[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f1qaOusxOcO9OWg2ijuTSbFx_xEKTZ-vesuy7XyB79RI":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":46,"crawl_stats":37,"alternatives":53,"analysis":154,"fingerprints":493},"photoshelter-official-plugin","PhotoShelter for Photographers Blog Feed Plugin","1.5.7","PhotoShelter","https:\u002F\u002Fprofiles.wordpress.org\u002Fphotoshelter\u002F","\u003Cp>The PhotoShelter Official Plugin for WordPress allows you to easily embed single images or gallery slideshows from PhotoShelter into any blog post. The plugin also allows for quick and easy Photoshelter integration via one-click menu creation, which adds to WordPress a navigation menu of links to your PhotoShelter site.\u003C\u002Fp>\n\u003Cp>PhotoShelter — http:\u002F\u002Fwww.photoshelter.com — is the leader in photographer websites and provides you with everything you need to display, distribute, and sell photos online. Through PhotoShelter, you may sell photography and power your photography business with photo hosting, a real archive, and the best marketing tools.\u003C\u002Fp>\n\u003Ch4>Plugin Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Embeds any publicly visible PhotoShelter image or gallery slideshow directly into a blog post — without leaving WordPress\u003C\u002Fli>\n\u003Cli>Eliminates the need to create and upload individual low-resolution files to WordPress. Your original PhotoShelter images are automatically resized, sharpened and (if you choose) watermarked for blog use. This process takes place on the fly at PhotoShelter, so the embedded images take up no space on\u003Cbr \u002F>\nyour web server\u003C\u002Fli>\n\u003Cli>Embedded images click through to the same image on the your PhotoShelter website, where blog visitors can buy prints, products or digital downloads\u003C\u002Fli>\n\u003Cli>One-click navigation menu creation adds to WordPress all the important links\u003Cbr \u002F>\nto your PhotoShelter site\u003C\u002Fli>\n\u003Cli>Creates backlinks to your PhotoShelter website so search engines like Google can easily find your photos\u003C\u002Fli>\n\u003Cli>Supports SEO best practices by automatically writing the IPTC image description into the ALT text of the embedded image. Get even better SEO by enabling the image caption option\u003C\u002Fli>\n\u003Cli>Embed images as either HTML (for mobile compatibility) or Flash (for higher security)\u003C\u002Fli>\n\u003Cli>Search for images by IPTC keyword or by gallery, or browse through your recently uploaded content\u003C\u002Fli>\n\u003Cli>Supports gallery slideshow custom presets\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Col>\n\u003Cli>When editing a post, just click the PhotoShelter “P” icon in the post toolbar.\u003C\u002Fli>\n\u003Cli>Browse your gallery list, your recently uploaded images, or search for a specific image.\u003C\u002Fli>\n\u003Cli>Select the image or gallery slideshow.\u003C\u002Fli>\n\u003Cli>Follow the on-screen instructions to embed your image(s) according to your preferences: slideshow or single image; Flash or HTML.\u003C\u002Fli>\n\u003Cli>Depending on your choice, click “Insert Image”, “Embed Gallery Slideshow”, or “Insert Gallery (Cover Image)” to add the image or slideshow to your post.\u003C\u002Fli>\n\u003Cli>To add a menu, click the PhotoShelter link from your WordPress sidebar, and follow the instructions in the “Add PhotoShelter Menu” section of this page.  You’ll find the menu under Appearance -> Menus in your dashboard\u003C\u002Fli>\n\u003C\u002Fol>\n","Embed your PhotoShelter content (single images, gallery cover images, or slideshows) directly into your blog - without leaving WordPress!",200,42024,36,4,"2021-10-20T20:29:00.000Z","5.0.25","2.8","",[20,21,22,23,24],"embed-slideshows","photos","photoshelter","publish-photos","slideshow","http:www.photoshelter.com\u002Fhelp\u002Ftut\u002Fmarket\u002Fplugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fphotoshelter-official-plugin.zip",64,1,"2025-04-01 00:00:00","2026-03-15T15:16:48.613Z",[32],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":37,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":29,"updated_date":43,"references":44,"days_to_patch":37},"CVE-2025-31766","photoshelter-for-photographers-blog-feed-plugin-authenticated-contributor-stored-cross-site-scripting","PhotoShelter for Photographers Blog Feed Plugin \u003C= 1.5.7 - Authenticated (Contributor+) Stored Cross-Site Scripting","The PhotoShelter for Photographers Blog Feed Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.5.