[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f35Q3VwMacM47jhfAo0DlHywb0JfKWRUz-uy0GBzArao":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":71,"crawl_stats":36,"alternatives":79,"analysis":180,"fingerprints":262},"prettyphoto","PrettyPhoto – Simple Lightbox Plugin","1.2.5","Babar","https:\u002F\u002Fprofiles.wordpress.org\u002Fibabar\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fmaster-addons.com\" rel=\"nofollow ugc\">Master Addons\u003C\u002Fa> is Collection of Exclusive & Unique Addons for Elementor Page Builder. This Plugin that gives you full control over Images to show in your website.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>Don’t forget to check \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmaster-addons\u002F\" rel=\"ugc\">Master Addons for Elementor\u003C\u002Fa>\u003Cbr \u002F>\n  Includes 50+ Addons, 15+ Extensions & 1000+ Landing Pages.\u003Cbr \u002F>\n  \u003Ca href=\"https:\u002F\u002Fmaster-addons.com\u002Fall-widgets\u002F\" rel=\"nofollow ugc\">All Addons\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fmaster-addons.com\u002Fcontact-us\u002F\" rel=\"nofollow ugc\">Support\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fmaster-addons.com\u002Fdocs\u002F\" rel=\"nofollow ugc\">Docs\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=wXPEl93_UBw&list=PLqpMw0NsHXV9V6UwRniXTUkabCJtOhyIf\" rel=\"nofollow ugc\">Tutorials\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fmaster-addons.com\u002Fgo\u002Fupgrade-pro\u002F\" rel=\"nofollow ugc\">Upgrade Pro\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Get 20% Discount now, Coupon Code: ENJOY20  \u003Ca href=\"https:\u002F\u002Fmaster-addons.com\u002Fgo\u002Fupgrade-pro\u002F\" rel=\"nofollow ugc\">Purchase Now\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch3>Installation Video Tutorial:\u003C\u002Fh3>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Fdr7su8U88Yo?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>Elementor Tutorial:\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Fc18zDqpnCWE?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>\u003Cstrong>WordPress prettyPhoto\u003C\u002Fstrong> is a jQuery lightbox clone. Not only does it support images, it also support for videos, flash, YouTube, iframes and ajax. It’s a full blown media lightbox.\u003C\u002Fp>\n\u003Cp>It is very easy to setup, yet very flexible if you want to customize it a bit. Plus the script is compatible in every major browser, even IE6.\u003Cbr \u002F>\nFor a installation guide checkout the \u003Cstrong>Installation\u003C\u002Fstrong> tab above.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Usage Guide:\u003C\u002Fstrong> It’s very easy to implement. Just use a rel=”prettyPhoto” attribute with the link tags you want to pop up and that’s all. You’re ready to rock.\u003C\u002Fp>\n\u003Cp>Example: \u003Ccode>\u003Ca href=\"images.jpg\" rel=\"prettyPhoto\" title=\"This is the description\">\u003Cimg src=\"thumbnail.jpg\" width=\"60\" height=\"60\" alt=\"This is the title\" \u002F>\u003C\u002Fa>\u003C\u002Fcode>\u003Cbr \u002F>\nA set of short codes to use with visual editor of post\u002Fpage is being cooked.\u003C\u002Fp>\n\u003Cp>Make sure that your theme is WordPress header and footer tag enabled otherwise this plugin won’t work.\u003C\u002Fp>\n","An easy to use lightbox\u002Fthickbox clone for WordPress. Prettyphoto Elementor Addon supports",2000,89294,56,15,"2025-09-14T06:51:00.000Z","6.8.5","",[19,20,4,21,22],"fancybox","lightbox","thickbox","wordpress-likghtbox","https:\u002F\u002Fwww.iBabar.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fprettyphoto.zip",75,3,1,"2025-09-05 00:00:00","2026-03-15T15:16:48.613Z",[31,45,57],{"id":32,"url_slug":33,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":36,"severity":38,"cvss_score":39,"cvss_vector":40,"vuln_type":41,"published_date":28,"updated_date":42,"references":43,"days_to_patch":36},"CVE-2025-58808","prettyphoto-authenticated-contributor-stored-cross-site-scripting","prettyPhoto \u003C= 1.2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting","The prettyPhoto plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.2.