[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fHr-VarO-Bdwym5nsPIniq5vDuzcPRvobbhacrH4zsrY":3,"$feiGhYcWZ9zmgPREtxyaXG_o4c_pctKI2921nBn61zpc":284,"$fgRdZndnEJlv0fNuQ0rA4VwxIKOSvChmaaa0iZyJyaEQ":289},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":17,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"discovery_status":28,"vulnerabilities":29,"developer":30,"crawl_stats":26,"alternatives":37,"analysis":141,"fingerprints":263},"oqey-pdfs","Plugin Name: oQey Pdfs","0.1","oQeySites","https:\u002F\u002Fprofiles.wordpress.org\u002Fdariimd\u002F","\u003Cp>oQey Pdfs plugin is a WordPress Plugin that allows to add and manage protected pdf files.\u003C\u002Fp>\n\u003Cp>For instruction on how to insert the plugin into wp template, please visit www.oqeysites.com\u003C\u002Fp>\n\u003Ch3>A brief Markdown\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Easy to protect your pdf files.\u003C\u002Fli>\n\u003C\u002Fol>\n","oQey Pdfs plugin is a Wordpress Plugin that allows to add and manage protected pdf files.",10,4461,0,"2011-02-07T16:04:00.000Z","2.9.2","2.9.0","",[19,20,21,22,23],"custom-online-contracts","custom-pdfs","files","pdf","protected","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Foqey-pdfs.zip",85,null,"2026-03-15T15:16:48.613Z","no_bundle",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":25,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"dariimd",5,60,30,84,"2026-05-20T01:44:23.798Z",[38,61,81,98,117],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":53,"tags":54,"homepage":17,"download_link":59,"security_score":48,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":60},"aam-protected-media-files","AAM Protected Media Files","1.3.2","AAM Plugin","https:\u002F\u002Fprofiles.wordpress.org\u002Fvasyltech\u002F","\u003Cp>Prevent direct access to the unlimited number of media library items either for visitors, individual users or groups of users (roles). This plugin does not modify a physical file’s location or URL.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>The AAM Protected Media Files plugins is the official add-on to the free Advanced Access Manager (aka AAM). While this plugin actually manages physical access to the media files, AAM provides the UI interface to define access to files.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>Few Facts\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>It requires a simple manual steps in order to configure a webserver to protect direct access to \u003Ccode>\u002Fwp-content\u002Fuploads\u003C\u002Fcode> folder. For more information, please check \u003Ca href=\"https:\u002F\u002Faamportal.com\u002Farticle\u002Fprotected-media-files-installation\" rel=\"nofollow ugc\">our installation instructions\u003C\u002Fa>;\u003C\u002Fli>\n\u003Cli>It does not change a physical file’s location, content or URL. Upon deactivation, everything goes back to normal;\u003C\u002Fli>\n\u003Cli>It protects all the allowed by WordPress core file types and those that are extended with third-party plugins (e.g. \u003Ccode>.svg\u003C\u002Fcode>, \u003Ccode>.sketch\u003C\u002Fcode>, etc.). For the list of all allowed extensions, check official WP documentation for the \u003Ca href=\"https:\u002F\u002Fdeveloper.wordpress.org\u002Freference\u002Ffunctions\u002Fwp_get_ext_types\u002F\" rel=\"nofollow ugc\">wp_get_ext_types()\u003C\u002Fa> core function;\u003C\u002Fli>\n\u003Cli>It allows you to manage access to any media file for visitors, any individual user, roles or even define the default access to all media files for everybody (this one is available with \u003Ca href=\"https:\u002F\u002Faamportal.com\u002Fpremium\" rel=\"nofollow ugc\">premium\u003C\u002Fa> add-on for AAM plugin);\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For more information about how properly install and use it, refer to \u003Ca href=\"https:\u002F\u002Faamportal.com\u002Fsupport\" rel=\"nofollow ugc\">our documentation\u003C\u002Fa>.