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",null,"\u003C=1.5.7","medium",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-04-09 14:06:13",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F4aa04db0-8878-42b7-a923-03257230a7c1?source=api-prod",{"slug":22,"display_name":7,"profile_url":8,"plugin_count":47,"total_installs":48,"avg_security_score":49,"avg_patch_time_days":50,"trust_score":51,"computed_at":52},2,290,82,30,81,"2026-04-05T02:31:58.566Z",[54,81,102,124,138],{"slug":55,"name":56,"version":57,"author":58,"author_profile":59,"description":60,"short_description":61,"active_installs":62,"downloaded":63,"rating":64,"num_ratings":65,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":69,"tags":70,"homepage":76,"download_link":77,"security_score":78,"vuln_count":28,"unpatched_count":79,"last_vuln_date":80,"fetched_at":30},"embed-google-photos-album-easily","Embed Google Photos album","2.2.1","pavex","https:\u002F\u002Fprofiles.wordpress.org\u002Fpavex\u002F","\u003Cp>This plugin requires a shared Google Photos album link to view photos using gallery\u002Fplayer or carousel. This widget is free to use for WordPress users.\u003C\u002Fp>\n\u003Cp>It is very easy to use. Just write a \u003Cstrong>shortcode\u003C\u002Fstrong> to your post and include a link of shared Google Photos album as a parameter. Instead of shortcode, html code with links to the photo will be inserted and it will be decorated using Public album javascript.\u003C\u002Fp>\n\u003Ch3>Example\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>[embed-google-photos-album link=\"https:\u002F\u002Fphotos.app.goo.gl\u002FCSV7NDstShTUwUZq5\"]\n\n[embed-google-photos-album link=\"https:\u002F\u002Fphotos.app.goo.gl\u002FCSV7NDstShTUwUZq5\" mode=\"carousel\"]\n\n[embed-google-photos-album link=\"https:\u002F\u002Fphotos.app.goo.gl\u002FCSV7NDstShTUwUZq5\" mediaitems-cover=\"true\"]\n\n[embed-google-photos-album link=\"https:\u002F\u002Fphotos.app.goo.gl\u002FCSV7NDstShTUwUZq5\" background-color=\"#007acc\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cul>\n\u003Cli>\u003Cstrong>link\u003C\u002Fstrong> – [string] public link of Google Photos album\u003C\u002Fli>\n\u003Cli>\u003Cstrong>mode\u003C\u002Fstrong> – [carousel | gallery-player] setup decorator mode, default id \u003Ccode>gallery-player\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>width\u003C\u002Fstrong> – [int | ‘auto’] set widget width in pixel or “auto” to stretch to 100%\u003C\u002Fli>\n\u003Cli>\u003Cstrong>height\u003C\u002Fstrong> – [int | ‘auto’] set widget height in pixels or “auto” to stretch to 100%\u003C\u002Fli>\n\u003Cli>\u003Cstrong>image-width\u003C\u002Fstrong> – [int] image max-width in pixels, default is 1920\u003C\u002Fli>\n\u003Cli>\u003Cstrong>image-height\u003C\u002Fstrong> – [int] image max-height in pixels, default is 1080\u003C\u002Fli>\n\u003Cli>\u003Cstrong>autoplay\u003C\u002Fstrong> – [true | false] start slideshow in normal view (currently not allowed by decorator)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>delay\u003C\u002Fstrong> – [true | false] slideshow delay in seconds, default is 5 seconds.