[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fCN6EYBXgcMzLCsLB8BhcKQdh3mWwYWPPHEy3QSQ2jiA":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":37,"analysis":115,"fingerprints":200},"polaroid-on-the-fly","Polaroid on the Fly","0.7","Matt Martz","https:\u002F\u002Fprofiles.wordpress.org\u002Fsivel\u002F","\u003Cp>Creates polaroids of images on the fly for thumbnails in posts. Support for lightbox included. Built on modified Polaroid-o-nizer v0.7.2 sources.\u003C\u002Fp>\n\u003Cp>I wanted to mimic the Polaroid look that you can achieve with Google Picasa to add thumbnails to my posts. I found a plugin titled WP-Polaroidonizer that did what I wanted to some extent but it didn’t have the right feel to it.\u003C\u002Fp>\n\u003Cp>The other problem I have with Polaroid-o-nizer and WP-Polaroidonizer is the lack of security. When I mention lack of security there is by default no way to restrict external sites and users from generating Polaroid pictures using your installation of Polaroid-o-nizer.\u003C\u002Fp>\n\u003Cp>The goal of this plugin was to use rel= style html img tags to transform a simple URL into a Lightbox URL in which there is a thumbnail image in your post which is linked to an image that can be loaded using Lightbox or any of the Lightbox clones\u002Falternatives.\u003C\u002Fp>\n\u003Ch3>Requirements\u003C\u002Fh3>\n\u003Col>\n\u003Cli>PHP GD Module\u003C\u002Fli>\n\u003Cli>Lightbox – Not really a requirement but a recommendation if you want to have a nice ajax\u002Fjavascript image overlay on your page.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Upgrade\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Deactivate the plugin through the ‘Plugins’ menu in WordPress\u003C\u002Fli>\n\u003Cli>Delete the previous \u003Ccode>polaroid-on-the-fly\u003C\u002Fcode> folder from the \u003Ccode>\u002Fwp-content\u002Fplugins\u002F\u003C\u002Fcode> directory\u003C\u002Fli>\n\u003Cli>Upload the new \u003Ccode>polaroid-on-the-fly\u003C\u002Fcode> folder to the \u003Ccode>\u002Fwp-content\u002Fplugins\u002F\u003C\u002Fcode> directory\u003C\u002Fli>\n\u003Cli>Activate the plugin through the ‘Plugins’ menu in WordPress\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\n\u003Cp>Create an image link in your post in the following format:\u003C\u002Fp>\n\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Be sure to include \u003Ccode>rel=\"polaroid\"\u003C\u002Fcode> as this activates the plugin.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>If \u003Ccode>alt=\"Picture[album]\"\u003C\u002Fcode> is included the portion listed here as Picture will be displayed as the image title in Lightbox and the portion listed as \u003Ccode>[album]\u003C\u002Fcode> will group multiple pictures into an album called album. The alt tag is not required and if used the \u003Ccode>[album]\u003C\u002Fcode> portion is not required. Read the Lightbox usage for more details on Titles and albums.\u003C\u002Fli>\n\u003Cli>Be sure to place each html img tag on a separate line.\u003C\u002Fli>\n\u003Cli>This plugin supports the following image formats: jpg, png, gif\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>NOTE:\u003C\u002Fh4>\n\u003Cp>Do not use the visual editor for doing the above use the code editor.\u003C\u002Fp>\n\u003Ch3>To Do\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Add features for x and y offset\u003C\u002Fli>\n\u003Cli>Add features for rotation angle\u003C\u002Fli>\n\u003Cli>Add additional error reporting for the offset and angle\u003C\u002Fli>\n\u003Cli>Add functionality to options page to generate a URL for placement elsewhere on the site.\u003C\u002Fli>\n\u003Cli>Add functionality to cache the polaroid images.\u003C\u002Fli>\n\u003C\u002Fol>\n","Creates polaroids of images on the fly for thumbnails in posts. Support for lightbox included. Built on modified Polaroid-o-nizer v0.7.2 sources.",10,12534,0,"2009-06-20T14:28:00.000Z","2.7","2.3","",[19,20,21,22,23],"formatting","images","links","post","posts","http:\u002F\u002Fsivel.net\u002Fwordpress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpolaroid-on-the-fly.0.7.