[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fbzZrX3ktvHLw70o3106D2PZpnRQHvCxUCWXmCxiiUuc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":35,"analysis":130,"fingerprints":526},"phraseanet-client","Phraseanet WordPress Client","1.3.11","alchemydev","https:\u002F\u002Fprofiles.wordpress.org\u002Falchemydev\u002F","\u003Cp>This plugin creates the possibility to get and add assets from Phraseanet server into your WordPress website.\u003Cbr \u002F>\nThis plugin allows you to create a Phraseanet Gutenberg block with various custom configurations that allows you to customize the block the way you want.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Customizations block settings\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>Block title – You can customize the block title by adding a custom title in the block settings.\u003C\u002Fli>\n\u003Cli>Collections – You can choose the collections you want to display in the block.\u003C\u002Fli>\n\u003Cli>Query – You can add your custom query to the block.\u003C\u002Fli>\n\u003Cli>Define displayed facets – You can define the facets you want to display in the block.\u003C\u002Fli>\n\u003Cli>Preview details – Fields that will display on the preview Eg. title,keyword,city.\u003C\u002Fli>\n\u003Cli>Sub defination maping – You can map the sub defination to the fields you want to display on the thumb and preview.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>\u003Cstrong>Customizations block UI settings\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Preview assets UI settings\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>Overlay – This option allows you to preview the asset in a modal .\u003C\u002Fli>\n\u003Cli>Sidebar – This option allows you to preview the asset in a sidebar.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>\u003Cstrong>Image Grid layout settings\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>Classic – This option allows you to display the assets in a classic rectangular grid.\u003C\u002Fli>\n\u003Cli>Masonry – This option allows you to display the assets in a masonry grid (like instagram grid).\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>\u003Cstrong>Masonry style settings\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>Auto  – Auto detect the image layout type (portrait and landscape) and render the image accordingly\u003C\u002Fli>\n\u003Cli>Random – Randomly renders the image layout\u003C\u002Fli>\n\u003C\u002Fol>\n","This plugin creates the possibility to get and add assets from Phraseanet server into your Wordpress website.",10,1844,0,"2022-06-21T11:38:00.000Z","6.0.11","5.6.0","",[19,20,21,22,23],"assets","gallery","images","media","phraseanet","https:\u002F\u002Fwww.phraseanet.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fphraseanet-client.1.3.11.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},1,30,84,"2026-04-04T21:15:33.770Z",[36,58,77,96,112],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":46,"num_ratings":47,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":51,"tags":52,"homepage":55,"download_link":56,"security_score":57,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"acf-galerie-4","ACF Galerie 4","1.4.3","Navneil Naicker","https:\u002F\u002Fprofiles.wordpress.org\u002Fnavzme\u002F","\u003Cp>ACF Galerie 4 is a versatile WordPress plugin designed to simplify the creation and management of media galleries on your website. With its intuitive interface and robust features, you can effortlessly showcase your media in a visually appealing and engaging way.\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Fte2HOJOF1e4?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\u003Cstrong>Effortless Gallery Creation\u003C\u002Fstrong>: Build stunning galleries with ease using Advanced Custom Fields (ACF).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Versatile Content\u003C\u002Fstrong>: Showcase documents, images, videos, and more in your galleries.