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",null,"\u003C=1.2.4","medium",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-09-10 19:38:56",[44],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fd062fb5d-87ae-4a23-a8f7-d8e2c169db7e?source=api-prod",{"id":46,"url_slug":47,"title":48,"description":49,"plugin_slug":4,"theme_slug":36,"affected_versions":50,"patched_in_version":51,"severity":38,"cvss_score":39,"cvss_vector":40,"vuln_type":41,"published_date":52,"updated_date":53,"references":54,"days_to_patch":56},"CVE-2024-5162","wordpress-prettyphoto-authenticated-contributor-stored-cross-site-scripting-via-url-parameter","WordPress prettyPhoto \u003C= 1.2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via url Parameter","The WordPress prettyPhoto plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter in all versions up to, and including, 1.2.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","\u003C=1.2.3","1.2.4","2024-06-05 15:42:50","2025-05-27 19:51:36",[55],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fc581616d-c9e7-46f2-9c2f-5e082a13fd0b?source=api-prod",356,{"id":58,"url_slug":59,"title":60,"description":61,"plugin_slug":4,"theme_slug":36,"affected_versions":62,"patched_in_version":63,"severity":38,"cvss_score":64,"cvss_vector":65,"vuln_type":41,"published_date":66,"updated_date":67,"references":68,"days_to_patch":70},"WF-0a33282c-2adb-4f26-8fc4-918a48bfd040-prettyphoto","wordpress-prettyphoto-dom-cross-site-scripting","WordPress prettyPhoto \u003C= 1.1 - DOM Cross-Site Scripting","The prettyPhoto plugin for WordPress is vulnerable to DOM Cross-Site Scripting in versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for attackers to inject arbitrary web scripts that execute in a victim's browser.","\u003C=1.1","1.2",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","2015-05-05 00:00:00","2024-01-22 19:56:02",[69],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F0a33282c-2adb-4f26-8fc4-918a48bfd040?source=api-prod",3185,{"slug":72,"display_name":7,"profile_url":8,"plugin_count":73,"total_installs":74,"avg_security_score":75,"avg_patch_time_days":76,"trust_score":77,"computed_at":78},"ibabar",6,2720,88,1771,71,"2026-04-05T01:03:01.880Z",[80,103,123,143,163],{"slug":81,"name":82,"version":83,"author":84,"author_profile":85,"description":86,"short_description":87,"active_installs":88,"downloaded":89,"rating":90,"num_ratings":90,"last_updated":91,"tested_up_to":16,"requires_at_least":92,"requires_php":93,"tags":94,"homepage":98,"download_link":99,"security_score":100,"vuln_count":26,"unpatched_count":101,"last_vuln_date":102,"fetched_at":29},"fancybox-for-wordpress","FancyBox for WordPress","3.3.7","colorlibplugins","https:\u002F\u002Fprofiles.wordpress.org\u002Fcolorlibplugins\u002F","\u003Cp>Seamlessly integrates FancyBox into your blog: Upload, activate, and you’re done. Additional configuration optional.\u003C\u002Fp>\n\u003Cp>You can easily customize almost anything you can think about fancybox lightbox: the border, margin width and color, zoom speed, animation type, close button position, overlay color and opacity and even more advanced option like several options to group images into galleries, and more…\u003C\u002Fp>\n\u003Cp>By default, the plugin will use jQuery to apply FancyBox to ANY thumbnails that link directly to an image. This includes posts, the sidebar, etc, so you can activate it and it will be applied automatically.\u003C\u002Fp>\n\u003Ch4>Further Reading\u003C\u002Fh4>\n\u003Cp>This plugin is developed and maintained by Colorlib. Which is well know for their free \u003Ca href=\"https:\u002F\u002Fcolorlib.com\u002Fwp\u002Fthemes\u002F\" rel=\"nofollow ugc\">\u003C\u002Fa>WordPress themes. However, now they are looking to extend their presence in plugin development and believe that FancyBox lightbox is a great way to start.\u003C\u002Fp>\n\u003Cp>If you are new to WordPress and want to lear more we have got you covered. Colorlib will teach you have to \u003Ca href=\"https:\u002F\u002Fcolorlib.com\u002F\" rel=\"nofollow ugc\">start a blog\u003C\u002Fa> or \u003Ca href=\"https:\u002F\u002Fcolorlib.com\u002Fwp\u002Fhow-to-make-a-website\u002F\" rel=\"nofollow ugc\">create a website\u003C\u002Fa> and much more. If you are already familiar with WordPress you likely want to learn how to make it faster and more reliable. That’s when you want to look into hosting and more specifically \u003Ca href=\"http:\u002F\u002Fcolorlib.com\u002Fwp\u002Fwordpress-hosting\" rel=\"nofollow ugc\">WordPress hosting\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>If you enjoy using FancyBox lightbox for WordPress please leave a \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Ffancybox-for-wordpress\u002Freviews\u002F?filter=5\" rel=\"ugc\">positive feedback\u003C\u002Fa>. We are committed to make it the best lightbox plugin for WordPress.