[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fergrLjGEUeDLE7PxfTL6riYRjcGl5Md8eXumoT7FmBc":3},{"slug":4,"name":5,"version":6,"author":4,"author_profile":7,"description":8,"short_description":9,"active_installs":10,"downloaded":11,"rating":12,"num_ratings":12,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":12,"unpatched_count":12,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":34,"analysis":120,"fingerprints":340},"openasset","OpenAsset","5.0.0","https:\u002F\u002Fprofiles.wordpress.org\u002Fopenasset\u002F","\u003Cp>\u003Cstrong>It is possible to use this plugin to just sync images without integrating data, however, if you are looking to sync Project or Employee data to your website, it requires writing code for frontend integration.  It is therefore advised that you do not install directly on your live website.  Install onto a development environment first.  Ensure your integration is fully tested before you deploy live.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Anyone can download this plugin but in order to install and configure, it requires you to be an OpenAsset customer and have a specific OpenAsset license. If you are interested in the obtaining the license please reach out to your OpenAsset Customer Success Manager or \u003Ca href=\"https:\u002F\u002Fpages.openasset.com\u002Fintegrations-contact-us.html\" rel=\"nofollow ugc\">submit this form\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>OpenAsset is a leading provider of Digital Asset Management solutions designed to meet the unique needs of the Architecture, Engineering, and Construction (AEC) industries. Our vision is to supercharge productivity of AEC marketing and business pursuit teams so they can win more business.\u003C\u002Fp>\n\u003Cp>OpenAsset’s Website Connector for WordPress enables AEC companies to sync project and employee profiles with relevant details, experience, and marketing-ready images directly from OpenAsset to their public-facing website.  This eliminates data redundancy, ensuring that high-quality assets are maintained centrally, streamlining workflows and boosting efficiency.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Effortless Project Showcase:\u003C\u002Fstrong> Showcase your AEC projects seamlessly on your website with a few clicks. The connector enables display of approved and consistent project details, enhancing your online presence.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Employee Profiles that Stand Out:\u003C\u002Fstrong> Highlight your team’s expertise by effortlessly publishing employee profiles directly from the DAM. Keep your team information up-to-date and impress your clients with the talent behind your projects.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Marketing-Ready Images:\u003C\u002Fstrong> Present your projects with stunning visuals. The connector enables you to select and publish marketing-ready images directly from your DAM, ensuring consistency and professionalism across your web presence.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Data Consistency and Centralization:\u003C\u002Fstrong> Say goodbye to inconsistency. The connector synchronizes with your OpenAsset instance, ensuring that the information on your website is up-to-date and reflective of your latest projects and team members.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Presentation and web design in your control:\u003C\u002Fstrong>  The connector offers a simple UI template that you are free to modify or your web developer is able to integrate the data into your fully custom website UI.