[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fp9yOK6ereBFrIaCd3nHOvnDnSrXjJ3JIoTo63v6foFs":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":38,"analysis":138,"fingerprints":261},"private-media","Private Media","1.2","Alexandre Froger","https:\u002F\u002Fprofiles.wordpress.org\u002Ffrogerme\u002F","\u003Cp>Ever wanted to make your media truely private? Make sure images, videos and other files are only accessible to chosen roles, or cannot be hotlinked, with permissions specifically set per item.\u003C\u002Fp>\n\u003Cp>This plugin adds the following major features to WordPress:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Media Privacy:\u003C\u002Fstrong> Lock access to items in the Media Library by preventing hotlinks only or by limiting access to files to selected user roles.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User-friendly forbidden handler:\u003C\u002Fstrong> Images set to private do not break on the frontend. Instead, they are replaced by a simple access denied SVG picture – the forbidden handler can be replaced using the filter hooks \u003Ccode>pvtmed_forbidden_response_content\u003C\u002Fcode> (\u003Ccode>apply_filters( 'pvtmed_forbidden_response_content', $forbidden_response_content, $file );\u003C\u002Fcode>) and \u003Ccode>pvtmed_forbidden_mimetype\u003C\u002Fcode> (\u003Ccode>apply_filters( 'pvtmed_forbidden_mimetype', 'image\u002Fsvg+xml' );\u003C\u002Fcode>).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customizable for more granularity:\u003C\u002Fstrong> Restricted media will be checked for autorization – plugin developers can hook into the \u003Ccode>pvtmed_is_authorized\u003C\u002Fcode> filter (\u003Ccode>apply_filters( 'pvtmed_is_authorized', $authorized, $attachment_id );\u003C\u002Fcode>) to apply more complex conditions for authorization.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Optimized private media delivery:\u003C\u002Fstrong> Files with access restriction are served using streams without loading the file entirely in memory before delivery, and WordPress files are loaded as lightly as possible for an optimised server memory usage.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Fallbacks:\u003C\u002Fstrong> Restricted files are kept in an alternate \u003Ccode>wp-content\u002Fpvtmed-uploads\u003C\u002Fcode> folder (or equivalent if \u003Ccode>WP_CONTENT_DIR\u003C\u002Fcode> is not the default) ; fallbacks are in place to make sure:\n\u003Cul>\n\u003Cli>moving a media to private does not break previously embedded media (javascript dynamic fallback with notice on post edit screen – Classic Editor only).  \u003C\u002Fli>\n\u003Cli>deactivating the plugin does not break previously embedded media (database update).  \u003C\u002Fli>\n\u003Cli>deleting the plugin does not break previously embedded media (database update).  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>A \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FMust_Use_Plugins\" rel=\"nofollow ugc\">Must Use Plugin\u003C\u002Fa> \u003Ccode>pvtmed-endpoint-optimizer.php\u003C\u002Fcode> is installed automatically to make sure WordPress is loaded as lightly as possible when requesting restricted media items. Developers can safely edit it to enable their plugin to execute during such request if necessary.\u003C\u002Fp>\n\u003Cp>The media privacy policy is set per media item – therefore, this plugin is not a replacement for general image hotlink prevention plugins, but is ideal for anyone looking for preventing direct links to files depending on specific conditions.\u003C\u002Fp>\n","Add access restrictions to specific items of the WordPress Media Library.",40,2870,100,1,"2019-01-22T12:49:00.000Z","4.9.29","4.9.8","7.0",[20,21,22],"media","private","uploads","https:\u002F\u002Fgithub.com\u002Ffroger-me\u002Fprivate-media\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fprivate-media.