\u003C\u002Fp>\n","Seamlessly integrates FancyBox lightbox into your WordPress blog: Upload, activate, and you're done. Additional configuration optional.",40000,1940597,92,"2025-05-07T14:18:00.000Z","5.6","7.4",[19,95,20,96,97],"images","photos","pictures","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ffancybox-for-wordpress\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffancybox-for-wordpress.3.3.7.zip",96,0,"2025-05-13 00:00:00",{"slug":104,"name":105,"version":106,"author":107,"author_profile":108,"description":109,"short_description":110,"active_installs":111,"downloaded":112,"rating":113,"num_ratings":77,"last_updated":114,"tested_up_to":16,"requires_at_least":115,"requires_php":17,"tags":116,"homepage":120,"download_link":121,"security_score":122,"vuln_count":26,"unpatched_count":101,"last_vuln_date":28,"fetched_at":29},"ari-fancy-lightbox","ARI Fancy Lightbox – Popup for WordPress","1.4.1","arisoft","https:\u002F\u002Fprofiles.wordpress.org\u002Farisoft\u002F","\u003Cp>Need a lightbox plugin to show various content on any device (from mobile to desktop)? ARI Fancy Lightbox is the right choice.\u003C\u002Fp>\n\u003Cp>It uses Fancybox popup to bring lightbox effect to WordPress sites. Use it to show images from native WordPress, NextGEN, FooGallery, Justified Image Grid and Jetpack galleries, photos, videos from YouTube, Vimeo, Dailymotion, Vine, Metacafe services, PDF documents, Google Maps links, inline content, external pages into the lightbox.\u003C\u002Fp>\n\u003Cp>It works with WordPress native and Jetpack (tiled, circle) galleries out of the box. Just install and activate the plugin and images from galleries will be opened into fancybox popup.\u003C\u002Fp>\n\u003Cp>Easy to use, no need any additional modification of HTML code. Just select media items which want to display into the lightbox (for example YouTube or Vimeo videos) and the plugin attaches lightbox automatically to all appropriate links on your site.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Ch4>Want demo?\u003C\u002Fh4>\n\u003Cp>Try the lightbox in action on \u003Ca href=\"http:\u002F\u002Fwp-quiz.ari-soft.com\u002Fplugins\u002Fwordpress-fancy-lightbox.html#demo\" rel=\"nofollow ugc\">demo site\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>“ARI Fancy Lightbox” supports the following features:\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>Mobile friendly. Works well on any device. Supports gestures (tap, zoom, pan and pinch), swipe navigation, inline zoom.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Show videos from YouTube, Vimeo, Vine, Dailymotion, Metacafe services into the popup.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Integration with NextGEN galleries.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Can load get titles from EXIF data or use file names as titles for images.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>One click integration with WooCommerce. Show WooCommerce product images in fancy lightbox.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Automatic integration with WordPress and Jetpack galleries. Photos from galleries will be opened into the lightbox.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>FooGallery support.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Can disable right click for images to avoid copying URLs.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Show local PDF files in cross-browser PDFJS viewer.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Supports slideshow mode and loop navigation.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Can show all external links into the lightbox.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Provides UI interface to change lightbox styles.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Open content in fullscreen mode.