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>repeat\u003C\u002Fstrong> – [true | false] Enable or disable repeat slideshow, delfault is \u003Ccode>true\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>mediaitems-aspectration\u003C\u002Fstrong> – [true | false], Keep asspect ration of images delfault is \u003Ccode>true\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>mediaitems-enlarge\u003C\u002Fstrong> – [true | false], Turn on\u002Foff image enlarge, delfault is \u003Ccode>true\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>mediaitems-stretch\u003C\u002Fstrong> – [true | false], Tunr on\u002Foff image stretch, delfault is \u003Ccode>true\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>mediaitems-cover\u003C\u002Fstrong> – [true | false], Cover full canvas. Combine with aspect ratio parameter. Delfault is \u003Ccode>false\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>background-color\u003C\u002Fstrong> – [#RRGGBB | transparent], Setup background color to RGB or transparent. Default is \u003Ccode>#000000\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>expiration\u003C\u002Fstrong> – [int] setup expiration timeout in secons; default is 0; min. custom value is 86400s (experimental property)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This widget, unsupported some features like a picture’s timestamp and captions. For a more detailed description of the component, go to \u003Ca href=\"https:\u002F\u002Fwww.publicalbum.org\u002Fblog\u002Fwordpress-google-photos-album-plugin\" rel=\"nofollow ugc\">WordPress Google Photos album plugin\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>In some cases, it may be better to use the following code directly in the template.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003C?php\n    echo (new Pavex_embed_google_photos_album()) -> getcode(\n        'https:\u002F\u002Fphotos.app.goo.gl\u002FCSV7NDstShTUwUZq5', 0, 480, 1920, 1080\n    );\n?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>How do I update my album?\u003C\u002Fh3>\n\u003Cp>The album will update automatically as soon as you save or update your post.\u003C\u002Fp>\n\u003Ch3>Javascript decorator\u003C\u002Fh3>\n\u003Cp>External javascript decorator is stored on CDN and loading and running of them is \u003Cstrong>optimized for performance\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>Javascript widget can be used without photos from Google photos. Detailed information on how to use javascript is available in one of older posts about \u003Ca href=\"https:\u002F\u002Fwww.publicalbum.org\u002Fblog\u002Fcarousel-slideshow-gallery-widget-july-update\" rel=\"nofollow ugc\">carusel slideshow\u003C\u002Fa> on my blog.\u003C\u002Fp>\n\u003Ch3>About Public album photo sharing website\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Public album\u003C\u002Fstrong> is now a \u003Ca href=\"https:\u002F\u002Fwww.publicalbum.org\u002Fblog\u002Fphoto-sharing-website\" rel=\"nofollow ugc\">photo sharing website\u003C\u002Fa> and service for sharing short photosets available in single user profile.\u003C\u002Fp>\n\u003Cp>The service can also be used as an alternative to \u003Ca href=\"https:\u002F\u002Fwww.publicalbum.org\u002Fblog\u002Fpublic-google-photos\" rel=\"nofollow ugc\">public Google Photos\u003C\u002Fa>. It is very suitable for the blogs focused mainly on photos. For example, a \u003Cstrong>photoblog\u003C\u002Fstrong> or a \u003Ca href=\"https:\u002F\u002Fwww.reabr.com\" rel=\"nofollow ugc\">\u003Cstrong>online bookmark manager\u003C\u002Fstrong>\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Important links\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Public album sharing website\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fwww.publicalbum.org\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.publicalbum.org\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Blog\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fwww.publicalbum.org\u002Fblog\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.publicalbum.org\u002Fblog\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Facebook\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fpublicalbumapp\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.facebook.com\u002Fpublicalbumapp\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Reabr.com\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fwww.reabr.com\" rel=\"nofollow