\u003C\u002Fp>\n","Add-on to the free Advanced Access Manager plugin that protects media files from direct access for visitors, roles or users",600,16689,100,2,"2025-06-05T11:29:00.000Z","6.8.0","4.7.0","5.6.0",[55,21,56,57,58],"documents","media-library","protected-media","protected-videos","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Faam-protected-media-files.1.3.2.zip","2026-04-16T10:56:18.058Z",{"slug":62,"name":63,"version":64,"author":65,"author_profile":66,"description":67,"short_description":68,"active_installs":69,"downloaded":70,"rating":48,"num_ratings":71,"last_updated":72,"tested_up_to":73,"requires_at_least":74,"requires_php":75,"tags":76,"homepage":79,"download_link":80,"security_score":48,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":60},"get-filesize-shortcode","Get Filesize Shortcode","1.3.0","ikaring","https:\u002F\u002Fprofiles.wordpress.org\u002Fikaring\u002F","\u003Cp>“Get Filesize Shortcode” is a simple shortcode to get filesize of a file( eg. PDF, JPG, PNG … ) with a human readable format, using the largest unit the bytes will fit into.\u003Cbr \u002F>\nNow added Get filesize block to display file link with file size.\u003C\u002Fp>\n\u003Ch4>Usage\u003C\u002Fh4>\n\u003Cp>Put \u003Ccode>[filesize]http:\u002F\u002Fyoursite.com\u002Fpath\u002Fto\u002Ffile.pdf[\u002Ffilesize]\u003C\u002Fcode> anywhere in a post.\u003C\u002Fp>\n\u003Cp>Or you can use url attr instead. \u003Ccode>[filesize url='http:\u002F\u002Fyoursite.com\u002Fpath\u002Fto\u002Ffile.pdf']\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>Also you can place \u003Ccode>\u003C?php echo do_shortcode('[filesize]http:\u002F\u002Fyoursite.com\u002Fpath\u002Fto\u002Ffile.pdf[\u002Ffilesize]'); ?>\u003C\u002Fcode> in your templates.\u003C\u002Fp>\n\u003Cp>As to “Get filesize” block, search ‘get filesize’ in Text block category and insert it.\u003Cbr \u002F>\nSet file title and file url, and it generates a text link to the file with file size afterwards.\u003Cbr \u002F>\nYou can toggle Preview\u002FEdit by clicking Preview\u002FEdit button in toolbar of the block.\u003C\u002Fp>\n\u003Ch4>Note\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>File must be in your server\u003C\u002Fli>\n\u003Cli>With files larger than 2MB, it might return different number due to the spec of filesize function of PHP.\u003C\u002Fli>\n\u003C\u002Ful>\n","\"Get Filesize Shortcode\" is a simple shortcode to get filesize of a file( eg. PDF, JPG, PNG ... ).",200,4606,3,"2025-07-15T06:42:00.000Z","6.8.5","5.8","5.6",[77,22,78],"filesize","shortcode","http:\u002F\u002Fika-ring.net","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fget-filesize-shortcode.zip",{"slug":82,"name":83,"version":84,"author":85,"author_profile":86,"description":87,"short_description":88,"active_installs":13,"downloaded":89,"rating":13,"num_ratings":13,"last_updated":90,"tested_up_to":91,"requires_at_least":92,"requires_php":17,"tags":93,"homepage":17,"download_link":97,"security_score":48,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":60},"acf-my-media-cluster","ACF My Media Cluster","1.2.12","Nikki Blight","https:\u002F\u002Fprofiles.wordpress.org\u002Fkionae\u002F","\u003Cp>ACF My Media Cluster is an extension for Advance Custom Fields which adds the feature to create groups of media files for download on a page\u002Fpost\u002Fcustom post type. The plugin does come with both a simple to use shortcode and a helper function if you wish to customize your output.\u003Cbr \u002F>\n* Visually create your Fields in the ACF interface.\u003Cbr \u002F>\n* Assign your fields to post types\u003Cbr \u002F>\n* Easily load data through a simple and friendly helper function, or just use the shortcode.