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":26,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"sivel",12,5340,30,84,"2026-04-04T04:50:27.671Z",[38,57,75,88,104],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":51,"requires_at_least":16,"requires_php":17,"tags":52,"homepage":55,"download_link":56,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"insights","Insights","1.0.8","Vladimir Prelovac","https:\u002F\u002Fprofiles.wordpress.org\u002Ffreediver\u002F","\u003Cp>Insights brings a powerful new way to write your blog posts. It increases productivity and at the same time quality of your posts.\u003C\u002Fp>\n\u003Cp>Insights performs following functions in real-time:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Interlink your posts\u003C\u002Fli>\n\u003Cli>Insert Flickr images\u003C\u002Fli>\n\u003Cli>Insert Youtube videos\u003C\u002Fli>\n\u003Cli>Search Wikipedia\u003C\u002Fli>\n\u003Cli>Search Google\u003C\u002Fli>\n\u003Cli>Search Google News\u003C\u002Fli>\n\u003Cli>Google Blog Search\u003C\u002Fli>\n\u003Cli>Google Book Search\u003C\u002Fli>\n\u003Cli>Insert a Google Map\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Check the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Finsights\u002Fscreenshots\u002F\" rel=\"ugc\">screenshots\u003C\u002Fa> for more examples of usage.\u003C\u002Fp>\n\u003Cp>Insights allows you to do all this using dynamic AJAX interface which loads the relevant information to your post in just a few seconds.\u003C\u002Fp>\n\u003Cp>Plugin by Vladimir Prelovac. Also check out \u003Ca href=\"https:\u002F\u002Fmanagewp.com\" rel=\"nofollow ugc\">ManageWP\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>The ideas for a quickly accessible Google Maps solution came from \u003Ca href=\"http:\u002F\u002Flabs.mozilla.com\u002Fprojects\u002Fubiquity\u002F\" rel=\"nofollow ugc\">Ubiquity\u003C\u002Fa> plugin for Firefox, which is just pure coolness.\u003C\u002Fp>\n\u003Cp>Thanks.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This file is part of Insights.\u003C\u002Fp>\n\u003Cp>Insights is free software: you can redistribute it and\u002For modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.\u003C\u002Fp>\n\u003Cp>Insights is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.\u003C\u002Fp>\n\u003Cp>You should have received a copy of the GNU General Public License along with Insights. If not, see \u003Ca href=\"http:\u002F\u002Fwww.gnu.org\u002Flicenses\u002F\" rel=\"nofollow ugc\">http:\u002F\u002Fwww.gnu.org\u002Flicenses\u002F\u003C\u002Fa>.\u003C\u002Fp>\n","Insights allows you to quickly access and insert information (links, images, videos, maps..) into your blog posts.",300,150073,96,5,"2014-12-22T09:10:00.000Z","4.2.39",[53,54,20,21,23],"admin","google","http:\u002F\u002Fwww.prelovac.com\u002Fvladimir\u002Fwordpress-plugins\u002Finsights","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Finsights.zip",{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":65,"downloaded":66,"rating":67,"num_ratings":49,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":17,"tags":71,"homepage":73,"download_link":74,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"default-image-link","Default Image Link","1.1","jruizcantero","https:\u002F\u002Fprofiles.wordpress.org\u002Fjruizcantero\u002F","\u003Cp>Select default settings for image link when you upload\u002Finsert images in post or pages. When you insert a image in a post\u002Fpage, by default, always it appears linked to media file.\u003Cbr \u002F>\nWith this plugin you will be able to stablish the link type by default for images which are inserted in post\u002Fpages without remembering select this option for each occasion.\u003C\u002Fp>\n\u003Cp>For SEO or other causes, some users prefer \u003Cstrong>images with ‘None’ link\u003C\u002Fstrong>. Also, others users prefer that \u003Cstrong>images link to Attachment page\u003C\u002Fstrong> or directly \u003Cstrong>link to self file\u003C\u002Fstrong> .jpg, .png, .gif, etc.