ugc\">online bookmark manager\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Embed Google Photos album using Player widget.",4000,45666,88,15,"2024-03-19T10:32:00.000Z","6.4.8","5.0","5.3",[71,72,73,74,75],"carousel-slideshow","embed-gallery","embed-google-photos","google-photos","wordpress-carousel","https:\u002F\u002Fwww.publicalbum.org\u002Fblog\u002Fembedding-google-photos-albums","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fembed-google-photos-album-easily.zip",84,0,"2024-04-22 00:00:00",{"slug":82,"name":83,"version":84,"author":85,"author_profile":86,"description":87,"short_description":88,"active_installs":11,"downloaded":89,"rating":90,"num_ratings":47,"last_updated":91,"tested_up_to":92,"requires_at_least":93,"requires_php":18,"tags":94,"homepage":98,"download_link":99,"security_score":100,"vuln_count":28,"unpatched_count":28,"last_vuln_date":101,"fetched_at":30},"gpp-slideshow","GPP Slideshow","1.3.5","Thad Allender","https:\u002F\u002Fprofiles.wordpress.org\u002Fendortrails\u002F","\u003Cp>The GPP Slideshow plugin for WordPress allows you to create minimalist image slideshows using the new Gallery post type or using WordPress’ built in [gallery] shortcode on Posts and Pages.  The plugin comes with a  Widget for easily inserting a specific gallery into any widgetized are on your theme.  This plugin requires WordPress 3.1 and works best with \u003Ca href=\"http:\u002F\u002Fgraphpaperpress.com\u002Fthemes\u002F\" rel=\"nofollow ugc\">a Graph Paper Press theme\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fdemo.graphpaperpress.com\u002Fgpp-slideshow\u002F\" rel=\"nofollow ugc\">Live demo\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fgraphpaperpress.com\u002Fplugins\u002Fgpp-slideshow\u002F\" rel=\"nofollow ugc\">Release info\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fgraphpaperpress.com\u002Fsupport\u002F\" rel=\"nofollow ugc\">Support\u003C\u002Fa>\u003C\u002Fp>\n","A minimalist slideshow plugin that creates a new gallery post type. Add slideshows to widgets, posts, pages and gallery posts.",69652,50,"2014-01-07T08:13:00.000Z","3.7.41","3.5",[95,96,21,97,24],"gallery","images","portfolio","http:\u002F\u002Fgraphpaperpress.com\u002Fplugins\u002Fgpp-slideshow\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgpp-slideshow.1.3.5.zip",63,"2025-06-05 00:00:00",{"slug":103,"name":104,"version":105,"author":106,"author_profile":107,"description":108,"short_description":109,"active_installs":110,"downloaded":111,"rating":112,"num_ratings":113,"last_updated":114,"tested_up_to":115,"requires_at_least":116,"requires_php":117,"tags":118,"homepage":121,"download_link":122,"security_score":123,"vuln_count":79,"unpatched_count":79,"last_vuln_date":37,"fetched_at":30},"jetpack-slideshow-caption","Slideshow Captions for Jetpack","1.1.0","Michael Beckwith","https:\u002F\u002Fprofiles.wordpress.org\u002Ftw2113\u002F","\u003Cp>Jetpack has a pretty robust Image slideshow feature. (If you don’t know, “Add Media” button > “Create Gallery” > Choose photos > “Create new gallery” > Change type to slideshow in “Gallery Settings” > “Insert Gallery”)\u003C\u002Fp>\n\u003Cp>Make sure you have “Compose using shortcodes to embed media from popular sites” enabled in “Settings” > “Writing” > Composing section of Jetpack settings.\u003C\u002Fp>\n\u003Cp>Jetpack’s handling of photo’s captions doesn’t work well with long captions (as it overlays the caption above the photo). This plugin modifies the layout so that the caption is displayed below the photo and the slideshow expands to accommodate.\u003C\u002Fp>\n\u003Cp>Contribute on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ftw2113\u002FJetpack-Slideshow-Caption\" rel=\"nofollow ugc\">github\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Slideshow Captions for Jetpack is not maintained by Automattic.