\u003C\u002Fp>\n\u003Ch3>Links\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.openasset.com\" rel=\"nofollow ugc\">openasset.com\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsuccess.openasset.com\u002Fen\u002Farticles\u002F8970283-using-openasset-s-website-connector-for-wordpress\" rel=\"nofollow ugc\">Using OpenAsset’s Website Connector for WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsuccess.openasset.com\u002Fen\u002Farticles\u002F8971102-using-the-templates-bundled-with-openasset-s-website-connector-for-wordpress\" rel=\"nofollow ugc\">Using the templates bundled with OpenAsset’s Website Connector for WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fsuccess.openasset.com\u002Fen\u002Farticles\u002F8971297-creating-a-fully-custom-ui-with-openasset-s-website-connector-for-wordpress\" rel=\"nofollow ugc\">Creating a fully custom UI with OpenAsset’s Website Connector for WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Support OpenAsset’s Website Connector for WordPress is provided directly from OpenAsset’s support team.\u003C\u002Fstrong>\u003Cbr \u002F>\nIf you have questions pertaining to downloading, installing, configuring and syncing the plugin, please reach out to: \u003Ca href=\"mailto:support@openasset.com\" rel=\"nofollow ugc\">support@openasset.com\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong> We do not offer support for modifying or customizing your web pages including issues relating to the presentation of your information or images. Please contact your web developer for this.\u003C\u002Fp>\n\u003Ch3>3rd Party Services\u003C\u002Fh3>\n\u003Cp>OpenAsset’s Website Connector for WordPress makes use of OpenAsset’s API to retrieve and display data from your OpenAsset instance. By using this plugin you agree to OpenAsset’s terms of service and privacy policy.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fopenasset.com\u002Fterms-ltd\" rel=\"nofollow ugc\">OpenAsset Terms & Conditions\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.iubenda.com\u002Fprivacy-policy\u002F69272435\" rel=\"nofollow ugc\">OpenAsset Privacy Policy\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Using this plugin means that you do not need to interact with OpenAsset’s API in code but for reference it is \u003Ca href=\"https:\u002F\u002Fdevelopers.openasset.com\" rel=\"nofollow ugc\">documented here\u003C\u002Fa>\u003C\u002Fp>\n","Sync your AEC Project Portfolio, Employees and Images from OpenAsset to your Wordpress Website.",10,5977,0,"2026-01-12T17:16:00.000Z","6.9.4","6.0","8.0",[18,19,20,21,22],"dam","digital-asset-management","images","projects","team","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fopenasset.5.0.0.zip",100,null,"2026-03-15T15:16:48.613Z",[],{"slug":4,"display_name":4,"profile_url":7,"plugin_count":30,"total_installs":10,"avg_security_score":25,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},1,30,94,"2026-04-04T15:19:14.538Z",[35,54,70,86,102],{"slug":36,"name":37,"version":38,"author":37,"author_profile":39,"description":40,"short_description":41,"active_installs":25,"downloaded":42,"rating":12,"num_ratings":12,"last_updated":43,"tested_up_to":44,"requires_at_least":45,"requires_php":23,"tags":46,"homepage":49,"download_link":50,"security_score":51,"vuln_count":52,"unpatched_count":30,"last_vuln_date":53,"fetched_at":27},"canto","Canto","3.1.1","https:\u002F\u002Fprofiles.wordpress.org\u002Fflightbycanto\u002F","\u003Cp>Simplify collaboration: Publish media from Canto to WordPress. Browse\u002Fsearch your library directly. Inserted images save to WordPress.\u003C\u002Fp>\n","Find & publish creative assets to WordPress easily, no email or folder search needed, with Canto's digital asset management.",14826,"2025-12-23T05:35:00.000Z","6.8.5","5.0",[36,18,19,47,48],"file-storage","photo-library","https:\u002F\u002Fwww.canto.com\u002Fintegrations\u002Fwordpress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcanto.3.1.1.zip",46,8,"2026-03-20 15:13:52",{"slug":55,"name":56,"version":57,"author":58,"author_profile":59,"description":60,"short_description":61,"active_installs":62,"downloaded":63,"rating":12,"num_ratings":12,"last_updated":64,"tested_up_to":44,"requires_at_least":15,"requires_php":65,"tags":66,"homepage":23,"download_link":69,"security_score":25,"vuln_count":12,"unpatched_count":12,"last_vuln_date":26,"fetched_at":27},"pixx-io","pixx.io","2.1.1","pixx.io GmbH","https:\u002F\u002Fprofiles.wordpress.org\u002Fpixxio\u002F","\u003Cp>Integrate pixx.io DAM Digital Asset Management into WordPress. Use files from your pixx.io media pool with WordPress easily and without any detour.