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Show thumbnails toolbar for fast navigation between lightbox items.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Display inline content and web pages.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Supports custom actions and filters. Extend functionality easily.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Highly customizable.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Uses Fancybox3\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cblockquote>\n\u003Ch4>Need more features?\u003C\u002Fh4>\n\u003Cp>Get \u003Ca href=\"http:\u002F\u002Fwp-quiz.ari-soft.com\u002Fplugins\u002Fwordpress-fancy-lightbox.html#pricing\" rel=\"nofollow ugc\">PRO version\u003C\u002Fa>.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>Premium Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>Supports deeplinking. Generates an unique link for each lightbox item and open the lightbox automatically when the link is opened into a browser.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Integration with Facebook comment plugin.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Share lightbox content via social networks: Facebook, Twitter, Google+, Pinterest, LinkedIn, VK. Send by e-mail.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Extended parameters for YouTube, Vimeo, Dailymotion video players (auto-play, related video, fullscreen button and others).\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Possible to disable the lightbox on small screens.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Create splash window via shortcode. The lightbox with the defined content will be opened on page load. Possible to show it only once.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Can show external\u002Finternal links with target=”_blank” attribute into the popup.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Supports integration with Justified Image Grid.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>More information can be found in \u003Ca href=\"http:\u002F\u002Fwww.ari-soft.com\u002Fdocs\u002Fwordpress\u002Fari-fancy-lightbox\u002Fv1\u002Fen\u002Findex.html\" rel=\"nofollow ugc\">user’s guide\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Ch4>Featured In The Media\u003C\u002Fh4>\n\u003Cp>We’ve been featured in \u003Ca href=\"http:\u002F\u002Fwpdean.com\u002Fwordpress-lightbox-plugins\u002F\" rel=\"nofollow ugc\">10 Best WordPress Lightbox Plugins for 2017\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwww.wpbuffs.com\u002Fwordpress-image-lightbox-plugins-for-photo-galleries\u002F#8\" rel=\"nofollow ugc\">Best WordPress Lightbox Plugins\u003C\u002Fa>.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Cstrong>Have any idea how to improve the plugin?\u003C\u002Fstrong> Don’t hesitate to share it \u003Ca href=\"http:\u002F\u002Fwww.ari-soft.com\u002FARI-Fancy-Lightbox\u002F\" rel=\"nofollow ugc\">here\u003C\u002Fa> and we will try to implement it in future versions of the plugin.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Do you like the plugin and want to say about it?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Write a review and rate it \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fari-fancy-lightbox\u002Freviews\u002F\" rel=\"ugc\">here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Are interested in other our WordPress plugins?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Check \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fari-stream-quiz\u002F\" rel=\"ugc\">ARI Stream Quiz\u003C\u002Fa> – WordPress Viral Quiz plugin,\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fari-cf7-connector\u002F\" rel=\"ugc\">Contact Form 7 Connector\u003C\u002Fa> integrates CF7 with MailChimp and MailerLite,\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fari-adminer\u002F\" rel=\"ugc\">ARI Adminer\u003C\u002Fa> – WordPress database management plugin.