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Seamless Integration\u003C\u002Fstrong>: Leverage the power of WordPress’ Restful API for flexible data handling.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User-Friendly Forms\u003C\u002Fstrong>: Allow visitors to submit content directly through front-end forms powered by \u003Ca href=\"https:\u002F\u002Fwww.advancedcustomfields.com\u002Fresources\u002Facf_form\u002F\" rel=\"nofollow ugc\">acf_form()\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Elementor and Bricks Builder Compatibility (Available in ACF Galerie 4 Pro)\u003C\u002Fstrong>: Enjoy a seamless integration with Elementor and Bricks Builder for even more customization options.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>GraphQL Support\u003C\u002Fstrong>: Unlock powerful and flexible queries for your custom galleries with \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-graphql\u002F\" rel=\"ugc\">WPGraphQL\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwpgraphql-acf\u002F\" rel=\"ugc\">WPGraphQL for ACF\u003C\u002Fa> integration.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Links\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgalerie4.com\u002F?utm_source=wordpress.org&utm_medium=free\" rel=\"nofollow ugc\">Website\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgalerie4.com\u002Fsupport\" rel=\"nofollow ugc\">Support\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgalerie4.com\u002F?utm_source=wordpress.org&utm_medium=free&utm_campaign=upgrade\" rel=\"nofollow ugc\">ACF Galerie 4 Pro\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>PRO\u003C\u002Fh4>\n\u003Cp>The ACF Galerie 4 plugin is also available in a professional version, offering more features, enhanced functionality, and greater flexibility. ACF Galerie 4 Pro includes:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Support for Elemetor\u003C\u002Fli>\n\u003Cli>Support for Bricks Builder\u003C\u002Fli>\n\u003Cli>Lifetime updates\u003C\u002Fli>\n\u003Cli>Priority Support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgalerie4.com\u002F?utm_source=wordpress.org&utm_medium=free&utm_campaign=upgrade\" rel=\"nofollow ugc\">Upgrade to ACF Galerie 4 Pro 🚀\u003C\u002Fa>\u003C\u002Fp>\n","Enhance your WordPress website with ACF Galerie 4, a powerful and customizable gallery plugin.",1000,10719,68,5,"2025-12-31T21:44:00.000Z","6.9.4","6.0","7.4",[53,20,21,22,54],"acf","videos","https:\u002F\u002Fnavz.me","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Facf-galerie-4.1.4.3.zip",100,{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":44,"downloaded":66,"rating":67,"num_ratings":68,"last_updated":69,"tested_up_to":70,"requires_at_least":71,"requires_php":17,"tags":72,"homepage":75,"download_link":76,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"polaroid-gallery","Polaroid Gallery","2.2","janisto","https:\u002F\u002Fprofiles.wordpress.org\u002Fjanisto\u002F","\u003Cp>Polaroid Gallery is a CSS3 & jQuery Image Gallery plugin for WordPress Media Library. It is used to overlay images as polaroid pictures on the current page or post and uses WordPress Media Library. Using Polaroid Gallery you add unique view for your blog posts. Polaroid Gallery adds feeling of old good times.\u003Cbr \u002F>\nIt is quite easy to use. All you need to do is to create standard wordpress gallery. All other things Polaroid Gallery will make for you by its own. Once you try it you love it.\u003C\u002Fp>\n\u003Cp>Polaroid Gallery has translations for the following languages:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>English (default)\u003C\u002Fli>\n\u003Cli>Finnish\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Use \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fregenerate-thumbnails\u002F\" rel=\"ugc\">Regenerate Thumbnails\u003C\u002Fa> plugin to regenerate thumbnails for all images that you have uploaded to your blog.