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":34,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"frogerme",11,8130,88,110,71,"2026-04-04T13:57:28.749Z",[39,62,83,102,120],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":47,"downloaded":48,"rating":49,"num_ratings":50,"last_updated":51,"tested_up_to":52,"requires_at_least":53,"requires_php":18,"tags":54,"homepage":58,"download_link":59,"security_score":60,"vuln_count":14,"unpatched_count":26,"last_vuln_date":61,"fetched_at":28},"add-from-server","Add From Server","3.4.5","Dion Hulse","https:\u002F\u002Fprofiles.wordpress.org\u002Fdd32\u002F","\u003Cp>This plugin offers limited support. Please do not expect new features or too many bugfixes. Features may be removed at any time.\u003C\u002Fp>\n\u003Cp>Add From Server is designed to help ease the pain of bad web hosts, allowing you to upload files via FTP or SSH and later import them into WordPress.\u003C\u002Fp>\n\u003Cp>This plugin is NOT designed to..\u003Cbr \u002F>\n * Be used as a replacement for the file uploader\u003Cbr \u002F>\n * Be used for migration of websites\u003Cbr \u002F>\n * Re-import your files after moving webhosting\u003Cbr \u002F>\n * Batch import media\u003C\u002Fp>\n\u003Cp>This plugins IS designed to..\u003Cbr \u002F>\n * Import files which are larger than your hosting allows to be uploaded.\u003Cbr \u002F>\n * Import files which are too large for your internet connections upload speed.\u003C\u002Fp>\n\u003Cp>WordPress does a better job of file uploads than this plugin, so please consider your needs before you use it.\u003C\u002Fp>\n\u003Cp>You may also want to look at using WP-CLI for media import purposes:\u003Cbr \u002F>\nhttps:\u002F\u002Fdeveloper.wordpress.org\u002Fcli\u002Fcommands\u002Fmedia\u002Fimport\u002F\u003C\u002Fp>\n","Add From Server is designed to help ease the pain of bad web hosts, allowing you to upload files via FTP or SSH and later import them into WordPress.",70000,1319395,92,239,"2020-12-11T07:32:00.000Z","5.5.18","5.4",[55,56,20,57,22],"admin","import","post","https:\u002F\u002Fdd32.id.au\u002Fwordpress-plugins\u002Fadd-from-server\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadd-from-server.3.4.5.zip",84,"2016-08-08 00:00:00",{"slug":63,"name":64,"version":65,"author":66,"author_profile":67,"description":68,"short_description":69,"active_installs":70,"downloaded":71,"rating":72,"num_ratings":73,"last_updated":74,"tested_up_to":75,"requires_at_least":76,"requires_php":77,"tags":78,"homepage":81,"download_link":82,"security_score":13,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"media-sync","Media Sync","1.4.9","erolsk8","https:\u002F\u002Fprofiles.wordpress.org\u002Ferolsk8\u002F","\u003Cp>This plugin allows you to examine all files within the \u003Ccode>uploads\u003C\u002Fcode> directory to determine which ones are present in the Media Library and which ones are just sitting there unused. You can then choose the files you want to import into the database, thereby including them in the Media Library.\u003C\u002Fp>\n\u003Cp>Moreover, you can utilize FTP to upload files directly to the \u003Ccode>uploads\u003C\u002Fcode> directory and subsequently add these files to the Media Library avoiding any file size limitations.\u003C\u002Fp>\n\u003Ch4>Disclaimers\u003C\u002Fh4>\n\u003Col>\n\u003Cli>\n\u003Cp>“1 file first”\u003Cbr \u002F>\nPlease try to import only one file first – to see if it works as you expected.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>“All at once”\u003Cbr \u002F>\nThis plugin is designed for scanning, selecting, and importing \u003Cstrong>all files at once\u003C\u002Fstrong>. However, based on your server’s configuration, memory, and timeout challenges may arise with extensive file quantities. To mitigate this, a newly revamped \u003Ca href=\"https:\u002F\u002Fmediasyncplugin.com\u002F?utm_source=readme&utm_medium=base_plugin&utm_campaign=aao\" rel=\"nofollow ugc\">pro version\u003C\u002Fa> employs incremental directory scans to effectively tackle these issues.