":170,"name":203,"callback":208,"file":205,"line":209},"offload_video_upload_popup",66,{"type":170,"name":211,"callback":212,"file":205,"line":213},"wp_footer","offload_video_check_foot_js",67,[215,220,222,226,228,232,234,238],{"action":216,"nopriv":48,"callback":217,"hasNonce":218,"hasCapCheck":48,"file":173,"line":219},"verify_and_save_api_settings","offload_video_verify_and_save_api_settings",true,56,{"action":216,"nopriv":218,"callback":217,"hasNonce":218,"hasCapCheck":48,"file":173,"line":221},57,{"action":223,"nopriv":48,"callback":224,"hasNonce":218,"hasCapCheck":48,"file":173,"line":225},"bulk_delete_video","offload_video_bulk_delete_video",58,{"action":223,"nopriv":218,"callback":224,"hasNonce":218,"hasCapCheck":48,"file":173,"line":227},59,{"action":229,"nopriv":48,"callback":230,"hasNonce":218,"hasCapCheck":48,"file":205,"line":231},"send_course_media_on_bunny","offload_video_send_course_video_on_bunny",61,{"action":229,"nopriv":218,"callback":230,"hasNonce":218,"hasCapCheck":48,"file":205,"line":233},62,{"action":235,"nopriv":48,"callback":236,"hasNonce":218,"hasCapCheck":48,"file":205,"line":237},"delete_video_on_bunny","offload_video_delete_video_on_bunny",63,{"action":235,"nopriv":218,"callback":236,"hasNonce":218,"hasCapCheck":48,"file":205,"line":239},64,[],[242],{"tag":243,"callback":244,"file":205,"line":245},"show_users_video_listing","offload_video_user_video_listing",60,[],9,{"dangerousFunctions":249,"sqlUsage":260,"outputEscaping":262,"fileOperations":323,"externalRequests":51,"nonceChecks":324,"capabilityChecks":25,"bundledLibraries":325},[250,255],{"fn":251,"file":252,"line":253,"context":254},"shell_exec","includes\u002Faws\u002FAws\u002FCredentials\u002FCredentialProvider.php",631,"$json = shell_exec($credentialProcess);",{"fn":256,"file":257,"line":258,"context":259},"move_uploaded_file","includes\u002Faws\u002FGuzzleHttp\u002FPsr7\u002FUploadedFile.php",271,": move_uploaded_file($this->file, $targetPath);",{"prepared":26,"raw":26,"locations":261},[],{"escaped":263,"rawEcho":264,"locations":265},110,32,[266,269,271,273,276,278,280,282,284,285,286,287,288,290,291,293,295,296,297,299,301,302,304,305,307,309,311,313,315,317,319,321],{"file":173,"line":267,"context":268},166,"raw output",{"file":173,"line":270,"context":268},174,{"file":173,"line":272,"context":268},266,{"file":274,"line":275,"context":268},"admin\u002Fpartials\u002Foffload_video_admin_settings.php",39,{"file":274,"line":277,"context":268},42,{"file":274,"line":279,"context":268},43,{"file":274,"line":281,"context":268},50,{"file":274,"line":283,"context":268},51,{"file":274,"line":182,"context":268},{"file":274,"line":221,"context":268},{"file":274,"line":233,"context":268},{"file":274,"line":239,"context":268},{"file":274,"line":289,"context":268},68,{"file":274,"line":91,"context":268},{"file":274,"line":292,"context":268},77,{"file":274,"line":294,"context":268},78,{"file":274,"line":67,"context":268},{"file":274,"line":135,"context":268},{"file":274,"line":298,"context":268},88,{"file":274,"line":300,"context":268},90,{"file":274,"line":144,"context":268},{"file":274,"line":303,"context":268},96,{"file":274,"line":13,"context":268},{"file":274,"line":306,"context":268},102,{"file":274,"line":308,"context":268},106,{"file":274,"line":310,"context":268},108,{"file":274,"line":312,"context":268},114,{"file":274,"line":314,"context":268},123,{"file":274,"line":316,"context":268},127,{"file":318,"line":289,"context":268},"includes\u002Faws\u002FAws\u002FTraceMiddleware.php",{"file":205,"line":320,"context":268},264,{"file":205,"line":322,"context":268},327,46,4,[326],{"name":327,"version":36,"knownCves":328},"Guzzle",[],[330,402],{"entryPoint":331,"graph":332,"unsanitizedCount":26,"severity":401},"offload_video_verify_and_save_api_settings (admin\u002Fclass-offload-video-admin.php:128)",{"nodes":333,"edges":391},[334,339,344,348,350,353,355,359,361,365,367,371,373,377,379,383,385,389],{"id":335,"type":336,"label":337,"file":173,"line":338},"n0","source","$_POST['BUNNY_LIBRARY_ID']",140,{"id":340,"type":341,"label":342,"file":173,"line":338,"wp_function":343},"n1","sink","update_option() [Settings Manipulation]","update_option",{"id":345,"type":336,"label":346,"file":173,"line":347},"n2","$_POST['BUNNY_ACCESS_KEY']",141,{"id":349,"type":341,"label":342,"file":173,"line":347,"wp_function":343},"n3",{"id":351,"type":336,"label":352,"file":173,"line":187},"n4","$_POST['BUNNY_FILE_UPLOAD_LIMIT']",{"id":354,"type":341,"label":342,"file":173,"line":187,"wp_function":343},"n5",{"id":356,"type":336,"label":357,"file":173,"line":358},"n6","$_POST['amazon_s3_bucket']",146,{"id":360,"type":341,"label":342,"file":173,"line":358,"wp_function":343},"n7",{"id":362,"type":336,"label":363,"file":173,"line":364},"n8","$_POST['amazon_s3_key']",147,{"id":366,"type":341,"label":342,"file":173,"line":364,"wp_function":343},"n9",{"id":368,"type":336,"label":369,"file":173,"line":370},"n10","$_POST['amazon_s3_secret']",148,{"id":372,"type":341,"label":342,"file":173,"line":370,"wp_function":343},"n11",{"id":374,"type":336,"label":375,"file":173,"line":376},"n12","$_POST['amazon_s3_region']",149,{"id":378,"type":341,"label":342,"file":173,"line":376,"wp_function":343},"n13",{"id":380,"type":336,"label":381,"file":173,"line":382},"n14","$_POST['AMAZON_FILE_UPLOAD_LIMIT']",150,{"id":384,"type":341,"label":342,"file":173,"line":382,"wp_function":343},"n15",{"id":386,"type":336,"label":387,"file":173,"line":388},"n16","$_POST['streaming_connect_service']",152,{"id":390,"type":341,"label":342,"file":173,"line":388,"wp_function":343},"n17",[392,393,394,395,396,397,398,399,400],{"from":335,"to":340,"sanitized":218},{"from":345,"to":349,"sanitized":218},{"from":351,"to":354,"sanitized":218},{"from":356,"to":360,"sanitized":218},{"from":362,"to":366,"sanitized":218},{"from":368,"to":372,"sanitized":218},{"from":374,"to":378,"sanitized":218},{"from":380,"to":384,"sanitized":218},{"from":386,"to":390,"sanitized":218},"low",{"entryPoint":403,"graph":404,"unsanitizedCount":26,"severity":401},"\u003Cclass-offload-video-admin> (admin\u002Fclass-offload-video-admin.php:0)",{"nodes":405,"edges":424},[406,407,408,409,410,411,412,413,414,415,416,417,418,419,420,421,422,423],{"id":335,"type":336,"label":337,"file":173,"line":338},{"id":340,"type":341,"label":342,"file":173,"line":338,"wp_function":343},{"id":345,"type":336,"label":346,"file":173,"line":347},{"id":349,"type":341,"label":342,"file":173,"line":347,"wp_function":343},{"id":351,"type":336,"label":352,"file":173,"line":187},{"id":354,"type":341,"label":342,"file":173,"line":187,"wp_function":343},{"id":356,"type":336,"label":357,"file":173,"line":358},{"id":360,"type":341,"label":342,"file":173,"line":358,"wp_function":343},{"id":362,"type":336,"label":363,"file":173,"line":364},{"id":366,"type":341,"label":342,"file":173,"line":364,"wp_function":343},{"id":368,"type":336,"label":369,"file":173,"line":370},{"id":372,"type":341,"label":342,"file":173,"line":370,"wp_function":343},{"id":374,"type":336,"label":375,"file":173,"line":376},{"id":378,"type":341,"label":342,"file":173,"line":376,"wp_function":343},{"id":380,"type":336,"label":381,"file":173,"line":382},{"id":384,"type":341,"label":342,"file":173,"line":382,"wp_function":343},{"id":386,"type":336,"label":387,"file":173,"line":388},{"id":390,"type":341,"label":342,"file":173,"line":388,"wp_function":343},[425,426,427,428,429,430,431,432,433],{"from":335,"to":340,"sanitized":218},{"from":345,"to":349,"sanitized":218},{"from":351,"to":354,"sanitized":218},{"from":356,"to":360,"sanitized":218},{"from":362,"to":366,"sanitized":218},{"from":368,"to":372,"sanitized":218},{"from":374,"to":378,"sanitized":218},{"from":380,"to":384,"sanitized":218},{"from":386,"to":390,"sanitized":218},{"summary":435,"deductions":436},"The 