\u003C\u002Fp>\n\u003Cp>For more information visit \u003Ca href=\"http:\u002F\u002Fen.support.wordpress.com\u002Fimages\u002Fgallery\u002F\" rel=\"nofollow ugc\">WordPress Gallery support\u003C\u002Fa>.\u003Cbr \u002F>\nPlugin in use:\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Fwp.mikkonen.info\u002Fsummer-2010\u002F\" rel=\"nofollow ugc\">Demo 1\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Flife-thai.com\u002Fchem-horosha-shri-lanka\u002F\" rel=\"nofollow ugc\">Demo 2\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Feel donating? You are wellcome \u003Ca href=\"http:\u002F\u002Fgoo.gl\u002F0gvUvm\" rel=\"nofollow ugc\">to donate\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Would you like to add your language to the list? Contact \u003Ca href=\"http:\u002F\u002Fwww.mikkonen.info\u002Fpolaroid_gallery\u002F\" rel=\"nofollow ugc\">janisto\u003C\u002Fa> or \u003Ca href=\"info@life-thai.com\" rel=\"nofollow ugc\">tashemi\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>Polaroid Gallery is free and unencumbered \u003Ca href=\"http:\u002F\u002Funlicense.org\u002F\" rel=\"nofollow ugc\">public domain\u003C\u002Fa> software.\u003C\u002Fp>\n","Polaroid Gallery is a CSS3 & jQuery Image Gallery plugin for WordPress Media Library.",82843,76,4,"2017-01-26T05:57:00.000Z","4.7.32","3.1",[20,73,21,74,22],"image","library","http:\u002F\u002Fwww.mikkonen.info\u002Fpolaroid_gallery\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpolaroid-gallery.zip",{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":85,"downloaded":86,"rating":87,"num_ratings":88,"last_updated":89,"tested_up_to":90,"requires_at_least":91,"requires_php":17,"tags":92,"homepage":94,"download_link":95,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"scissors-watermark","Scissors and Watermark","3.2.1","Apollo139","https:\u002F\u002Fprofiles.wordpress.org\u002Faloziak\u002F","\u003Cp>This plugin adds cropping, resizing, and rotating functionality to WordPress’ image upload and management dialogs. Scissors also allows automatic resizing of images when they are uploaded and supports automatic and manual watermarking of images. Additionally, images that are resized in the post editor are automatically resampled to the requested size using bilinear filtering when a post is saved, which improves the perceived image quality while reducing the amount of data transferred at the same time.\u003C\u002Fp>\n\u003Cp>Custom image size supported!\u003C\u002Fp>\n\u003Cp>Check settings of this plugin after activation. Watermarking function must be set before using!\u003C\u002Fp>\n\u003Cp>Please note that WordPress versions 3.4.2 and older are not supported!\u003C\u002Fp>\n\u003Cp>This plugin builds on the plugin Scissors Continued v2.1. Many thanks to \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fhuiz\u002F\" rel=\"nofollow ugc\">huiz\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fstephanreiter\u002F\" rel=\"nofollow ugc\">stephanreiter\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fsamuelaguilera\u002F\" rel=\"nofollow ugc\">samuelaguilera\u003C\u002Fa>.\u003C\u002Fp>\n","Scissors and Watermark enhances WordPress' handling of images by introducing cropping, resizing, rotating, and watermarking functionality.",200,15831,62,7,"2013-01-02T15:16:00.000Z","3.5.2","3.5",[93,20,21,74,22],"admin","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fscissors-watermark\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fscissors-watermark.zip",{"slug":97,"name":98,"version":99,"author":100,"author_profile":101,"description":102,"short_description":103,"active_installs":57,"downloaded":104,"rating":105,"num_ratings":88,"last_updated":106,"tested_up_to":107,"requires_at_least":108,"requires_php":17,"tags":109,"homepage":17,"download_link":111,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"automatic-alternative-text","Automatic Alternative Text","1.1.4","Jacob Peattie","https:\u002F\u002Fprofiles.wordpress.org\u002Fjakept\u002F","\u003Cp>Automatic