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>“Your setup is unique”\u003Cbr \u002F>\nPlease be aware that every WordPress installation is unique, and there may be instances where this plugin does not function as expected. Should this occur, we recommend enabling the debugging feature in the plugin’s settings to identify the issue. After investigating, kindly provide a detailed description of your findings in the Support section (or \u003Ca href=\"https:\u002F\u002Fusers.freemius.com\u002Fstore\u002F6428\u002Fsupport\" rel=\"nofollow ugc\">here\u003C\u002Fa> if you’re using pro version). The more comprehensive the details, the higher the likelihood of resolving the problem effectively.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Ignored files\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>various hidden files (.DS_Store, .htaccess),\u003C\u002Fli>\n\u003Cli>WP generated thumbnails (files ending with for example -100×100.jpg),\u003C\u002Fli>\n\u003Cli>WP generated scaled images (files ending with -scaled),\u003C\u002Fli>\n\u003Cli>optimized .webp versions of original images (.jpg.webp),\u003C\u002Fli>\n\u003Cli>retina thumbnails (-100×100@2x.jpg).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>These can be modified and enhanced using the new advanced filters available in the \u003Ca href=\"https:\u002F\u002Fmediasyncplugin.com\u002F?utm_source=readme&utm_medium=base_plugin&utm_campaign=df\" rel=\"nofollow ugc\">pro version\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Media Sync Pro features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Revised incremental scan\u003C\u002Fstrong>: Allows scanning and importing unlimited number of files.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Quick single directory rescan\u003C\u002Fstrong>: Easily rescan one directory to find new files or apply a different filter without reloading the whole page.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Advanced filters\u003C\u002Fstrong>: Find any file by customizing all default filters, search for a specific file type (images, videos, etc.), skip by tailor-made rules, or enter any custom pattern.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Schedule automatic imports\u003C\u002Fstrong>: Select a desired interval and let the plugin automatically import any new files it finds.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Import logs\u003C\u002Fstrong>: View the history of manual or scheduled imports.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Limit plugin access\u003C\u002Fstrong>: Limit plugin access to a specific role.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Get \u003Ca href=\"https:\u002F\u002Fmediasyncplugin.com\u002F?utm_source=readme&utm_medium=base_plugin&utm_campaign=pfl\" rel=\"nofollow ugc\">pro version here\u003C\u002Fa>.\u003C\u002Fp>\n","Simple plugin to scan \"uploads\" directory and bring those files into Media Library.",40000,527569,94,82,"2025-11-25T08:11:00.000Z","6.9.4","5.3","7.1",[79,56,20,80,22],"ftp","server","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmedia-sync\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmedia-sync.1.4.9.zip",{"slug":84,"name":85,"version":86,"author":87,"author_profile":88,"description":89,"short_description":90,"active_installs":91,"downloaded":92,"rating":13,"num_ratings":93,"last_updated":94,"tested_up_to":75,"requires_at_least":76,"requires_php":95,"tags":96,"homepage":100,"download_link":101,"security_score":13,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"disable-media-sizes","Disable Media Sizes","2.5","Jeff Starr","https:\u002F\u002Fprofiles.wordpress.org\u002Fspecialk\u002F","\u003Cp>Easily disable any extra image sizes\u003C\u002Fp>\n\u003Cp>This plugin provides options to disable the extra images generated by WordPress.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Options include\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Disable Thumbnail Size\u003C\u002Fli>\n\u003Cli>Disable Medium Size\u003C\u002Fli>\n\u003Cli>Disable Large Size\u003C\u002Fli>\n\u003Cli>Disable Medium Large (768px)\u003C\u002Fli>\n\u003Cli>Disable 1536×1536 Size\u003C\u002Fli>\n\u003Cli>Disable 2048×2048 Size\u003C\u002Fli>\n\u003Cli>Disable Big\u002FScaled Size\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The plugin settings screen does a good job of explaining the different image sizes. Should all be self-explanatory, let me know if anything can be improved.