\u003C\u002Fp>\n","Modifies Jetpack's default slideshow caption feature.",60,5329,54,3,"2023-02-24T23:31:00.000Z","6.1.10","5.2","5.6",[119,120,21,24],"caption","jetpack","https:\u002F\u002Fmichaelbox.net","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fjetpack-slideshow-caption.1.1.0.zip",85,{"slug":125,"name":126,"version":127,"author":85,"author_profile":86,"description":128,"short_description":129,"active_installs":110,"downloaded":130,"rating":79,"num_ratings":79,"last_updated":131,"tested_up_to":132,"requires_at_least":133,"requires_php":18,"tags":134,"homepage":136,"download_link":137,"security_score":123,"vuln_count":79,"unpatched_count":79,"last_vuln_date":37,"fetched_at":30},"photoshelter-gallery-widget","PhotoShelter Gallery Widget","1.6.0","\u003Cp>The \u003Ca href=\"http:\u002F\u002Fgraphpaperpress.com\u002Fplugins\u002Fphotoshelter-gallery-widget\u002F\" rel=\"nofollow ugc\">PhotoShelter Gallery Widget\u003C\u002Fa> is a plugin for WordPress that allows photographers to easily display the latest photo or photos from any number of their public PhotoShelter galleries. This plugin doesn’t show galleries in collections. PhotoShelter is web application used by photographers around the world use to sell and license images.\u003C\u002Fp>\n\u003Ch3>Documentation\u003C\u002Fh3>\n\u003Cp>Full documentation can be found on the \u003Ca href=\"http:\u002F\u002Fgraphpaperpress.com\u002Fplugins\u002Fphotoshelter-gallery-widget\u002F\" rel=\"nofollow ugc\">PhotoShelter Gallery\u003C\u002Fa> page.\u003C\u002Fp>\n","PhotoShelter Gallery Widget allows you to show your PhotoShelter galleries into your sidebar.",18913,"2012-10-16T14:11:00.000Z","3.4.2","3.0",[21,22,135],"widget","http:\u002F\u002Fgraphpaperpress.com\u002Fplugins\u002Fphotoshelter-gallery-widget\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fphotoshelter-gallery-widget.1.6.0.zip",{"slug":139,"name":140,"version":141,"author":142,"author_profile":143,"description":144,"short_description":145,"active_installs":110,"downloaded":146,"rating":147,"num_ratings":113,"last_updated":148,"tested_up_to":149,"requires_at_least":133,"requires_php":18,"tags":150,"homepage":152,"download_link":153,"security_score":123,"vuln_count":79,"unpatched_count":79,"last_vuln_date":37,"fetched_at":30},"wpjaipho","WPJaipho Mobile Gallery","1.5.0","Tihomir Dmitrović","https:\u002F\u002Fprofiles.wordpress.org\u002Ftolecar\u002F","\u003Cp>WPJaipho is plugin which adds mobile optimized look & feel to your WP based galleries.\u003Cbr \u002F>\nIt is based on the original \u003Ca href=\"http:\u002F\u002Fjaipho.com\u002F\" rel=\"nofollow ugc\">Jaipho\u003C\u002Fa>, iPhone optimized Javascript gallery and it works on iPhone, iPad and Android devices.\u003C\u002Fp>\n\u003Ch4>Supported WP galleries\u003C\u002Fh4>\n\u003Cp>WP Jaipho works with: \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fnextgen-gallery\u002F\" rel=\"ugc\">NextGEN 1.x\u003C\u002Fa> Gallery and Default WP Gallery (via Media Library). It also works flawlessly with some mobile theme plugins such as \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fwptouch\u002F\" rel=\"ugc\">WPTouch\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fwordpress-mobile-pack\u002F\" rel=\"ugc\">WordPress Mobile Pack\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>How Does it Work?\u003C\u002Fh4>\n\u003Cp>Simple enough – just activate the plugin, and all your galleries are automatically transformed into mobile optimized gallery, which is visible for mobile users only. Check out demo \u003Ca href=\"http:\u002F\u002Fwww.viberfaq.com\u002Fviber-android-beta-version-review\u002F\" rel=\"nofollow ugc\">here\u003C\u002Fa> with your iPhone.\u003C\u002Fp>\n\u003Ch4>Demo\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WPJaipho installation on \u003Ca href=\"http:\u002F\u002Fwww.viberfaq.com\u002Fviber-android-beta-version-review\u002F\" rel=\"nofollow ugc\">The Viber FAQ\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","WPJaipho extends native Wordpress image gallery, NextGEN 1.x and NextCellent Gallery with optimized support for mobile users",12787,100,"2015-05-25T20:28:00.000Z","4.2.39",[95,96,151,21,24],"media","http:\u002F\u002Fwww.jaipho.