\u003C\u002Fp>\n\u003Cp>Default Image Link let you choose between this links types for images:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>None\u003C\u002Fli>\n\u003Cli>Media File\u003C\u002Fli>\n\u003Cli>Attachment Page\u003C\u002Fli>\n\u003Cli>Custom URL\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For each image, you will be able to change again the link type and the links of images that were inserted in post\u002Fpages previously will never be modified.\u003C\u002Fp>\n\u003Cp>Also, this plugin can be useful for webs where publish multiple users that sometimes forget to select the correct link for each image uploaded\u002Finserted in post or pages.\u003C\u002Fp>\n\u003Cp>Do you want to translate the plugin to your language? (I can give you your credits). Any suggestions? You can contact me or follow me on \u003Ca href=\"http:\u002F\u002Ftwitter.com\u002Fjruizcantero\" rel=\"nofollow ugc\">Twitter @jruizcantero\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>(Thanks to Isabel Caballero for her English translations).\u003C\u002Fp>\n\u003Ch4>Descripción en Español\u003C\u002Fh4>\n\u003Cp>Selecciona el enlace por defecto que tendrán tus imágenes cuándo son subidas\u002Finsertadas en un artículo o página. Cuando insertas una imagen en un artículo\u002Fpágina, por defecto, siempre aparece enlazada al propio archivo que has subido.\u003Cbr \u002F>\nCon este plugin podrás establecer el tipo de enlace por defecto que quieres que tengan las imágenes cuando son insertadas en artículos\u002Fpáginas sin tener que acordarte de cambiarlo en cada ocasión.\u003C\u002Fp>\n\u003Cp>Por motivos de SEO o cualquier otra causa, muchos usuarios prefieren que las \u003Cstrong>imágenes siempre aparezcan sin enlace\u003C\u002Fstrong>. También hay quien prefiere que las \u003Cstrong>imágenes enlacen a la correspondiente página de adjuntos de WordPress\u003C\u002Fstrong> o directamente \u003Cstrong>enlazar al correspondiente archivo\u003C\u002Fstrong> .jpg, .png, .gif, etc.\u003C\u002Fp>\n\u003Cp>El plugin Defaul Image Link te permite seleccionar entre los siguientes tipos de enlace por defecto para las imágenes:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Ninguno; Las imágenes aparecerán por defecto sin enlaces.\u003C\u002Fli>\n\u003Cli>Archivo Multimedia: Las imágenes aparecen por defecto enlazadas a su correspondiente archivo .jpg, .png, .gif, etc.\u003C\u002Fli>\n\u003Cli>Página de Adjuntos: Las imágenes aparecen por defecto enlazadas a su correspodiente página de Adjuntos de WordPress.\u003C\u002Fli>\n\u003Cli>URL Personalizada: Enlace personalizado para cada imagen.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Para cada imagen se podrá volver a cambiar posteriormente el tipo de enlace y en ningún caso se modificarán los enlaces de las imágenes que ya han sido insertadas en artículos o páginas anteriormente.\u003C\u002Fp>\n\u003Cp>Este plugin también puede ser de gran utilidad en webs en donde publican varios usuarios que en múltiples ocasiones olvidan revisar el enlace asignado a cada imagen que es insertada\u002Fpublicada en los artículos o páginas.\u003C\u002Fp>\n\u003Cp>¿Quieres traducir este plugin a tu idioma? (te asignaré los créditos de la traducción). Alguna sugerencia? Puedes esccribirme o seguirme en \u003Ca href=\"http:\u002F\u002Ftwitter.com\u002Fjruizcantero\" rel=\"nofollow ugc\">Twitter @jruizcantero\u003C\u002Fa>.\u003C\u002Fp>\n","Select default settings for image link when you upload or insert images. Select default image link to None, Attachment Page, Media File or Custom URL.",200,8332,88,"2013-12-23T10:35:00.000Z","3.7.41","3.0.1",[53,20,21,72,23],"page","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdefault-image-link\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdefault-image-link.zip",{"slug":76,"name":77,"version":78,"author":7,"author_profile":8,"description":79,"short_description":80,"active_installs":81,"downloaded":82,"rating":13,"num_ratings":13,"last_updated":83,"tested_up_to":84,"requires_at_least":85,"requires_php":17,"tags":86,"homepage":24,"download_link":87,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"ajaxify-faqtastic","AJAXify FAQ-Tastic","1.5","\u003Cp>Used to add AJAX open close effects to the FAQ-Tastic WordPress plugin.