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Lightweight and secure\u003C\u002Fli>\n\u003Cli>Built with the WP API and standards\u003C\u002Fli>\n\u003Cli>Simple to use – anyone can do it\u003C\u002Fli>\n\u003Cli>One-click restore default options\u003C\u002Fli>\n\u003Cli>Easy peasy.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Why is this useful?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fperishablepress.com\u002Fdisable-wordpress-generated-images\u002F\" rel=\"nofollow ugc\">This article\u003C\u002Fa> explains everything you need to know about the “hows” and the “whys” and such.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Important\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Please understand that this plugin:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Does not affect any existing images\u003C\u002Fli>\n\u003Cli>Only works while the plugin is active\u003C\u002Fli>\n\u003Cli>Does not delete any images\u003C\u002Fli>\n\u003Cli>Only prevents WordPress from generating extra sized images\u003C\u002Fli>\n\u003Cli>If all extra sizes are disabled, only original images will be uploaded\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fperishablepress.com\u002Fdisable-wordpress-generated-images\u002F\" rel=\"nofollow ugc\">Learn more\u003C\u002Fa> about the techniques and code used in this plugin.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Privacy\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>This plugin does not collect or store any user data. It does not set any cookies, and it does not connect to any third-party locations. Thus, this plugin does not affect user privacy in any way.\u003C\u002Fp>\n\u003Cp>Disable Media Sizes is developed and maintained by \u003Ca href=\"https:\u002F\u002Fx.com\u002Fperishable\" rel=\"nofollow ugc\">Jeff Starr\u003C\u002Fa>, 15-year \u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002F\" rel=\"nofollow ugc\">WordPress developer\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fbooks.perishablepress.com\u002F\" rel=\"nofollow ugc\">book author\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Support development\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>I develop and maintain this free plugin with love for the WordPress community. To show support, you can \u003Ca href=\"https:\u002F\u002Fmonzillamedia.com\u002Fdonate.html\" rel=\"nofollow ugc\">make a donation\u003C\u002Fa> or purchase one of my books:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwp-tao.com\u002F\" rel=\"nofollow ugc\">The Tao of WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdigwp.com\u002F\" rel=\"nofollow ugc\">Digging into WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fhtaccessbook.com\u002F\" rel=\"nofollow ugc\">.htaccess made easy\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwp-tao.com\u002Fwordpress-themes-book\u002F\" rel=\"nofollow ugc\">WordPress Themes In Depth\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fbooks.perishablepress.com\u002Fdownloads\u002Fwizards-collection-sql-recipes-wordpress\u002F\" rel=\"nofollow ugc\">Wizard’s SQL Recipes for WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>And\u002For purchase one of my premium WordPress plugins:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fbbq-pro\u002F\" rel=\"nofollow ugc\">BBQ Pro\u003C\u002Fa> – Blazing fast WordPress firewall\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fblackhole-pro\u002F\" rel=\"nofollow ugc\">Blackhole Pro\u003C\u002Fa> – Automatically block bad bots\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fbanhammer-pro\u002F\" rel=\"nofollow ugc\">Banhammer Pro\u003C\u002Fa> – Monitor traffic and ban the bad guys\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fga-google-analytics-pro\u002F\" rel=\"nofollow ugc\">GA Google Analytics Pro\u003C\u002Fa> – Connect WordPress to Google Analytics\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fhead-meta-pro\u002F\" rel=\"nofollow ugc\">Head Meta Pro\u003C\u002Fa> – Ultimate Meta Tags for WordPress\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fsimple-ajax-chat-pro\u002F\" rel=\"nofollow ugc\">Simple Ajax Chat Pro\u003C\u002Fa> – Unlimited chat rooms\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fusp-pro\u002F\" rel=\"nofollow ugc\">USP Pro\u003C\u002Fa> – Unlimited front-end forms\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Links, tweets and likes also appreciated. Thank you! 