\u003C\u002Fp>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cp>You can easily import image files into your WordPress library with our plugin.\u003C\u002Fp>\n\u003Cp>If you use Gutenberg or the Classic Editor, you can import the images directly from pixx.io into your media library and use them from there.\u003C\u002Fp>\n\u003Cp>Otherwise you can just import the images in the media overview.\u003C\u002Fp>\n\u003Cp>When importing into your WordPress library you can choose the file format. Also, there is a preview to choose from where your image will be imported in JPEG format with a maximum width of 1000px.\u003C\u002Fp>\n","Integrate pixx.io DAM Digital Asset Management into WordPress. Use files from your pixx.io media pool with WordPress easily and without any detour.",90,2261,"2025-11-12T09:48:00.000Z","7.4",[18,19,67,68],"pixx","pixxio","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpixx-io.2.1.1.zip",{"slug":71,"name":72,"version":73,"author":74,"author_profile":75,"description":76,"short_description":77,"active_installs":12,"downloaded":78,"rating":25,"num_ratings":30,"last_updated":79,"tested_up_to":14,"requires_at_least":80,"requires_php":65,"tags":81,"homepage":23,"download_link":85,"security_score":25,"vuln_count":12,"unpatched_count":12,"last_vuln_date":26,"fetched_at":27},"bipo-project-manager","Dear Project Manager","1.0.15","Bipin Khatri","https:\u002F\u002Fprofiles.wordpress.org\u002Fimbipo\u002F","\u003Cp>Dear Project Manager is a powerful WordPress plugin that transforms your website into a complete project management platform. Perfect for agencies, freelancers, and organizations that need to showcase projects, manage team applications, and track project submissions.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Project Showcase\u003C\u002Fstrong> – Display beautiful project portfolios with custom post types\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Team Management\u003C\u002Fstrong> – Create teams and assign members to projects\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Application System\u003C\u002Fstrong> – Allow users to apply for projects with custom forms\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Submission Tracking\u003C\u002Fstrong> – Team members can submit project reports and updates\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User Status Validation\u003C\u002Fstrong> – Smart permission system to control access\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Beautiful Templates\u003C\u002Fstrong> – Tailwind CSS-styled frontend templates\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Comments\u003C\u002Fstrong> – Discussion system for project collaboration\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Admin Dashboard\u003C\u002Fstrong> – Comprehensive admin interface for managing everything\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Perfect For:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Design agencies showcasing client work\u003C\u002Fli>\n\u003Cli>Development teams managing projects\u003C\u002Fli>\n\u003Cli>Educational institutions with student projects\u003C\u002Fli>\n\u003Cli>Freelancers building their portfolio\u003C\u002Fli>\n\u003Cli>Non-profits managing volunteer projects\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Development\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Technical Details:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Custom post types: \u003Ccode>project\u003C\u002Fcode>, \u003Ccode>team\u003C\u002Fcode>, \u003Ccode>project_application\u003C\u002Fcode>, \u003Ccode>project_submission\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Meta fields for project details (URL, status, difficulty, duration, tags, client)\u003C\u002Fli>\n\u003Cli>AJAX-powered application and submission forms\u003C\u002Fli>\n\u003Cli>Role-based permission system\u003C\u002Fli>\n\u003Cli>Meta query optimization for team\u002Fproject relationships\u003C\u002Fli>\n\u003Cli>WordPress coding standards compliant\u003C\u002Fli>\n\u003Cli>Secure