\u003C\u002Fp>\n\u003Cp>Please note that this plugin does nothing on its own. This plugin requires the FAQ-Tastic Lite WordPress plugin that can be found at http:\u002F\u002Ffaq-tastic.com\u002Ffaqtastic-lite-free\u002F.\u003C\u002Fp>\n\u003Cp>Javascript libraries used: jQuery. jQuery is used from the WordPress sources.\u003C\u002Fp>\n\u003Ch3>Upgrade\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Deactivate the plugin through the ‘Plugins’ menu in WordPress\u003C\u002Fli>\n\u003Cli>Delete the previous \u003Ccode>ajaxify-faqtastic\u003C\u002Fcode> folder from the \u003Ccode>\u002Fwp-content\u002Fplugins\u002F\u003C\u002Fcode> directory\u003C\u002Fli>\n\u003Cli>Upload the new \u003Ccode>ajaxify-faqtastic\u003C\u002Fcode> folder to the \u003Ccode>\u002Fwp-content\u002Fplugins\u002F\u003C\u002Fcode> directory\u003C\u002Fli>\n\u003Cli>Activate the plugin through the ‘Plugins’ menu in WordPress\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Nothing is required to make the plugin work other than activating it.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Notes\u003C\u002Fh3>\n\u003Col>\n\u003Cli>This plugin will hide the ratings functionality included with FAQ-Tastic as it causes issues with the open\u002Fclose toggling.\u003C\u002Fli>\n\u003C\u002Fol>\n","Used to add AJAX open\u002Fclose effects to the FAQ-Tastic WordPress plugin.",20,11271,"2009-06-20T14:27:00.000Z","2.9.2","2.5",[19,21,72,22,23],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fajaxify-faqtastic.1.5.zip",{"slug":89,"name":90,"version":91,"author":92,"author_profile":93,"description":94,"short_description":95,"active_installs":81,"downloaded":96,"rating":13,"num_ratings":13,"last_updated":97,"tested_up_to":98,"requires_at_least":16,"requires_php":17,"tags":99,"homepage":102,"download_link":103,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"thumblated-related-post","Thumblated Related Post","1.0.5","shekharsaxena007","https:\u002F\u002Fprofiles.wordpress.org\u002Fshekharsaxena007\u002F","\u003Cp>Thumblated Related Posts is a very simple plugin to use.. It shows related posts for the post user is reading. It also add the first picture in post as thumbnail beside the related post. This helps in increasing \u003Cem>page views\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>It is good for internal link building and overall pagerank. It Lets you design the look of your related posts with thumbnails. It lets to write your own HTML and gives you access to some tags (link, title, image etc)\u003C\u002Fp>\n","This plugin shows thumblated related posts. It allows you to design your own layout using simple and easy interface. Good for SEO and reducing bounce  &hellip;",13211,"2009-11-05T11:17:00.000Z","2.8.4",[20,21,23,100,101],"related-posts","thumbnails","http:\u002F\u002Fwww.devilslab.com\u002Fwp-thumblated-related-post","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fthumblated-related-post.zip",{"slug":105,"name":106,"version":107,"author":7,"author_profile":8,"description":108,"short_description":109,"active_installs":11,"downloaded":110,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":85,"requires_at_least":111,"requires_php":17,"tags":112,"homepage":24,"download_link":114,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28},"no-widget-category-cloud","No Widget Category Cloud","0.2","\u003Cp>Creates a function that can be placed in a wordpress template for a category cloud that exists without the requirement of widgets or a widget ready theme.