\u003Cbr \u002F>\n* Uses the native WordPress custom post type for ease of use and fast processing\u003Cbr \u002F>\n* Uses the native WordPress metadata for ease of use and fast processing\u003Cbr \u002F>\n* Add multiple media files to your posts, pages, and custom post types. You can also modify title, caption and description from this interface.\u003C\u002Fp>\n\u003Ch4>Usage\u003C\u002Fh4>\n\u003Cp>Use the helper function below to pull data from the database. The function will be return an array. The helper function takes in 3 parameters.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>acf_media_cluster(string|required $acf_field_name, int $postID, array $options);\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Example\u003C\u002Fh4>\n\u003Cp>Based on the helper function above. Let say we want to pull annual reports from current page.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>acf_media_cluster('annual_reports', get_the_ID());\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>The data that will be return will be an array. You can then loop over the array and use the data anyway you want.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>$ap = acf_media_cluster('annual_reports', get_the_ID());\nif( !empty($ap) ){\n    foreach($ap as $item){\n        var_dump($item); \u002F\u002FUse the data as you wish\n    }\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Options\u003C\u002Fh4>\n\u003Cp>The 3rd parameter of the \u003Ccode>acf_media_cluster(string|required $acf_field_name, int $postID, array $options);\u003C\u002Fcode> helper function is options which takes in an array. You can pass the following:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>acf_media_cluster('annual_reports', get_the_ID(), array(\n    'orderby' => 'post__in',\n    'order' => 'ASC'\n));\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>For acceptable values for order and orderby, please refer to \u003Ca href=\"https:\u002F\u002Fdeveloper.wordpress.org\u002Freference\u002Ffunctions\u002Fget_posts\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fdeveloper.wordpress.org\u002Freference\u002Ffunctions\u002Fget_posts\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Shortcode\u003C\u002Fh4>\n\u003Cp>In your editor, add the following shortcode where you want the media to appear.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[acf-media-cluster field_name=\"my_media_field\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>The shortcode accepts the following parameters.\u003C\u002Fp>\n\u003Cp>string|required $field_name – Which ACF field name should be used\u003Cbr \u002F>\nstring $container_id – Wrap the output with your custom CSS ID name\u003Cbr \u002F>\nstring $container_class – Wrap the output with your custom CSS class name\u003Cbr \u002F>\nstring $skin – Do you want default CSS styling to apply? yes|no\u003Cbr \u002F>\nstring $format – html format for the output. table|list\u003Cbr \u002F>\nstring $title – a title wrapped in an container tag.  Leave blank for no tag.\u003Cbr \u002F>\nstring $title_container – html tag to wrap the title in, with no brackets. “h3” is default.\u003Cbr \u002F>\nstring $show_meta – Do you want to display file metadata (size, downloads, date)? yes|no\u003C\u002Fp>\n\u003Ch4>Compatibility\u003C\u002Fh4>\n\u003Cp>This ACF field type is compatible with:\u003Cbr \u002F>\n* ACF 6\u003Cbr \u002F>\n* ACF 5\u003C\u002Fp>\n\u003Cp>This ACF field is compatible with the iThemes Security plugin, but you must uncheck the option for “Disable PHP in plugins” under PHP Execution in System Tweaks.\u003C\u002Fp>\n\u003Ch4>Credits\u003C\u002Fh4>\n\u003Cp>This plugin is based on ACF Media Cluster by Navneil Naicker. (\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Facf-media-cluster\u002F\" rel=\"ugc\">https:\u002F\u002Fwordpress.org\u002Fplugins\u002Facf-media-cluster\u002F\u003C\u002Fa>)\u003C\u002Fp>\n\u003Cp>It also takes some inspiration from the Download Attachments plugin by dfactory, which sadly no longer exists.