nonce verification on all forms\u003C\u002Fli>\n\u003Cli>Sanitized and escaped output throughout\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Hooks & Filters:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The plugin provides various hooks and filters for developers to extend functionality:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>project_mp_user_status\u003C\u002Fcode> – Filter user status validation\u003C\u002Fli>\n\u003Cli>\u003Ccode>project_mp_application_submitted\u003C\u002Fcode> – Action after application submission\u003C\u002Fli>\n\u003Cli>\u003Ccode>project_mp_submission_saved\u003C\u002Fcode> – Action after report submission\u003C\u002Fli>\n\u003Cli>\u003Ccode>project_mp_team_assigned\u003C\u002Fcode> – Action when user assigned to team\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Privacy Policy\u003C\u002Fh3>\n\u003Cp>This plugin stores user application data including:\u003Cbr \u002F>\n* User name and email (from WordPress user account)\u003Cbr \u002F>\n* Application text\u002Fapproach\u003Cbr \u002F>\n* Project submission reports\u003Cbr \u002F>\n* Team assignments\u003C\u002Fp>\n\u003Cp>All data is stored in the WordPress database and follows WordPress data retention policies. No data is sent to external services.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>For support, feature requests, or bug reports, please visit:\u003Cbr \u002F>\nhttps:\u002F\u002Fgithub.com\u002Fim-bipo\u002FProject-PM\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Tailwind CSS for styling framework\u003C\u002Fli>\n\u003Cli>WordPress for the amazing platform\u003C\u002Fli>\n\u003C\u002Ful>\n","A comprehensive project management plugin for WordPress with team collaboration, applications, and submissions.",180,"2026-01-06T06:52:00.000Z","5.8",[82,83,84,21,22],"collaboration","management","portfolio","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbipo-project-manager.1.0.15.zip",{"slug":87,"name":88,"version":89,"author":90,"author_profile":91,"description":92,"short_description":93,"active_installs":12,"downloaded":94,"rating":12,"num_ratings":12,"last_updated":23,"tested_up_to":95,"requires_at_least":96,"requires_php":97,"tags":98,"homepage":99,"download_link":100,"security_score":25,"vuln_count":12,"unpatched_count":12,"last_vuln_date":26,"fetched_at":101},"hivo-library","HIVO Connector","0.0.4","hivo","https:\u002F\u002Fprofiles.wordpress.org\u002Fhivo\u002F","\u003Cp>This plugin allows users of HIVO to add Assets from their HIVO Library to the WordPress Media Library.\u003C\u002Fp>\n","Login to your HIVO Library and add Assets directly to your Wordpress Media tab.",1252,"6.6.5","4.4.0","4.3.0",[18,19,90],"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fhivo-connector\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhivo-library.0.0.4.zip","2026-03-15T10:48:56.248Z",{"slug":103,"name":104,"version":105,"author":106,"author_profile":107,"description":108,"short_description":109,"active_installs":12,"downloaded":110,"rating":12,"num_ratings":12,"last_updated":111,"tested_up_to":112,"requires_at_least":15,"requires_php":113,"tags":114,"homepage":118,"download_link":119,"security_score":25,"vuln_count":12,"unpatched_count":12,"last_vuln_date":26,"fetched_at":27},"vy-bildbank","Vy Bildbank","1.1.1","vybildbank","https:\u002F\u002Fprofiles.wordpress.org\u002Ftingmediabank\u002F","\u003Cp>Access your media assets from your account at the cloud service Vy Bildbank.\u003C\u002Fp>\n","Access your media assets from your account at the cloud service Vy