\u003C\u002Fp>\n","Lightbox for WordPress with social and viral features. Show photos, gallery, PDF, videos, WooCommerce images, inline content, Google Maps links.",10000,242451,94,"2025-09-24T19:50:00.000Z","3.4",[19,117,20,118,119],"fancybox3","popup","video-lightbox","http:\u002F\u002Fwp-quiz.ari-soft.com\u002Fplugins\u002Fwordpress-fancy-lightbox.html","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fari-fancy-lightbox.1.4.1.zip",97,{"slug":124,"name":125,"version":126,"author":127,"author_profile":128,"description":129,"short_description":130,"active_installs":131,"downloaded":132,"rating":13,"num_ratings":133,"last_updated":134,"tested_up_to":135,"requires_at_least":136,"requires_php":17,"tags":137,"homepage":139,"download_link":140,"security_score":141,"vuln_count":27,"unpatched_count":27,"last_vuln_date":142,"fetched_at":29},"fancy-box","FancyBox","1.1.0","Kevin Sylvestre","https:\u002F\u002Fprofiles.wordpress.org\u002Fkevinsylvestre\u002F","\u003Cp>This plugin uses the jquery implementation of fancybox and makes use of [attr] style selectors by adding a section to the wordpress header.\u003C\u002Fp>\n\u003Cp>For more information and examples of slimbox visit:\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Ffancy.klade.lv\u002F\" rel=\"nofollow ugc\">FancyBox\u003C\u002Fa>\u003C\u002Fp>\n","Enables fancybox on all image links including BMP, GIF, JPG, JPEG, and PNG links.",4000,286229,9,"2017-11-28T10:30:00.000Z","3.5.2","2.7",[19,95,138,20],"javascript","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Ffancy-box\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffancy-box.zip",64,"2025-03-21 00:00:00",{"slug":144,"name":145,"version":146,"author":147,"author_profile":148,"description":149,"short_description":150,"active_installs":151,"downloaded":152,"rating":153,"num_ratings":154,"last_updated":155,"tested_up_to":156,"requires_at_least":157,"requires_php":17,"tags":158,"homepage":17,"download_link":161,"security_score":162,"vuln_count":101,"unpatched_count":101,"last_vuln_date":36,"fetched_at":29},"photo-swipe","PhotoSwipe","4.1.1.1","Louy Alakkad","https:\u002F\u002Fprofiles.wordpress.org\u002Flouyx\u002F","\u003Cp>This plugins adds the PhotoSwipe library to your WordPress blog seamlessly. No configuration required.\u003C\u002Fp>\n","A very light implementation of PhotoSwipe javascript plugin for WordPress",1000,31166,90,11,"2016-03-17T14:51:00.000Z","4.4.0","4.0",[159,19,160,95,20],"attachments","gallery","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fphoto-swipe.4.1.1.1.zip",85,{"slug":164,"name":165,"version":51,"author":166,"author_profile":167,"description":168,"short_description":169,"active_installs":151,"downloaded":170,"rating":171,"num_ratings":172,"last_updated":173,"tested_up_to":174,"requires_at_least":115,"requires_php":17,"tags":175,"homepage":178,"download_link":179,"security_score":162,"vuln_count":101,"unpatched_count":101,"last_vuln_date":36,"fetched_at":29},"w3dev-fancybox","fancyBox 3 for WordPress","w3dev","https:\u002F\u002Fprofiles.wordpress.org\u002Fw3dev\u002F","\u003Cp>Seamlessly integrates the fancyBox 3 script into your WordPress installation: Upload, activate, and you’re done. Additional configuration is optional.\u003C\u002Fp>\n\u003Cp>You can easily customize almost anything you can think about fancyBox lightbox. By default, the plugin will use jQuery to apply fancyBox to ANY thumbnails that link directly to an image. It will also automatically convert WordPress image galleries into fancyBox galleries.\u003C\u002Fp>\n\u003Cp>For Inline content linking\u003Cbr \u002F>\n– Create a link to any hidden or visible div with an ID attribate, and the plugin will transform the link and enable it for fancyBox usage.\u003Cbr \u002F>\n– Note: this may cause a conflict if your page or website is using a smooth scrolling function to jump between page sections!\u003C\u002Fp>\n\u003Cp>In upcoming versions, additional functionality for ajax calls and iframe data will be implemented.\u003C\u002Fp>\n","Seamlessly integrates the fancyBox 3 script into your WordPress installation: Upload, activate, and you're done. Additional configuration is opti &hellip;",15612,98,7,"2023-11-06T22:53:00.000Z","6.3.8",[19,176,160,177,20],"fancybox-3","jquery","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fw3dev-fancybox\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fw3dev-fancybox.zip",{"attackSurface":181,"codeSignals":233,"taintFlows":246,"riskAssessment":247,"analyzedAt":261},{"hooks":182,"ajaxHandlers":229,"restRoutes":230,"shortcodes":231,"cronEvents":232,"entryPointCount":101,"unprotectedCount":101},[183,189,194,198,202,206,210,215,219,223,226],{"type":184,"name":185,"callback":186,"file":187,"line":188},"filter","plugin_row_meta","jltma_wpf_plugin_actions_links","class-wordpress-prettyphoto.php",21,{"type":190,"name":191,"callback":192,"file":187,"line":193},"action","wp_enqueue_scripts","jltma_wpf_enqueue_scripts",24,{"type":184,"name":195,"callback":196,"file":187,"line":197},"wp_footer","jltma_wpf_print_footer_script",25,{"type":190,"name":199,"callback":200,"file":187,"line":201},"elementor\u002Fwidgets\u002Fwidgets_registered","jltma_wpf_init_widgets",28,{"type":184,"name":203,"callback":204,"file":187,"line":205},"attachment_fields_to_edit","jltma_wpf_enable_disable_wpf_edit",31,{"type":184,"name":207,"callback":208,"file":187,"line":209},"attachment_fields_to_save","jltma_wpf_enable_disable_wpf_save",32,{"type":184,"name":211,"callback":212,"priority":213,"file":187,"line":214},"image_send_to_editor","jltma_wpf_replace_image_attribute",10,35,{"type":190,"name":216,"callback":217,"file":187,"line":218},"admin_head","jltma_wpf_editor_text_alignment",37,{"type":190,"name":220,"callback":221,"file":187,"line":222},"admin_notices","jltma_wpf_admin_notice_missing_main_plugin",147,{"type":190,"name":220,"callback":224,"file":187,"line":225},"jltma_wpf_admin_notice_minimum_elementor_version",153,{"type":190,"name":220,"callback":227,"file":187,"line":228},"jltma_wpf_admin_notice_minimum_php_version",159,[],[],[],[],{"dangerousFunctions":234,"sqlUsage":235,"outputEscaping":237,"fileOperations":101,"externalRequests":101,"nonceChecks":101,"capabilityChecks":238,"bundledLibraries":245},[],{"prepared":101,"raw":101,"locations":236},[],{"escaped":26,"rawEcho":238,"locations":239},2,[240,244],{"file":241,"line":242,"context":243},"addon\\jltma-wpf-addon.php",95,"raw output",{"file":241,"line":100,"context":243},[],[],{"summary":248,"deductions":249},"The 'prettyPhoto' plugin version 1.2.5 exhibits a mixed security posture.  The static analysis reveals a commendable lack of immediately exploitable entry points like AJAX handlers, REST API routes, and shortcodes that are exposed without authentication.  Furthermore, the absence of dangerous functions and raw SQL queries is a positive sign, indicating some adherence to secure coding practices.  However, the 60% output escaping rate suggests a potential for Cross-Site Scripting (XSS) vulnerabilities in the remaining 40% of outputs, though the taint analysis did not reveal any active flows. \n\nThe vulnerability history is a significant concern. With three known CVEs, and one still unpatched, the plugin has a documented history of security flaws, primarily related to Cross-Site Scripting.  The fact that the last vulnerability was recorded relatively recently (2025-09-05) indicates that the development team has been active in fixing issues, but also that new ones have emerged. The presence of unpatched vulnerabilities, even if medium severity, poses an ongoing risk to users of this version.  While the current code analysis shows no glaring immediate threats, the historical pattern of XSS vulnerabilities and the existence of an unpatched CVE necessitate caution.",[250,252,255,258],{"reason":251,"points":14},"Unpatched CVE found",{"reason":253,"points":254},"Medium severity vulnerabilities in history",12,{"reason":256,"points":257},"Inconsistent output escaping (40% unescaped)",8,{"reason":259,"points":260},"No nonce checks on entry points",5,"2026-03-16T18:36:19.341Z",{"wat":263,"direct":272},{"assetPaths":264,"generatorPatterns":267,"scriptPaths":268,"versionParams":269},[265,266],"\u002Fwp-content\u002Fplugins\u002Fprettyphoto\u002Fcss\u002FprettyPhoto.css","\u002Fwp-content\u002Fplugins\u002Fprettyphoto\u002Fjs\u002Fjquery.prettyPhoto.js",[],[266],[270,271],"prettyphoto\u002Fcss\u002FprettyPhoto.css?ver=","prettyphoto\u002Fjs\u002Fjquery.prettyPhoto.js?ver=",{"cssClasses":273,"htmlComments":292,"htmlAttributes":294,"restEndpoints":296,"jsGlobals":297,"shortcodeOutput":299},[274,275,276,277,278,279,280,281,282,283,284,285,286,287,288,289,290,291],"pp_pic_holder","pp_content","pp_fade","pp_overlay","pp_top","pp_bottom","pp_loaderIcon","pp_nav","pp_arrow_previous","pp_arrow_next","pp_details","pp_description","pp_social","pp_inline","pp_right","pp_left","pp_next","pp_previous",[293],"\u003C!-- No, Direct access Sir !!! -->",[295],"rel='prettyPhoto'",[],[298],"prettyPhoto",[]]