\u003C\u002Fp>\n","ACF My Media Cluster is an extension for the Advance Custom Fields plugin, which adds the ability to create groups of media files for download on a pa &hellip;",2218,"2026-01-07T17:10:00.000Z","6.9.4","3.6.0",[94,55,95,96,22],"acf","download-files","media","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Facf-my-media-cluster.1.2.12.zip",{"slug":99,"name":100,"version":101,"author":102,"author_profile":103,"description":104,"short_description":105,"active_installs":13,"downloaded":106,"rating":13,"num_ratings":13,"last_updated":107,"tested_up_to":91,"requires_at_least":108,"requires_php":17,"tags":109,"homepage":114,"download_link":115,"security_score":48,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":116},"z-authorized-downloads","Zodan Authorized Downloads","1.2.7","martenmoolenaar","https:\u002F\u002Fprofiles.wordpress.org\u002Fmartenmoolenaar\u002F","\u003Cp>This plugin allows site admins to protect specific attachment file types (e.g. Pdf, Doc(x)) from direct access. Instead, the files are served through WordPress, allowing you to check if a user is logged in or has the required permissions before granting access.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Adds a checkbox to media attachments to mark them as “Authorized only”.\u003Cbr \u002F>\n* Creates an internal page and rewrite rules to intercept requests to protected file types.\u003Cbr \u002F>\n* Checks user login status (or other custom logic you add) before serving files.\u003Cbr \u002F>\n* Provides a settings page to specify which file types should be protected.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is licensed under GPLv2 or later.\u003C\u002Fp>\n","Protect documents from unauthorized download.",575,"2026-01-08T15:59:00.000Z","5.5",[110,111,112,21,113],"attachments","authorization","downloads","protected-downloads","https:\u002F\u002Fplugins.zodan.nl\u002Fwordpress-authorized-downloads","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fz-authorized-downloads.1.2.7.zip","2026-04-06T09:54:40.288Z",{"slug":118,"name":119,"version":120,"author":121,"author_profile":122,"description":123,"short_description":124,"active_installs":125,"downloaded":126,"rating":127,"num_ratings":128,"last_updated":129,"tested_up_to":91,"requires_at_least":130,"requires_php":131,"tags":132,"homepage":137,"download_link":138,"security_score":48,"vuln_count":139,"unpatched_count":13,"last_vuln_date":140,"fetched_at":60},"pdf-embedder","PDF Embedder","4.9.3","Syed Balkhi","https:\u002F\u002Fprofiles.wordpress.org\u002Fsmub\u002F","\u003Cp>Upload PDF files and embed them directly into your site’s posts and pages. It works as simple as adding images! Your PDF files will be automatically sized to their natural size and shape. You can also specify a width and the correct height will be calculated automatically. Our PDF Embedder plugin is fully responsive, so the embedded PDF will also look perfect, on any device. Additionally, the pdf embedder will automatically resize whenever the browser dimensions change.\u003C\u002Fp>\n\u003Cp>The plugin has a unique method for embedding PDF files with the immense flexibility over the appearance of your document.\u003C\u002Fp>\n\u003Cp>The PDF viewer has Next and Previous buttons to navigate the document, and zoom buttons if some areas of a PDF file are too small for your screen.\u003C\u002Fp>\n\u003Cp>Your PDF files are embedded within your existing WordPress pages so we have full control over appearance, and all Javascript and other files are served by your own server (not by Google or any other third-party who may not be able to guarantee their own reliability). This means your PDF files will load fast, without any speed penalty.