Bildbank.",756,"2026-02-05T12:23:00.000Z","6.7.5","7.0",[18,19,115,116,117],"image-bank","media","media-library","https:\u002F\u002Fbildbank.se\u002Fsv\u002Fsupport\u002Fwordpress","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fvy-bildbank.zip",{"attackSurface":121,"codeSignals":226,"taintFlows":292,"riskAssessment":329,"analyzedAt":339},{"hooks":122,"ajaxHandlers":203,"restRoutes":209,"shortcodes":219,"cronEvents":220,"entryPointCount":225,"unprotectedCount":12},[123,129,132,136,140,144,148,152,156,161,165,168,173,177,181,186,191,196,200],{"type":124,"name":125,"callback":126,"file":127,"line":128},"action","admin_enqueue_scripts","enqueue_scripts","includes\\Admin\\MediaFilters.php",7,{"type":124,"name":130,"callback":131,"file":127,"line":52},"admin_footer","render_templates",{"type":133,"name":134,"callback":135,"priority":10,"file":127,"line":10},"filter","wp_prepare_attachment_for_js","modify_attachment_data",{"type":133,"name":137,"callback":138,"file":127,"line":139},"ajax_query_attachments_args","filter_media_query",11,{"type":124,"name":141,"callback":142,"file":127,"line":143},"pre_get_posts","filter_media_library_query",12,{"type":133,"name":145,"callback":146,"file":127,"line":147},"views_upload","add_filter_views",13,{"type":124,"name":149,"callback":150,"priority":12,"file":127,"line":151},"manage_media_custom_column","add_media_library_filters",14,{"type":124,"name":153,"callback":154,"file":127,"line":155},"restrict_manage_posts","add_list_view_filters",15,{"type":124,"name":157,"callback":158,"file":159,"line":160},"admin_menu","register_admin_dashboard","includes\\Admin\\RegisterAdmin.php",25,{"type":124,"name":162,"callback":163,"file":159,"line":164},"wp_enqueue_scripts","enqueue_frontend_scripts_and_styles",28,{"type":124,"name":125,"callback":166,"file":159,"line":167},"enqueue_dashboard_admin_scripts",79,{"type":133,"name":169,"callback":170,"file":171,"line":172},"cron_schedules","custom_cron_intervals","includes\\Admin\\Scheduling.php",101,{"type":124,"name":174,"callback":175,"file":171,"line":176},"openasset_feed_refresh","initiate_sync_queue",102,{"type":124,"name":178,"callback":179,"file":171,"line":180},"openasset_clear_sync_context","clear_sync_context",106,{"type":124,"name":182,"callback":183,"file":184,"line":185},"rest_api_init","register_v1_routes","includes\\API\\OptionsAPI.php",59,{"type":133,"name":187,"callback":188,"file":189,"line":190},"template_include","load_custom_templates","includes\\Core\\Helpers.php",18,{"type":124,"name":192,"callback":193,"file":194,"line":195},"admin_notices","closure","openasset.php",50,{"type":124,"name":197,"callback":198,"file":194,"line":199},"activated_plugin","openasset_activation",82,{"type":124,"name":125,"callback":201,"file":194,"line":202},"openasset_init_enqueue_admin_styles",144,[204],{"action":205,"nopriv":206,"callback":205,"hasNonce":207,"hasCapCheck":206,"file":127,"line":208},"get_parent_options",false,true,9,[210],{"namespace":211,"route":212,"methods":213,"callback":215,"permissionCallback":216,"file":217,"line":218},"openasset\u002Fv1","\u002Ftext-assets\u002Ftest",[214],"GET","test_text_assets_api","check_admin_permission","includes\\Admin\\TextAssets.php",767,[],[221,223],{"hook":174,"callback":174,"file":171,"line":222},178,{"hook":178,"callback":178,"file":171,"line":224},785,2,{"dangerousFunctions":227,"sqlUsage":228,"outputEscaping":250,"fileOperations":30,"externalRequests":208,"nonceChecks":225,"capabilityChecks":290,"bundledLibraries":291},[],{"prepared":229,"raw":52,"locations":230},17,[231,235,237,240,243,245,247,248],{"file":232,"line":233,"context":234},"includes\\Admin\\DatabaseMigration.php",129,"$wpdb->get_var() with variable interpolation",{"file":232,"line":236,"context":234},164,{"file":232,"line":238,"context":239},314,"$wpdb->query() with variable interpolation",{"file":241,"line":242,"context":234},"includes\\Admin\\SyncLogger.php",236,{"file":241,"line":244,"context":234},300,{"file":241,"line":246,"context":239},303,{"file":194,"line":32,"context":239},{"file":194,"line":249,"context":239},107,{"escaped":251,"rawEcho":229,"locations":252},210,[253,257,259,261,263,265,268,270,272,274,277,279,281,283,286,288,289],{"file":254,"line":255,"context":256},"includes\\Admin\\CustomPostTypes.php",238,"raw