'offload-videos-bunny-netaws-s3' plugin v1.0.2 presents a generally good security posture, with no critical or high severity issues identified in static and taint analysis. The plugin demonstrates strong adherence to secure coding practices by using prepared statements for all SQL queries and a high percentage of proper output escaping. The absence of unsanitized paths in taint flows is also a positive indicator. The plugin's attack surface is well-protected, with all identified entry points (AJAX handlers, REST API routes, shortcodes) appearing to have authentication checks in place.\n\nHowever, there are a few areas for improvement. The presence of two dangerous functions, 'shell_exec' and 'move_uploaded_file', warrants careful scrutiny, especially in how they are implemented and if user input can influence their behavior. While the taint analysis did not reveal vulnerabilities related to these functions, their mere presence increases the potential risk profile. The plugin's vulnerability history, while currently showing no unpatched vulnerabilities, does include one medium severity CVE. The common type of this past vulnerability being Cross-Site Request Forgery (CSRF) suggests a need for robust nonce checking on all relevant actions, even if the current analysis shows a moderate number of nonce checks. \n\nIn conclusion, the plugin has a solid foundation of secure coding. The primary concerns stem from the potential misuse of dangerous functions and the historical presence of CSRF vulnerabilities, which requires ongoing vigilance. The plugin's strengths lie in its SQL handling and output escaping. The plugin is relatively secure but could benefit from a deeper review of the usage of 'shell_exec' and 'move_uploaded_file' and reinforcing CSRF protections.",[437,440,442,445],{"reason":438,"points":439},"Presence of dangerous function: shell_exec",5,{"reason":441,"points":439},"Presence of dangerous function: move_uploaded_file",{"reason":443,"points":444},"Past medium severity CVE (CSRF)",7,{"reason":446,"points":439},"Moderate number of nonce checks","2026-04-16T11:35:16.464Z",{"wat":449,"direct":458},{"assetPaths":450,"generatorPatterns":453,"scriptPaths":454,"versionParams":455},[451,452],"\u002Fwp-content\u002Fplugins\u002Foffload-videos-bunny-netaws-s3\u002Fadmin\u002Fcss\u002Foffload-video-admin.css","\u002Fwp-content\u002Fplugins\u002Foffload-videos-bunny-netaws-s3\u002Fadmin\u002Fjs\u002Foffload-video-admin.js",[],[452],[456,457],"offload-videos-bunny-netaws-s3\u002Fadmin\u002Fcss\u002Foffload-video-admin.css?ver=","offload-videos-bunny-netaws-s3\u002Fadmin\u002Fjs\u002Foffload-video-admin.js?ver=",{"cssClasses":459,"htmlComments":460,"htmlAttributes":463,"restEndpoints":464,"jsGlobals":465,"shortcodeOutput":467},[],[461,462],"\u003C!-- Admin settings page content -->","\u003C!-- Update & save Api settings -->",[],[],[466],"window.offloadvideos",[],{"error":218,"url":469,"statusCode":470,"statusMessage":471,"message":471},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Foffload-videos-bunny-netaws-s3\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":25,"versions":473},[474],{"version":475,"download_url":476,"svn_tag_url":477,"released_at":36,"has_diff":48,"diff_files_changed":478,"diff_lines":36,"trac_diff_url":36,"vulnerabilities":479,"is_current":48},"1.0.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Foffload-videos-bunny-netaws-s3.1.0.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Foffload-videos-bunny-netaws-s3\u002Ftags\u002F1.0.0\u002F",[],[480],{"id":32,"url_slug":33,"title":34,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":38}]