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpjaipho.1.5.0.zip",{"attackSurface":155,"codeSignals":206,"taintFlows":332,"riskAssessment":479,"analyzedAt":492},{"hooks":156,"ajaxHandlers":195,"restRoutes":196,"shortcodes":197,"cronEvents":205,"entryPointCount":47,"unprotectedCount":79},[157,163,167,170,173,176,179,183,187,192],{"type":158,"name":159,"callback":160,"file":161,"line":162},"action","send_headers","ps_export_headers","photoshelter.php",575,{"type":158,"name":164,"callback":165,"file":161,"line":166},"init","ps_get_blog_url",576,{"type":158,"name":164,"callback":168,"file":161,"line":169},"process_photoshelter_login",578,{"type":158,"name":164,"callback":171,"file":161,"line":172},"process_photoshelter_org",579,{"type":158,"name":164,"callback":174,"file":161,"line":175},"add_photoshelter_menu",580,{"type":158,"name":164,"callback":177,"priority":28,"file":161,"line":178},"logout",581,{"type":158,"name":180,"callback":181,"file":161,"line":182},"admin_menu","add_menu",584,{"type":158,"name":184,"callback":185,"file":161,"line":186},"admin_head","ps_admin_css",585,{"type":158,"name":188,"callback":189,"priority":190,"file":161,"line":191},"media_buttons","add_photoshelter_button",20,587,{"type":158,"name":193,"callback":193,"file":161,"line":194},"media_upload_shelter",588,[],[],[198,202],{"tag":199,"callback":200,"file":161,"line":201},"photoshelter-gallery","photoshelter_gallery_handler",14,{"tag":203,"callback":204,"file":161,"line":65},"photoshelter-img","photoshelter_img_handler",[],{"dangerousFunctions":207,"sqlUsage":208,"outputEscaping":210,"fileOperations":79,"externalRequests":28,"nonceChecks":113,"capabilityChecks":79,"bundledLibraries":331},[],{"prepared":79,"raw":79,"locations":209},[],{"escaped":211,"rawEcho":212,"locations":213},8,59,[214,217,219,221,223,225,227,229,231,232,234,236,238,240,242,244,246,248,250,252,254,256,258,260,262,264,266,268,270,272,274,276,278,280,282,284,286,288,290,292,294,296,298,300,302,304,306,308,310,312,314,316,318,320,321,323,325,327,329],{"file":215,"line":47,"context":216},"photoshelter-iframe.php","raw output",{"file":215,"line":218,"context":216},12,{"file":220,"line":65,"context":216},"photoshelter-psiframe.php",{"file":220,"line":222,"context":216},22,{"file":220,"line":224,"context":216},23,{"file":220,"line":226,"context":216},25,{"file":220,"line":228,"context":216},26,{"file":220,"line":230,"context":216},34,{"file":220,"line":13,"context":216},{"file":220,"line":233,"context":216},61,{"file":220,"line":235,"context":216},70,{"file":220,"line":237,"context":216},74,{"file":220,"line":239,"context":216},116,{"file":220,"line":241,"context":216},118,{"file":220,"line":243,"context":216},119,{"file":220,"line":245,"context":216},120,{"file":220,"line":247,"context":216},146,{"file":220,"line":249,"context":216},155,{"file":220,"line":251,"context":216},157,{"file":220,"line":253,"context":216},163,{"file":220,"line":255,"context":216},180,{"file":220,"line":257,"context":216},182,{"file":220,"line":259,"context":216},202,{"file":220,"line":261,"context":216},223,{"file":220,"line":263,"context":216},225,{"file":220,"line":265,"context":216},227,{"file":220,"line":267,"context":216},260,{"file":220,"line":269,"context":216},269,{"file":220,"line":271,"context":216},271,{"file":220,"line":273,"context":216},278,{"file":220,"line":275,"context":216},280,{"file":220,"line":277,"context":216},281,{"file":220,"line":279,"context":216},287,{"file":220,"line":281,"context":216},288,{"file":220,"line":283,"context":216},289,{"file":220,"line":285,"context":216},373,{"file":220,"line":287,"context":216},390,{"file":220,"line":289,"context":216},391,{"file":220,"line":291,"context":216},397,{"file":220,"line":293,"context":216},401,{"file":220,"line":295,"context":216},404,{"file":220