\u003C\u002Fp>\n\u003Cp>I created this plugin after I started using a single column theme that is not widget ready.  I found that there were multiple plugin widgets available, but no plugin that would allow me to just place a php function into my theme to display a category cloud.\u003C\u002Fp>\n\u003Cp>Some ideas for oter uses of this plugin:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Install WP-Sticky and Exec-PHP.  Create a Sticky post which will stay at the top of your page and type the php code for this plugin in the post.  Now you have a Category Cloud that stays at the top of your page.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Requirements\u003C\u002Fh3>\n\u003Col>\n\u003Cli>WordPress 2.x\u003C\u002Fli>\n\u003Cli>Web server that supports PHP\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Upgrade\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Deactivate the plugin through the ‘Plugins’ menu in WordPress\u003C\u002Fli>\n\u003Cli>Delete the previous \u003Ccode>no-widget-category-cloud\u003C\u002Fcode> folder from the \u003Ccode>\u002Fwp-content\u002Fplugins\u002F\u003C\u002Fcode> directory\u003C\u002Fli>\n\u003Cli>Upload the new \u003Ccode>no-widget-category-cloud\u003C\u002Fcode> folder to the \u003Ccode>\u002Fwp-content\u002Fplugins\u002F\u003C\u002Fcode> directory\u003C\u002Fli>\n\u003Cli>Activate the plugin through the ‘Plugins’ menu in WordPress\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>\u003C?php nw_catcloud(small_size,big_size,size_unit,align,orderby,order,min_posts,hide_empty,title); ?>\n\nsmall_size = font size, integer (default 75)\nbig_size = font size, integer (default 200)\nsize_unit = %, px, pt (default %)\nalign = left, right, center, justify (default left)\norderby = count, name (default name)\norder = asc, desc (default asc)\nmin_posts = minimum number of posts, integer (default 1)\nhide_empty = 0,1 (default 1, 1=yes,0=no)\ntitle = string (This can contain HTML to format the title) \n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Col>\n\u003Cli>Open the theme files, in your favorite editor, that you wish to add the category cloud to (index.php, single.php, page.php, etc…).\u003C\u002Fli>\n\u003Cli>Add a line that looks like above.  You can also use the defaults by not specifiying anything between the parentheses. See example 2 below.\u003C\u002Fli>\n\u003Cli>Enjoy.\u003C\u002Fli>\n\u003Cli>As I mentioned in the description you can also use this plugin with Exec-PHP and it would make a nice combo with WP-Sticky.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Examples\u003C\u002Fh4>\n\u003Col>\n\u003Cli>\u003Ccode>\u003C?php nw_catcloud(75,200,'%','left','name','asc',1,1,'\u003Ch2 class=\"posttitle\" style=\"margin-bottom:0px;\">Categories\u003C\u002Fh2>'); ?>\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>\u003C?php nw_catcloud(); ?>\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>To Do\u003C\u002Fh3>\n\u003Col>\n\u003Cli>I am open to suggestions.\u003C\u002Fli>\n\u003Cli>I am sure I will think of something.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Credit\u003C\u002Fh3>\n\u003Cp>I’ve got to give credit where credit is due.  And that credit goes to Lee Kelleher and his Category Cloud Widget.  I used a lot of his code in this plugin modifying it where needed to make it work the way I wanted.\u003C\u002Fp>\n","Creates a function that can be placed in a wordpress template for a category cloud that exists without the requirement of widgets or a widget ready th &hellip;",6986,"2.0",[113,19,21,22,23],"categories","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fno-widget-category-cloud.0.2.zip",{"attackSurface":116,"codeSignals":137,"taintFlows":160,"riskAssessment":188,"analyzedAt":199},{"hooks":117,"ajaxHandlers":133,"restRoutes":134,"shortcodes":135,"cronEvents":136,"entryPointCount":13,"unprotectedCount":13},[118,124,128],{"type":119,"name":120,"callback":121,"file":122,"line":123},"action","admin_menu","potf_menu","polaroid-on-the-fly.php",32,{"type":119,"name":125,"callback":126,"file":122,"line":127},"activate_polaroid-on-the-fly\u002Fpolaroid-on-the-fly.php","potf_init",204,{"type":129,"name":130,"callback":131,"file":122,"line":132},"filter","the_content","polaroid_replace",321,[],[],[],[],{"dangerousFunctions":138,"sqlUsage":139,"outputEscaping":141,"fileOperations":158,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":159},[],{"prepared":13,"raw":13,"locations":140},[],{"escaped":142,"rawEcho":143,"locations":144},8,6,[145,148,150,152,154,156],{"file":122,"line":146,"context":147},79,"raw