Alternative Text makes accessible images easy and fast by automatically generating alt text for images with \u003Ca href=\"https:\u002F\u002Fazure.microsoft.com\u002Fen-au\u002Fservices\u002Fcognitive-services\u002Fcomputer-vision\u002F\" rel=\"nofollow ugc\">Microsoft’s Cognitive Services Computer Vision API\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>The Computer Vision API’s algorithms analyze the content found in an image and generates complete sentences of human readable language describing what is found in the image. The Automatic Alternative Text plugin gets this description and adds it as the alt text for each image uploaded while the plugin is active.\u003C\u002Fp>\n\u003Ch3>Privacy\u003C\u002Fh3>\n\u003Cp>The image, voice, video or text understanding capabilities of Automatic Alternative Text uses Microsoft Cognitive Services. Microsoft will receive the images, audio, video, and other data that you upload (via this app) for service improvement purposes. To report abuse of the Microsoft Cognitive Services to Microsoft, please visit the Microsoft Cognitive Services website at https:\u002F\u002Fwww.microsoft.com\u002Fcognitive-services, and use the “Report Abuse” link at the bottom of the page to contact Microsoft. For more information about Microsoft privacy policies please see their privacy statement here: https:\u002F\u002Fgo.microsoft.com\u002Ffwlink\u002F?LinkId=521839.\u003C\u002Fp>\n","Automatically generate alt text for images with Microsoft's Cognitive Services Computer Vision API.",10342,82,"2019-07-01T09:41:00.000Z","5.2.24","4.4",[110,20,73,21,22],"accessibility","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fautomatic-alternative-text.1.1.4.zip",{"slug":113,"name":114,"version":115,"author":116,"author_profile":117,"description":118,"short_description":119,"active_installs":57,"downloaded":120,"rating":57,"num_ratings":68,"last_updated":121,"tested_up_to":122,"requires_at_least":123,"requires_php":124,"tags":125,"homepage":127,"download_link":128,"security_score":129,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"full-screen-galleries","Full Screen Galleries","1.3","Nick Halsey","https:\u002F\u002Fprofiles.wordpress.org\u002Fcelloexpressions\u002F","\u003Cp>Full Screen Galleries creates an automatic full-screen slideshow mode for image galleries in your content. Posts and pages with galleries are automatically transformed into a full-screen browsing mode when you click on an image. Within the slideshow, visitors can see captions and access full-size images. The slideshow allows visitors to easily browse larger versions of your images.\u003C\u002Fp>\n\u003Cp>You can \u003Ca href=\"https:\u002F\u002Fcelloexpressions.com\u002Fphotography\u002F2020\u002F02\u002Fraindance-ranch-winter-2020\u002F\" rel=\"nofollow ugc\">see Full Screen Galleries in action here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>For an automated full-screen slideshow of all content on your site, see \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcontent-slideshow\u002F\" rel=\"ugc\">the Content Slideshow plugin\u003C\u002Fa>.\u003C\u002Fp>\n","Full Screen Galleries creates an automatic full-screen slideshow mode for image galleries in your content. Posts and pages with galleries are automati &hellip;",2845,"2024-07-13T01:37:00.000Z","6.6.5","5.7","5.6",[126,20,21,22],"automatic","http:\u002F\u002Fcelloexpressions.com\u002Fplugins\u002Ffull-screen-galleries","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffull-screen-galleries.1.3.zip",92,{"attackSurface":131,"codeSignals":372,"taintFlows":414,"riskAssessment":517,"analyzedAt":525},{"hooks":132,"ajaxHandlers":299,"restRoutes":364,"shortcodes":365,"cronEvents":369,"entryPointCount":370,"unprotectedCount":371},[133,139,144,147,149,152,155,157,159,162,165,168,170,173,176,178,180,182,184,186,188,190,192,194,196,198,200,202,204,206,208,210,212,214,216,218,220,222,224,226,228,230,232,234,236,238,240,242,244,246,248,250