🙂\u003C\u002Fp>\n","Provides options to disable the extra images generated by WordPress.",10000,72308,22,"2026-01-28T23:37:00.000Z","5.6.20",[97,98,99,20,22],"disable","disable-image-sizes","images","https:\u002F\u002Fperishablepress.com\u002Fwordpress-disable-media-sizes\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdisable-media-sizes.2.5.zip",{"slug":103,"name":104,"version":105,"author":106,"author_profile":107,"description":108,"short_description":109,"active_installs":110,"downloaded":111,"rating":112,"num_ratings":93,"last_updated":113,"tested_up_to":75,"requires_at_least":114,"requires_php":115,"tags":116,"homepage":118,"download_link":119,"security_score":13,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"bulk-media-register","Bulk Media Register","1.41","Katsushi Kawamori","https:\u002F\u002Fprofiles.wordpress.org\u002Fkatsushi-kawamori\u002F","\u003Cp>Bulk register files on the server to the Media Library.\u003C\u002Fp>\n\u003Ch4>Register to media library\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Maintain folder structure.\u003C\u002Fli>\n\u003Cli>This create a thumbnail of the image file.\u003C\u002Fli>\n\u003Cli>This create a metadata(Images, Videos, Audios).\u003C\u002Fli>\n\u003Cli>Change the date\u002Ftime.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Sibling plugin\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmoving-media-library\u002F\" rel=\"ugc\">Moving Media Library\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmedia-from-ftp\u002F\" rel=\"ugc\">Media from FTP\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmedia-from-zip\u002F\" rel=\"ugc\">Media from ZIP\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Note\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>If you want to use a multi-byte file name, use UTF-8. The file name is used as the title during registration, but is sanitized and changed to a different file name.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>How it works\u003C\u002Fh4>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FVa92SMlFDxk?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n","Bulk register files on the server to the Media Library.",8000,122281,90,"2025-11-25T21:42:00.000Z","4.6","8.0",[117,79,56,20,22],"files","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbulk-media-register\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbulk-media-register.1.41.zip",{"slug":121,"name":122,"version":123,"author":124,"author_profile":125,"description":126,"short_description":127,"active_installs":128,"downloaded":129,"rating":72,"num_ratings":130,"last_updated":131,"tested_up_to":132,"requires_at_least":133,"requires_php":134,"tags":135,"homepage":136,"download_link":137,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"wp-image-size-limit","WP Image Size Limit","1.0.4","Sean Butze","https:\u002F\u002Fprofiles.wordpress.org\u002Fsbutze\u002F","\u003Cp>Many users do not compress or resize their images before uploading them into a post, and oftentimes WordPress’s maximum upload limit of 2MB-10MB is still too large to prevent the insertion of photos that can signficantly slow down a website.\u003C\u002Fp>\n\u003Cp>WP Image Size Limit allows an administrator to set a custom file size limit that is specific to image files and smaller than WordPress’s general file size limit.\u003C\u002Fp>\n\u003Cp>This is especially useful when you need to put tighter restriction on image uploads but want to preserve the ability to upload larger files of other formats (audio, video, etc.).