output",{"file":122,"line":149,"context":147},94,{"file":122,"line":151,"context":147},160,{"file":122,"line":153,"context":147},167,{"file":122,"line":155,"context":147},174,{"file":122,"line":157,"context":147},316,2,[],[161,179],{"entryPoint":162,"graph":163,"unsanitizedCount":177,"severity":178},"potf_options (polaroid-on-the-fly.php:40)",{"nodes":164,"edges":174},[165,169],{"id":166,"type":167,"label":168,"file":122,"line":149},"n0","source","$_SERVER['REQUEST_URI']",{"id":170,"type":171,"label":172,"file":122,"line":149,"wp_function":173},"n1","sink","echo() [XSS]","echo",[175],{"from":166,"to":170,"sanitized":176},false,1,"medium",{"entryPoint":180,"graph":181,"unsanitizedCount":177,"severity":187},"\u003Cpolaroid-on-the-fly> (polaroid-on-the-fly.php:0)",{"nodes":182,"edges":185},[183,184],{"id":166,"type":167,"label":168,"file":122,"line":149},{"id":170,"type":171,"label":172,"file":122,"line":149,"wp_function":173},[186],{"from":166,"to":170,"sanitized":176},"low",{"summary":189,"deductions":190},"The \"polaroid-on-the-fly\" plugin v0.7 exhibits a generally positive security posture with no known vulnerabilities or critical code signals. The absence of AJAX handlers, REST API routes, shortcodes, and cron events significantly limits the attack surface. The plugin also demonstrates good practices by utilizing prepared statements for all SQL queries and avoiding external HTTP requests. However, the static analysis reveals two flows with unsanitized paths, indicating a potential risk for path traversal vulnerabilities if these paths are derived from user input. Furthermore, the code shows a low percentage of properly escaped output (57%), which could lead to cross-site scripting (XSS) vulnerabilities if user-controlled data is echoed directly without sufficient sanitization.\n\nThe lack of any recorded vulnerabilities in its history is a strong positive indicator. This suggests a history of responsible development and proactive security measures. However, this positive track record should not overshadow the identified weaknesses in path handling and output escaping. The plugin's strengths lie in its minimal attack surface and secure database interactions, while its weaknesses are concentrated in how it handles file paths and user-generated output. A balanced conclusion would be that while the plugin has a solid foundation, the identified path handling and output escaping issues require attention to achieve a robust security profile.",[191,193,195,197],{"reason":192,"points":142},"Unsanitized paths in taint analysis",{"reason":194,"points":143},"Low percentage of properly escaped output",{"reason":196,"points":49},"No nonce checks implemented",{"reason":198,"points":49},"No capability checks implemented","2026-03-17T00:42:57.570Z",{"wat":201,"direct":210},{"assetPaths":202,"generatorPatterns":205,"scriptPaths":206,"versionParams":207},[203,204],"\u002Fwp-content\u002Fplugins\u002Fpolaroid-on-the-fly\u002Fcss\u002Fpolaroid-on-the-fly.css","\u002Fwp-content\u002Fplugins\u002Fpolaroid-on-the-fly\u002Fjs\u002Fpolaroid-on-the-fly.js",[],[204],[208,209],"polaroid-on-the-fly\u002Fcss\u002Fpolaroid-on-the-fly.css?ver=","polaroid-on-the-fly\u002Fjs\u002Fpolaroid-on-the-fly.js?ver=",{"cssClasses":211,"htmlComments":212,"htmlAttributes":215,"restEndpoints":217,"jsGlobals":218,"shortcodeOutput":220},[4],[213,214],"\u003C!--potf Options -->","\u003C!-- Last Action -->",[216],"data-potf-inline",[],[219],"potf",[]]