,252,254,256,258,260,262,264,266,268,270,272,275,277,279,282,284,290,295],{"type":134,"name":135,"callback":136,"file":137,"line":138},"action","after_uninstall","pwc_fs_uninstall_cleanup","includes\\class-phraseanet-deactivator.php",34,{"type":134,"name":140,"callback":141,"file":142,"line":143},"plugins_loaded","anonymous","includes\\class-phraseanet.php",156,{"type":134,"name":145,"callback":141,"file":142,"line":146},"admin_enqueue_scripts",171,{"type":134,"name":145,"callback":141,"file":142,"line":148},172,{"type":134,"name":150,"callback":141,"file":142,"line":151},"admin_init",175,{"type":134,"name":153,"callback":141,"file":142,"line":154},"admin_menu",176,{"type":134,"name":150,"callback":141,"file":142,"line":156},179,{"type":134,"name":150,"callback":141,"file":142,"line":158},181,{"type":134,"name":160,"callback":141,"file":142,"line":161},"init",183,{"type":134,"name":163,"callback":141,"file":142,"line":164},"admin_head",184,{"type":134,"name":166,"callback":141,"file":142,"line":167},"admin_footer_text",185,{"type":134,"name":160,"callback":141,"file":142,"line":169},192,{"type":134,"name":171,"callback":141,"file":142,"line":172},"add_meta_boxes",193,{"type":134,"name":174,"callback":141,"file":142,"line":175},"save_post",194,{"type":134,"name":160,"callback":141,"file":142,"line":177},197,{"type":134,"name":171,"callback":141,"file":142,"line":179},198,{"type":134,"name":174,"callback":141,"file":142,"line":181},199,{"type":134,"name":160,"callback":141,"file":142,"line":183},202,{"type":134,"name":171,"callback":141,"file":142,"line":185},203,{"type":134,"name":174,"callback":141,"file":142,"line":187},204,{"type":134,"name":160,"callback":141,"file":142,"line":189},207,{"type":134,"name":171,"callback":141,"file":142,"line":191},208,{"type":134,"name":174,"callback":141,"file":142,"line":193},209,{"type":134,"name":160,"callback":141,"file":142,"line":195},212,{"type":134,"name":171,"callback":141,"file":142,"line":197},213,{"type":134,"name":174,"callback":141,"file":142,"line":199},214,{"type":134,"name":160,"callback":141,"file":142,"line":201},217,{"type":134,"name":171,"callback":141,"file":142,"line":203},218,{"type":134,"name":174,"callback":141,"file":142,"line":205},219,{"type":134,"name":160,"callback":141,"file":142,"line":207},222,{"type":134,"name":171,"callback":141,"file":142,"line":209},223,{"type":134,"name":174,"callback":141,"file":142,"line":211},224,{"type":134,"name":160,"callback":141,"file":142,"line":213},227,{"type":134,"name":171,"callback":141,"file":142,"line":215},228,{"type":134,"name":174,"callback":141,"file":142,"line":217},229,{"type":134,"name":160,"callback":141,"file":142,"line":219},233,{"type":134,"name":171,"callback":141,"file":142,"line":221},234,{"type":134,"name":174,"callback":141,"file":142,"line":223},235,{"type":134,"name":160,"callback":141,"file":142,"line":225},239,{"type":134,"name":171,"callback":141,"file":142,"line":227},240,{"type":134,"name":174,"callback":141,"file":142,"line":229},241,{"type":134,"name":160,"callback":141,"file":142,"line":231},244,{"type":134,"name":171,"callback":141,"file":142,"line":233},245,{"type":134,"name":174,"callback":141,"file":142,"line":235},246,{"type":134,"name":160,"callback":141,"file":142,"line":237},249,{"type":134,"name":171,"callback":141,"file":142,"line":239},250,{"type":134,"name":174,"callback":141,"file":142,"line":241},251,{"type":134,"name":160,"callback":141,"file":142,"line":243},255,{"type":134,"name":171,"callback":141,"file":142,"line":245},256,{"type":134,"name":174,"callback":141,"file":142,"line":247},257,{"type":134,"name":160,"callback":141,"file":142,"line":249},261,{"type":134,"name":171,"callback":141,"file":142,"line":251},262,{"type":134,"name":174,"callback":141,"file":142,"line":253},263,{"type":134,"name":160,"callback":141,"file":142,"line":255},266,{"type":134,"name":171,"callback":141,"file":142,"line":257},267,{"type":134,"name":174,"callback":141,"file":142,"