\u003C\u002Fp>\n\u003Cp>Other PDF embedder plugins insert the PDF into an ‘iframe’ which means they do not get the flexibility over sizing. Ours does not and that is an incredible benefit to the overall viewing experience across all devices.\u003C\u002Fp>\n\u003Cp>In the free plugin, there is no button for users to download the PDF, but download options are available in the Premium versions along with other awesome features.\u003C\u002Fp>\n\u003Cp>Another Premium feature are Hyperlinks in your PDF being clickable. Links in the free plugin cannot be clicked.\u003C\u002Fp>\n\u003Ch4>Usage\u003C\u002Fh4>\n\u003Col>\n\u003Cli>\n\u003Cp>Once installed and Activated, click Add Media from any page or post, just like adding an image, but drag and drop a PDF file instead.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>In the Classic Editor when you insert into your post, it will appear in the editor as a ‘shortcode’ as follows:\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ccode>[pdf-embedder url=\"https:\u002F\u002Fexample.com\u002Fwp-content\u002Fuploads\u002F2024\u002F01\u002FPlan-Summary.pdf\"]\u003C\u002Fcode>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>You can change the default appearance – e.g. width, and toolbar position\u002Fappearance through \u003Cstrong>Settings -> PDF Embedder\u003C\u002Fstrong> and also shortcode or block attributes.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>To override your site-wide defaults on an individual embed, see the \u003Ca href=\"https:\u002F\u002Fwp-pdf.com\u002Ffree-instructions\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Plugin Instructions\u003C\u002Fa> for information about sizing options plus other ways to customize the shortcodes.\u003C\u002Fp>\n\u003Ch4>Premium Features\u003C\u002Fh4>\n\u003Cp>Features available in the PDF Embedder Premium versions:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Download button in the toolbar\u003C\u002Fli>\n\u003Cli>Continuous scroll between pages\u003C\u002Fli>\n\u003Cli>Hyperlinks are fully functional\u003C\u002Fli>\n\u003Cli>Full screen mode\u003C\u002Fli>\n\u003Cli>Edit page number to jump straight to page\u003C\u002Fli>\n\u003Cli>Track number of downloads and views\u003C\u002Fli>\n\u003Cli>Mobile-friendly\u003C\u002Fli>\n\u003Cli>Secure option – difficult to download original PDF\u003C\u002Fli>\n\u003Cli>Removes wp-pdf.com branding\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>See \u003Ca href=\"https:\u002F\u002Fwp-pdf.com\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">wp-pdf.com\u003C\u002Fa> for details!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>Mobile-friendly embedding using PDF Embedder Premium\u003C\u002Fh4>\n\u003Cp>The free version will work on most mobile browsers, but cannot position the document entirely within the screen.\u003C\u002Fp>\n\u003Cp>Our \u003Cstrong>PDF Embedder Premium\u003C\u002Fstrong> plugin solves this problem with an intelligent ‘full screen’ mode.\u003C\u002Fp>\n\u003Cp>When the document is smaller than a certain width, the document displays only as a ‘thumbnail’ with a large ‘View in Full Screen’ button for the user to click when they want to study your document.\u003C\u002Fp>\n\u003Cp>This opens up the document so it has the full focus of the mobile browser, and the user can move about the document without hitting other parts of the web page by mistake. Viewers can then Click Exit to return to the regular page.\u003C\u002Fp>\n\u003Cp>The user can also swipe continuously between all pages of the PDF which is more natural than clicking the navigation buttons to navigate.\u003C\u002Fp>\n\u003Cp>See our site \u003Ca href=\"https:\u002F\u002Fwp-pdf.com\u002Fpremium\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">wp-pdf.com\u003C\u002Fa> for more details and purchase options.