output",{"file":254,"line":258,"context":256},253,{"file":254,"line":260,"context":256},295,{"file":127,"line":262,"context":256},231,{"file":217,"line":264,"context":256},203,{"file":266,"line":267,"context":256},"template-parts\\content\\content-oa-employee.php",191,{"file":266,"line":269,"context":256},193,{"file":266,"line":271,"context":256},222,{"file":266,"line":273,"context":256},229,{"file":275,"line":276,"context":256},"template-parts\\content\\content-oa-project.php",89,{"file":275,"line":278,"context":256},260,{"file":275,"line":280,"context":256},391,{"file":275,"line":282,"context":256},393,{"file":284,"line":285,"context":256},"template-parts\\partials\\search-form.php",31,{"file":284,"line":287,"context":256},34,{"file":284,"line":287,"context":256},{"file":284,"line":287,"context":256},4,[],[293,309,318],{"entryPoint":294,"graph":295,"unsanitizedCount":30,"severity":308},"render_filter_fields (includes\\Admin\\MediaFilters.php:216)",{"nodes":296,"edges":306},[297,301],{"id":298,"type":299,"label":300,"file":127,"line":273},"n0","source","$_GET",{"id":302,"type":303,"label":304,"file":127,"line":262,"wp_function":305},"n1","sink","echo() [XSS]","echo",[307],{"from":298,"to":302,"sanitized":206},"medium",{"entryPoint":310,"graph":311,"unsanitizedCount":12,"severity":317},"\u003CMediaFilters> (includes\\Admin\\MediaFilters.php:0)",{"nodes":312,"edges":315},[313,314],{"id":298,"type":299,"label":300,"file":127,"line":273},{"id":302,"type":303,"label":304,"file":127,"line":262,"wp_function":305},[316],{"from":298,"to":302,"sanitized":207},"low",{"entryPoint":319,"graph":320,"unsanitizedCount":12,"severity":317},"\u003Ckeyword-filters-new> (template-parts\\partials\\keyword-filters-new.php:0)",{"nodes":321,"edges":327},[322,325],{"id":298,"type":299,"label":300,"file":323,"line":324},"template-parts\\partials\\keyword-filters-new.php",40,{"id":302,"type":303,"label":304,"file":323,"line":326,"wp_function":305},43,[328],{"from":298,"to":302,"sanitized":207},{"summary":330,"deductions":331},"The \"openasset\" v5.0.0 plugin exhibits a generally strong security posture with several good practices observed. The static analysis indicates a low attack surface, with all identified AJAX handlers and REST API routes protected by authentication checks. A high percentage of SQL queries use prepared statements and output is properly escaped, which are positive indicators of secure coding. The absence of known CVEs and past vulnerabilities is also a significant strength.\n\nHowever, there are areas that warrant caution. The taint analysis revealed one flow with unsanitized paths, which, while not categorized as critical or high, still represents a potential avenue for exploitation if input is not handled meticulously. The presence of file operations and external HTTP requests, while not inherently insecure, requires careful review to ensure these functionalities do not introduce vulnerabilities. The plugin also makes external HTTP requests, which can be a vector for certain attacks if not properly validated.\n\nOverall, \"openasset\" v5.0.0 appears to be a reasonably secure plugin due to its proactive security measures and clean vulnerability history. The primary concern lies with the single unsanitized path flow identified in the taint analysis, which should be the focus of further scrutiny. The plugin's strengths in authentication, prepared statements, and output escaping provide a solid foundation, but the identified path issue and the nature of external interactions necessitate ongoing vigilance.",[332,334,337],{"reason":333,"points":52},"Flow with unsanitized paths found",{"reason":335,"points":336},"File operations detected",3,{"reason":338,"points":336},"External HTTP requests detected","2026-03-16T23:48:46.853Z",{"wat":341,"direct":348},{"assetPaths":342,"generatorPatterns":344,"scriptPaths":345,"versionParams":346},[343],"\u002Fwp-content\u002Fplugins\u002Fopenasset\u002Fsrc\u002Fdashboard\u002Fstyles\u002Finit.css",[],[],[347],"openasset\u002Fsrc\u002Fdashboard\u002Fstyles\u002Finit.css?ver=",{"cssClasses":349,"htmlComments":352,"htmlAttributes":353,"restEndpoints":359,"jsGlobals":361,"shortcodeOutput":362},[350,351],"oa-dev-tools-btn","oa-dev-tools-category-btn",[],[354,355,356,357,358],"data-asset-type","data-item-id","data-data-type","data-openasset-id","data-title",[360],"\u002Fwp-json\u002Fopenasset\u002Fv1\u002Fdevtools\u002Fcontent",[5],[]]