line":259},268,{"type":134,"name":160,"callback":141,"file":142,"line":261},271,{"type":134,"name":171,"callback":141,"file":142,"line":263},272,{"type":134,"name":174,"callback":141,"file":142,"line":265},273,{"type":134,"name":160,"callback":141,"file":142,"line":267},276,{"type":134,"name":171,"callback":141,"file":142,"line":269},277,{"type":134,"name":174,"callback":141,"file":142,"line":271},278,{"type":134,"name":273,"callback":141,"file":142,"line":274},"wp_enqueue_scripts",308,{"type":134,"name":273,"callback":141,"file":142,"line":276},309,{"type":134,"name":160,"callback":141,"file":142,"line":278},310,{"type":134,"name":280,"callback":141,"file":142,"line":281},"wp_head",316,{"type":134,"name":160,"callback":141,"file":142,"line":283},318,{"type":285,"name":286,"callback":287,"file":288,"line":289},"filter","default_currency","plugin_default_currency","phraseanet.php",110,{"type":285,"name":291,"callback":292,"file":293,"line":294},"show_admin_bar","__return_false","public\\class-phraseanet-public.php",284,{"type":285,"name":296,"callback":297,"file":293,"line":298},"pre_get_posts","exclude_posts",285,[300,304,307,309,312,316,318,321,324,327,329,332,334,337,339,342,344,347,349,352,354,357,359,362],{"action":301,"nopriv":302,"callback":141,"hasNonce":302,"hasCapCheck":302,"file":142,"line":303},"add_custom_post",false,286,{"action":305,"nopriv":302,"callback":141,"hasNonce":302,"hasCapCheck":302,"file":142,"line":306},"get_custom_post",287,{"action":305,"nopriv":302,"callback":141,"hasNonce":302,"hasCapCheck":302,"file":142,"line":308},288,{"action":310,"nopriv":302,"callback":141,"hasNonce":302,"hasCapCheck":302,"file":142,"line":311},"delete_custom_post",289,{"action":313,"nopriv":314,"callback":141,"hasNonce":302,"hasCapCheck":302,"file":142,"line":315},"get_custom_single_post",true,290,{"action":313,"nopriv":302,"callback":141,"hasNonce":302,"hasCapCheck":302,"file":142,"line":317},291,{"action":319,"nopriv":302,"callback":141,"hasNonce":302,"hasCapCheck":302,"file":142,"line":320},"edit_custom_single_post",292,{"action":322,"nopriv":302,"callback":141,"hasNonce":302,"hasCapCheck":302,"file":142,"line":323},"edit_custom_single_post_title",293,{"action":325,"nopriv":302,"callback":141,"hasNonce":302,"hasCapCheck":302,"file":142,"line":326},"getMediaAjax",321,{"action":325,"nopriv":314,"callback":141,"hasNonce":302,"hasCapCheck":302,"file":142,"line":328},323,{"action":330,"nopriv":302,"callback":141,"hasNonce":302,"hasCapCheck":302,"file":142,"line":331},"collection",325,{"action":330,"nopriv":314,"callback":141,"hasNonce":302,"hasCapCheck":302,"file":142,"line":333},326,{"action":335,"nopriv":302,"callback":141,"hasNonce":302,"hasCapCheck":302,"file":142,"line":336},"getFacets",328,{"action":335,"nopriv":314,"callback":141,"hasNonce":302,"hasCapCheck":302,"file":142,"line":338},329,{"action":340,"nopriv":302,"callback":141,"hasNonce":302,"hasCapCheck":302,"file":142,"line":341},"getDataboxStructure",331,{"action":340,"nopriv":314,"callback":141,"hasNonce":302,"hasCapCheck":302,"file":142,"line":343},332,{"action":345,"nopriv":302,"callback":141,"hasNonce":302,"hasCapCheck":302,"file":142,"line":346},"downloader",334,{"action":345,"nopriv":314,"callback":141,"hasNonce":302,"hasCapCheck":302,"file":142,"line":348},335,{"action":350,"nopriv":302,"callback":141,"hasNonce":302,"hasCapCheck":302,"file":142,"line":351},"getSubdefs",337,{"action":350,"nopriv":314,"callback":141,"hasNonce":302,"hasCapCheck":302,"file":142,"line":353},338,{"action":355,"nopriv":302,"callback":141,"hasNonce":302,"hasCapCheck":302,"file":142,"line":356},"pageConfig",343,{"action":355,"nopriv":314,"callback":141,"hasNonce":302,"hasCapCheck":302,"file":142,"line":358},344,{"action":360,"nopriv":302,"callback":141,"hasNonce":302,"hasCapCheck":302,"file":142,"line":361},"logout",346,{"action":360,"nopriv":314,"callback":141,"hasNonce":302,"hasCapCheck":302,"file":142,"line":363},347,[],[366],{"tag":367,"callback":141,"file":142,"line":368},"phraseanet-client-block",313,[],25,24,{"dangerousFunctions":373,"sqlUsage":374,"outputEscaping":377,"fileOperations":68,"externalRequests":13,"nonceChecks":404,"capabilityChecks":405,"bundledLibraries":406},[],{"prepared":375,"raw":13,"locations":376},18,[],{"escaped":378,"rawEcho":379,"locations":380},149,13,[381,384,386,387,389,392,393,394,396,397,398,399,402],{"file":382,"line":303,"context":383},"admin\\class-phraseanet-admin.php","raw