,"line":297,"context":216},405,{"file":220,"line":299,"context":216},410,{"file":220,"line":301,"context":216},412,{"file":220,"line":303,"context":216},413,{"file":220,"line":305,"context":216},415,{"file":220,"line":307,"context":216},416,{"file":161,"line":309,"context":216},226,{"file":161,"line":311,"context":216},240,{"file":161,"line":313,"context":216},244,{"file":161,"line":315,"context":216},257,{"file":161,"line":317,"context":216},259,{"file":161,"line":319,"context":216},276,{"file":161,"line":275,"context":216},{"file":161,"line":322,"context":216},409,{"file":161,"line":324,"context":216},508,{"file":161,"line":326,"context":216},562,{"file":161,"line":328,"context":216},564,{"file":330,"line":113,"context":216},"photoshelter_client.php",[],[333,423,436,447,459,471],{"entryPoint":334,"graph":335,"unsanitizedCount":211,"severity":39},"\u003Cphotoshelter-iframe> (photoshelter-iframe.php:0)",{"nodes":336,"edges":405},[337,342,346,351,354,357,359,361,363,365,368,370,372,376,379,384,386,389,391,393,395,397,399,402],{"id":338,"type":339,"label":340,"file":215,"line":341},"n0","source","$_GET['G_ID']",24,{"id":343,"type":344,"label":345,"file":215,"line":341},"n1","transform","→ listImages()",{"id":347,"type":348,"label":349,"file":220,"line":257,"wp_function":350},"n2","sink","echo() [XSS]","echo",{"id":352,"type":339,"label":353,"file":215,"line":228},"n3","$_GET['I_ID']",{"id":355,"type":344,"label":356,"file":215,"line":228},"n4","→ embedImg()",{"id":358,"type":348,"label":349,"file":220,"line":279,"wp_function":350},"n5",{"id":360,"type":339,"label":340,"file":215,"line":228},"n6",{"id":362,"type":344,"label":356,"file":215,"line":228},"n7",{"id":364,"type":348,"label":349,"file":220,"line":281,"wp_function":350},"n8",{"id":366,"type":339,"label":367,"file":215,"line":228},"n9","$_GET['G_NAME']",{"id":369,"type":344,"label":356,"file":215,"line":228},"n10",{"id":371,"type":348,"label":349,"file":220,"line":283,"wp_function":350},"n11",{"id":373,"type":339,"label":374,"file":215,"line":375},"n12","$_POST['WIDTH']",28,{"id":377,"type":344,"label":378,"file":215,"line":375},"n13","→ insertImg()",{"id":380,"type":348,"label":381,"file":220,"line":382,"wp_function":383},"n14","update_option() [Settings Manipulation]",295,"update_option",{"id":385,"type":339,"label":340,"file":215,"line":50},"n15",{"id":387,"type":344,"label":388,"file":215,"line":50},"n16","→ embedGallery()",{"id":390,"type":348,"label":349,"file":220,"line":305,"wp_function":350},"n17",{"id":392,"type":339,"label":367,"file":215,"line":50},"n18",{"id":394,"type":344,"label":388,"file":215,"line":50},"n19",{"id":396,"type":348,"label":349,"file":220,"line":307,"wp_function":350},"n20",{"id":398,"type":339,"label":374,"file":215,"line":230},"n21",{"id":400,"type":344,"label":401,"file":215,"line":230},"n22","→ insertGalleryImage()",{"id":403,"type":348,"label":381,"file":220,"line":404,"wp_function":383},"n23",475,[406,408,409,410,411,412,413,414,415,416,417,418,419,420,421,422],{"from":338,"to":343,"sanitized":407},false,{"from":343,"to":347,"sanitized":407},{"from":352,"to":355,"sanitized":407},{"from":355,"to":358,"sanitized":407},{"from":360,"to":362,"sanitized":407},{"from":362,"to":364,"sanitized":407},{"from":366,"to":369,"sanitized":407},{"from":369,"to":371,"sanitized":407},{"from":373,"to":377,"sanitized":407},{"from":377,"to":380,"sanitized":407},{"from":385,"to":387,"sanitized":407},{"from":387,"to":390,"sanitized":407},{"from":392,"to":394,"sanitized":407},{"from":394,"to":396,"sanitized":407},{"from":398,"to":400,"sanitized":407},{"from":400,"to":403,"sanitized":407},{"entryPoint":424,"graph":425,"unsanitizedCount":28,"severity":39},"searchImages (photoshelter-psiframe.php:191)",{"nodes":426,"edges":433},[427,430,432],{"id":338,"type":339,"label":428,"file":220,"line":429},"$_GET",208,{"id":343,"type":344,"label":431,"file":220,"line":429},"→ render_pag()",{"id":347,"type":348,"label":349,"file":220,"line":253,"wp_function":350},[434,435],{"from":338,"to":343,"sanitized":407},{"from":343,"to":347,"sanitized":407},{"entryPoint":437,"graph":438,"unsanitizedCount":28,"severity":39},"recent_images (photoshelter-psiframe.php:482)",{"nodes":439,"edges":444},[440,442,443],{"id":338,"type":339,"label":428,"file":220,"line":441},494,{"id":343,"type":344,"label":431,"file":220,"line":441},{"id":347,"type":348,"label":349,"file":220,"line":253,"wp_function":350},[445,446],{"from":338,"to":343,"sanitized":407},{"from":343,"to":347,"sanitized":407},{"entryPoint":448,"graph":449,"unsanitizedCount":113,"severity":39},"\u003Cphotoshelter-psiframe> (photoshelter-psiframe.php:0)",{"nodes":450,"edges":456},[451,454,455],{"id":338,"type":339,"label":452,"file":220,"line":453},"$_GET (x3)",184,{"id":343,"type":344,"label":431,"file":220,"line":453},{"id":347,"type":348,"label":349,"file":220,"line":253,"wp_function":350},[457,458],{"from":338,"to":343,"sanitized":407},{"from":343,"to":347,"sanitized":407},{"entryPoint":460,"graph":461,"unsanitizedCount":79,"severity":470},"ps_option_page (photoshelter.php:200)",{"nodes":462,"edges":467},[463,466],{"id":338,"type":339,"label":464,"file":161,"line":465},"$_SERVER['PHP_SELF']",230,{"id":343,"type":348,"label":349,"file":161,"line":465,"wp_function":350},[468],{"from":338,"to":343,"sanitized":469},true,"low",{"entryPoint":472,"graph":473,"unsanitizedCount":79,"severity":470},"\u003Cphotoshelter> (photoshelter.php:0)",{"nodes":474,"edges":477},[475,476],{"id":338,"type":339,"label":464,"file":161,"line":465},{"id":343,"type":348,"label":349,"file":161,"line":465,"wp_function":350},[478],{"from":338,"to":343,"sanitized":469},{"summary":480,"deductions":481},"The Photoshelter Official Plugin, version 1.5.7, exhibits a mixed security posture. On the positive side, it demonstrates good practices by not using dangerous functions, all SQL queries are prepared, and there are no known critical or high severity vulnerabilities historically. The static analysis also shows a limited attack surface with no unprotected entry points, and a reasonable number of nonce checks are in place.\n\nHowever, significant concerns arise from the code analysis. The plugin has a very low percentage of properly escaped output (12%), which is a major indicator of potential Cross-Site Scripting (XSS) vulnerabilities. This is further corroborated by the vulnerability history, which shows a past medium severity XSS vulnerability. The taint analysis indicates flows with unsanitized paths, although none reached critical or high severity in this analysis, the presence of unsanitized paths in conjunction with poor output escaping significantly elevates the risk.\n\nGiven the history of XSS and the current poor output escaping, the risk associated with this plugin is moderate to high. While the plugin has addressed some security aspects, the lack of robust output sanitization leaves it vulnerable to XSS attacks, especially considering the presence of unsanitized paths in the taint analysis. The unpatched medium severity CVE is also a direct risk.",[482,485,487,490],{"reason":483,"points":484},"Unpatched CVE",18,{"reason":486,"points":218},"Low percentage of properly escaped output",{"reason":488,"points":489},"Flows with unsanitized paths",5,{"reason":491,"points":211},"Past medium severity XSS vulnerability","2026-03-17T05:37:18.906Z",{"wat":494,"direct":500},{"assetPaths":495,"generatorPatterns":497,"scriptPaths":498,"versionParams":499},[496],"\u002Fwp-content\u002Fplugins\u002Fphotoshelter-official-plugin\u002Fimg\u002Fps_menu_icon.png",[],[],[],{"cssClasses":501,"htmlComments":511,"htmlAttributes":512,"restEndpoints":516,"jsGlobals":517,"shortcodeOutput":519},[502,503,504,505,506,507,508,509,510],"ps-ok-notice","ps-error-notice","notices","ps_meta_box","ps_hide","show","wide","pagi_gal","ps_login_form",[],[513,514,515],"id=\"ps_captionIns\"","class=\"wp-caption alignnone\"","id=\"ps_login_form\"",[],[518],"photoshelter_activate",[520,521],"[photoshelter-gallery","[photoshelter-img"]