\u003C\u002Fp>\n\u003Ch4>Protect your PDFs with our premium document embedder version\u003C\u002Fh4>\n\u003Cp>Our \u003Cstrong>PDF Embedder Premium\u003C\u002Fstrong> plugin on its Pro plan provides the same simple but elegant viewer as the Basic version, with the added protection that it is difficult for users to download or print the original PDF document.\u003C\u002Fp>\n\u003Cp>This means that your PDF is unlikely to be shared outside your site where you have no control over who views, prints, or shares it.\u003C\u002Fp>\n\u003Cp>Optionally, add a watermark containing any text, including the logged in user’s name or email address to discourage sharing of screenshots.\u003C\u002Fp>\n\u003Cp>See our site \u003Ca href=\"https:\u002F\u002Fwp-pdf.com\u002Fsecure\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">wp-pdf.com\u003C\u002Fa> for more details and purchase options.\u003C\u002Fp>\n\u003Ch4>PDF Thumbnails\u003C\u002Fh4>\n\u003Cp>Our \u003Cstrong>PDF Thumbnails\u003C\u002Fstrong> plugin automatically generates fixed image versions of all PDF files in your Media Library, to use on your site as you wish.\u003C\u002Fp>\n\u003Cp>You can use them as featured images in posts containing an embedded version of the PDF, or as a visual clickable link to download the PDF directly.\u003Cbr \u002F>\nIt also displays the thumbnail as the “icon” for the PDF in the Media Library, making it easy for authors to locate the PDFs they need to insert in a post.\u003C\u002Fp>\n\u003Cp>See our site \u003Ca href=\"https:\u002F\u002Fwp-pdf.com\u002Fthumbnails\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">wp-pdf.com\u002Fthumbnails\u002F\u003C\u002Fa> for more details and purchase options.\u003C\u002Fp>\n\u003Cp>With thanks to the Mozilla team for developing the underlying \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fmozilla\u002Fpdf.js\" rel=\"nofollow ugc\">pdf.js\u003C\u002Fa> technology used by this PDF documents viewer plugin.\u003C\u002Fp>\n","Seamlessly embed PDFs into your content, with customizations and intelligent responsive resizing, and no third-party services or iframes.",300000,5029920,94,484,"2025-12-30T11:09:00.000Z","6.1","7.2",[133,134,22,135,136],"block","embed-pdf","pdf-document","pdf-viewer","https:\u002F\u002Fwp-pdf.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpdf-embedder.4.9.3.zip",1,"2024-03-18 00:00:00",{"attackSurface":142,"codeSignals":163,"taintFlows":206,"riskAssessment":246,"analyzedAt":262},{"hooks":143,"ajaxHandlers":159,"restRoutes":160,"shortcodes":161,"cronEvents":162,"entryPointCount":13,"unprotectedCount":13},[144,150,155],{"type":145,"name":146,"callback":147,"file":148,"line":149},"action","admin_menu","qu_ipdf_add_pages","qpdf.php",78,{"type":151,"name":152,"callback":153,"file":148,"line":154},"filter","the_content","iPdf_embed",103,{"type":145,"name":156,"callback":157,"file":148,"line":158},"wp_head","iPdfhead",104,[],[],[],[],{"dangerousFunctions":164,"sqlUsage":165,"outputEscaping":187,"fileOperations":49,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":205},[],{"prepared":13,"raw":166,"locations":167},6,[168,172,176,179,182,185],{"file":169,"line":170,"context":171},"add_ipdf.php",29,"$wpdb->query() with variable interpolation",{"file":173,"line":174,"context":175},"folder on root\\pdfs\\index.php",12,"$wpdb->get_row() with variable interpolation",{"file":177,"line":178,"context":171},"manageipdf.php",27,{"file":177,"line":180,"context":181},97,"$wpdb->get_results() with variable interpolation",{"file":148,"line":183,"context":184},32,"$wpdb->get_var() with variable interpolation",{"file":148,"line":186,"context":181},125,{"escaped":13,"rawEcho":188,"locations":189},7,[190,193,195,197,199,201,203],{"file":173,"line":191,"context":192},46,"raw