output",{"file":382,"line":385,"context":383},294,{"file":382,"line":276,"context":383},{"file":382,"line":388,"context":383},324,{"file":390,"line":391,"context":383},"phraseanet_sdk\\Phraseanet_WP.php",903,{"file":293,"line":193,"context":383},{"file":293,"line":203,"context":383},{"file":293,"line":395,"context":383},226,{"file":293,"line":223,"context":383},{"file":293,"line":233,"context":383},{"file":293,"line":346,"context":383},{"file":400,"line":401,"context":383},"public\\partials\\phraseanet-public-auth-form-display.php",27,{"file":400,"line":403,"context":383},46,17,35,[407,411],{"name":408,"version":409,"knownCves":410},"Freemius","1.0",[],{"name":412,"version":27,"knownCves":413},"Guzzle",[],[415,431,440,449,469,480,488,499,507],{"entryPoint":416,"graph":417,"unsanitizedCount":31,"severity":430},"get_custom_single_post (admin\\class-phraseanet-admin.php:290)",{"nodes":418,"edges":428},[419,423],{"id":420,"type":421,"label":422,"file":382,"line":320},"n0","source","$_POST",{"id":424,"type":425,"label":426,"file":382,"line":385,"wp_function":427},"n1","sink","echo() [XSS]","echo",[429],{"from":420,"to":424,"sanitized":302},"medium",{"entryPoint":432,"graph":433,"unsanitizedCount":31,"severity":430},"edit_custom_single_post (admin\\class-phraseanet-admin.php:298)",{"nodes":434,"edges":438},[435,437],{"id":420,"type":421,"label":422,"file":382,"line":436},304,{"id":424,"type":425,"label":426,"file":382,"line":276,"wp_function":427},[439],{"from":420,"to":424,"sanitized":302},{"entryPoint":441,"graph":442,"unsanitizedCount":31,"severity":430},"edit_custom_single_post_title (admin\\class-phraseanet-admin.php:313)",{"nodes":443,"edges":447},[444,446],{"id":420,"type":421,"label":422,"file":382,"line":445},319,{"id":424,"type":425,"label":426,"file":382,"line":388,"wp_function":427},[448],{"from":420,"to":424,"sanitized":302},{"entryPoint":450,"graph":451,"unsanitizedCount":468,"severity":430},"download_file (phraseanet_sdk\\Phraseanet_WP.php:888)",{"nodes":452,"edges":465},[453,456,459,463],{"id":420,"type":421,"label":454,"file":390,"line":455},"$_GET['file_name']",901,{"id":424,"type":425,"label":457,"file":390,"line":455,"wp_function":458},"header() [Header Injection]","header",{"id":460,"type":421,"label":461,"file":390,"line":462},"n2","$_GET",890,{"id":464,"type":425,"label":426,"file":390,"line":391,"wp_function":427},"n3",[466,467],{"from":420,"to":424,"sanitized":302},{"from":460,"to":464,"sanitized":302},2,{"entryPoint":470,"graph":471,"unsanitizedCount":468,"severity":430},"\u003CPhraseanet_WP> (phraseanet_sdk\\Phraseanet_WP.php:0)",{"nodes":472,"edges":477},[473,474,475,476],{"id":420,"type":421,"label":454,"file":390,"line":455},{"id":424,"type":425,"label":457,"file":390,"line":455,"wp_function":458},{"id":460,"type":421,"label":461,"file":390,"line":462},{"id":464,"type":425,"label":426,"file":390,"line":391,"wp_function":427},[478,479],{"from":420,"to":424,"sanitized":302},{"from":460,"to":464,"sanitized":302},{"entryPoint":481,"graph":482,"unsanitizedCount":31,"severity":430},"getSubdefs (public\\class-phraseanet-public.php:239)",{"nodes":483,"edges":486},[484,485],{"id":420,"type":421,"label":422,"file":293,"line":229},{"id":424,"type":425,"label":426,"file":293,"line":233,"wp_function":427},[487],{"from":420,"to":424,"sanitized":302},{"entryPoint":489,"graph":490,"unsanitizedCount":497,"severity":498},"\u003Cclass-phraseanet-admin> (admin\\class-phraseanet-admin.php:0)",{"nodes":491,"edges":495},[492,494],{"id":420,"type":421,"label":493,"file":382,"line":320},"$_POST (x3)",{"id":424,"type":425,"label":426,"file":382,"line":385,"wp_function":427},[496],{"from":420,"to":424,"sanitized":302},3,"low",{"entryPoint":500,"graph":501,"unsanitizedCount":31,"severity":498},"\u003Cclass-phraseanet-public> (public\\class-phraseanet-public.php:0)",{"nodes":502,"edges":505},[503,504],{"id":420,"type":421,"label":422,"file":293,"line":229},{"id":424,"type":425,"label":426,"file":293,"line":233,"wp_function":427},[506],{"from":420,"to":424,"sanitized":302},{"entryPoint":508,"graph":509,"unsanitizedCount":13,"severity":498},"\u003Cphraseanet-public-react-preview> (public\\partials\\phraseanet-public-react-preview.php:0)",{"nodes":510,"edges":515},[511,513],{"id":420,"type":421,"label":461,"file":512,"line":11},"public\\partials\\phraseanet-public-react-preview.php",{"id":424,"type":425,"label":426,"file":512,"line":514,"wp_function":427},19,[516],{"from":420,"to":424,"sanitized":314},{"summary":518,"deductions":519},"The phraseanet-client plugin version 1.3.11 exhibits a mixed security posture. On the positive side, the plugin demonstrates strong adherence to secure coding practices regarding SQL queries, utilizing prepared statements exclusively. The majority of output operations are also properly escaped, and a substantial number of nonce and capability checks are in place, indicating an effort to secure administrative and user-facing functionalities. The absence of any recorded vulnerabilities or CVEs in its history further suggests a relatively stable and secure track record.\n\nHowever, a significant concern arises from the extremely large attack surface presented by unprotected AJAX handlers. With 24 out of 25 total entry points being AJAX handlers without authentication checks, this creates a substantial risk. The taint analysis, while not revealing critical or high-severity issues, did identify 8 flows with unsanitized paths, which, combined with the unprotected AJAX endpoints, could potentially be leveraged for various attacks if not properly handled by the application logic.\n\nIn conclusion, while the plugin benefits from good SQL practices, proper output escaping, and a clean vulnerability history, the overwhelming number of unprotected AJAX endpoints represents a critical security weakness. The presence of unsanitized paths in taint flows exacerbates this risk. Developers should prioritize implementing robust authentication and authorization checks for all AJAX handlers to mitigate these significant exposure points.",[520,522],{"reason":521,"points":11},"Large attack surface without auth (AJAX)",{"reason":523,"points":524},"Taint flows with unsanitized paths",8,"2026-03-17T00:37:27.734Z",{"wat":527,"direct":544},{"assetPaths":528,"generatorPatterns":535,"scriptPaths":536,"versionParams":537},[529,530,531,532,533,534],"\u002Fwp-content\u002Fplugins\u002Fphraseanet-client\u002Fadmin\u002Fcss\u002Fphraseanet-admin.css","\u002Fwp-content\u002Fplugins\u002Fphraseanet-client\u002Fpublic\u002Fcss\u002Fbootstrap-phraseanet.css","\u002Fwp-content\u002Fplugins\u002Fphraseanet-client\u002Fadmin\u002Fjs\u002Fphraseanet-admin.js","\u002Fwp-content\u002Fplugins\u002Fphraseanet-client\u002Fpublic\u002Fjs\u002Fbootstrap.bundle.min.js","\u002Fwp-content\u002Fplugins\u002Fphraseanet-client\u002Fdist\u002Freact_pages.js","\u002Fwp-content\u002Fplugins\u002Fphraseanet-client\u002Fdist\u002Feditor.js",[],[531,532,533,534],[538,539,540,541,542,543],"phraseanet-client\u002Fcss\u002Fphraseanet-admin.css?ver=","phraseanet-client\u002Fcss\u002Fbootstrap-phraseanet.css?ver=","phraseanet-client\u002Fjs\u002Fphraseanet-admin.js?ver=","phraseanet-client\u002Fjs\u002Fbootstrap.bundle.min.js?ver=","phraseanet-client\u002Fdist\u002Freact_pages.js?ver=","phraseanet-client\u002Fdist\u002Feditor.js?ver=",{"cssClasses":545,"htmlComments":546,"htmlAttributes":547,"restEndpoints":548,"jsGlobals":549,"shortcodeOutput":551},[],[],[],[],[550],"my_block_licensing_data",[]]