output",{"file":177,"line":194,"context":192},54,{"file":177,"line":196,"context":192},73,{"file":177,"line":198,"context":192},115,{"file":177,"line":200,"context":192},175,{"file":177,"line":202,"context":192},201,{"file":148,"line":204,"context":192},110,[],[207,224,236],{"entryPoint":208,"graph":209,"unsanitizedCount":139,"severity":223},"\u003Cindex> (folder on root\\pdfs\\index.php:0)",{"nodes":210,"edges":220},[211,215],{"id":212,"type":213,"label":214,"file":173,"line":191},"n0","source","$_SERVER['PHP_SELF']",{"id":216,"type":217,"label":218,"file":173,"line":191,"wp_function":219},"n1","sink","echo() [XSS]","echo",[221],{"from":212,"to":216,"sanitized":222},false,"low",{"entryPoint":225,"graph":226,"unsanitizedCount":139,"severity":235},"\u003Cadd_ipdf> (add_ipdf.php:0)",{"nodes":227,"edges":233},[228,230],{"id":212,"type":213,"label":229,"file":169,"line":34},"$_GET['ipdf_id']",{"id":216,"type":217,"label":231,"file":169,"line":170,"wp_function":232},"query() [SQLi]","query",[234],{"from":212,"to":216,"sanitized":222},"high",{"entryPoint":237,"graph":238,"unsanitizedCount":139,"severity":235},"\u003Cmanageipdf> (manageipdf.php:0)",{"nodes":239,"edges":244},[240,243],{"id":212,"type":213,"label":241,"file":177,"line":242},"$_FILES",15,{"id":216,"type":217,"label":231,"file":177,"line":178,"wp_function":232},[245],{"from":212,"to":216,"sanitized":222},{"summary":247,"deductions":248},"The 'oqey-pdfs' plugin, version 0.1, exhibits a concerning security posture despite having a seemingly small attack surface and no known historical vulnerabilities. The static analysis reveals significant weaknesses, particularly in how the plugin handles data. All SQL queries are executed without prepared statements, indicating a high risk of SQL injection vulnerabilities. Furthermore, none of the observed output operations are properly escaped, presenting a strong likelihood of cross-site scripting (XSS) flaws. The taint analysis highlights critical issues with three data flows containing unsanitized paths, with two classified as high severity. This suggests that user-supplied data could potentially be manipulated to execute malicious code or access sensitive information.\n\nWhile the absence of known CVEs and a minimal attack surface are positive indicators, the fundamental lack of secure coding practices in data handling overshadows these strengths. The complete absence of nonce and capability checks, coupled with the unescaped output and raw SQL queries, makes this plugin highly vulnerable to common web attacks. The presence of unsanitized paths in taint flows, even without critical severity, is a serious concern that directly impacts the integrity and security of the WordPress installation. This plugin requires immediate attention to address these critical security flaws.",[249,251,253,255,258,260],{"reason":250,"points":242},"SQL queries without prepared statements",{"reason":252,"points":174},"Unescaped output operations",{"reason":254,"points":11},"High severity taint flows with unsanitized paths",{"reason":256,"points":257},"Missing nonce checks",8,{"reason":259,"points":257},"Missing capability checks",{"reason":261,"points":32},"Taint flows with unsanitized paths","2026-03-17T01:26:01.677Z",{"wat":264,"direct":271},{"assetPaths":265,"generatorPatterns":267,"scriptPaths":268,"versionParams":269},[266],"\u002Fwp-content\u002Fplugins\u002Foqey-pdfs\u002Fpdfd.css",[],[],[270],"\u002Fwp-content\u002Fplugins\u002Foqey-pdfs\u002Fpdfd.css?ver=",{"cssClasses":272,"htmlComments":274,"htmlAttributes":275,"restEndpoints":278,"jsGlobals":279,"shortcodeOutput":280},[273],"pdfd",[],[276,277],"name=\"downloadForm","id=\"parolapdf",[],[],[281,282,283],"\u003Cform name=\"downloadForm","\u003Cinput type=\"password\" name=\"parolapdf","\u003Ca href=\"#\" onclick=\"document.downloadForm",{"error":285,"url":286,"statusCode":287,"statusMessage":288,"message":288},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Foqey-pdfs\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":13,"versions":290},[]]