\u003C\u002Fp>\n","Adds a new setting under Settings -> Media where an admin can set a maximum upload file size for image files.",3000,40407,17,"2017-11-28T19:32:00.000Z","3.6.1","3.3.2","",[99,20,22],"http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fwp-image-size-limit","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-image-size-limit.1.0.4.zip",{"attackSurface":139,"codeSignals":224,"taintFlows":242,"riskAssessment":243,"analyzedAt":260},{"hooks":140,"ajaxHandlers":220,"restRoutes":221,"shortcodes":222,"cronEvents":223,"entryPointCount":26,"unprotectedCount":26},[141,146,151,155,158,160,163,166,171,173,177,181,184,187,191,195,199,202,206,210,213,217],{"type":142,"name":143,"callback":143,"file":144,"line":145},"action","delete_attachment","inc\\class-private-media-attachment-manager.php",35,{"type":147,"name":148,"callback":148,"priority":149,"file":144,"line":150},"filter","add_post_metadata",10,37,{"type":147,"name":152,"callback":153,"file":144,"line":154},"_wp_relative_upload_path","wp_relative_upload_path",38,{"type":147,"name":156,"callback":156,"file":144,"line":157},"get_attached_file",39,{"type":147,"name":159,"callback":159,"file":144,"line":11},"wp_get_attachment_url",{"type":147,"name":161,"callback":161,"file":144,"line":162},"get_image_tag_class",41,{"type":147,"name":164,"callback":164,"priority":149,"file":144,"line":165},"wp_calculate_image_srcset",42,{"type":147,"name":167,"callback":168,"file":169,"line":170},"query_vars","add_query_vars","inc\\class-private-media.php",21,{"type":142,"name":172,"callback":172,"file":169,"line":93},"parse_request",{"type":142,"name":174,"callback":175,"file":169,"line":176},"init","add_endpoints",25,{"type":142,"name":174,"callback":178,"priority":179,"file":169,"line":180},"register_activation_notices",99,26,{"type":142,"name":174,"callback":182,"priority":179,"file":169,"line":183},"maybe_flush",27,{"type":142,"name":174,"callback":185,"priority":149,"file":169,"line":186},"load_textdomain",28,{"type":142,"name":188,"callback":189,"file":169,"line":190},"wp_enqueue_scripts","add_frontend_scripts",29,{"type":142,"name":192,"callback":193,"file":169,"line":194},"wp_tiny_mce_init","add_wp_tiny_mce_init_script",32,{"type":147,"name":196,"callback":197,"file":169,"line":198},"admin_enqueue_scripts","add_admin_scripts",34,{"type":147,"name":200,"callback":201,"priority":149,"file":169,"line":145},"attachment_fields_to_save","attachment_field_settings_save",{"type":147,"name":203,"callback":204,"priority":149,"file":169,"line":205},"attachment_fields_to_edit","attachment_field_settings",36,{"type":142,"name":207,"callback":208,"priority":149,"file":169,"line":209},"admin_notices","setup_mu_plugin_failure_notice",111,{"type":142,"name":207,"callback":211,"priority":149,"file":169,"line":212},"setup_mu_plugin_success_notice",116,{"type":142,"name":214,"callback":215,"priority":149,"file":216,"line":157},"plugins_loaded","pvtmed_run","private-media.php",{"type":142,"name":214,"callback":218,"file":216,"line":219},"closure",44,[],[],[],[],{"dangerousFunctions":225,"sqlUsage":226,"outputEscaping":229,"fileOperations":149,"externalRequests":26,"nonceChecks":26,"capabilityChecks":26,"bundledLibraries":238},[],{"prepared":227,"raw":26,"locations":228},14,[],{"escaped":26,"rawEcho":230,"locations":231},2,[232,236],{"file":233,"line":234,"context":235},"inc\\class-private-media-request-handler.php",169,"raw output",{"file":169,"line":237,"context":235},318,[239],{"name":240,"version":27,"knownCves":241},"TinyMCE",[],[],{"summary":244,"deductions":245},"The \"private-media\" v1.2 plugin exhibits a seemingly strong security posture based on the provided static analysis data. There are no identified entry points to the plugin that are unprotected, and all SQL queries utilize prepared statements, which is an excellent practice for preventing SQL injection vulnerabilities. Furthermore, the absence of any recorded CVEs, especially critical or high-severity ones, suggests a history of secure development or prompt patching of past issues.\n\nHowever, several critical concerns emerge from the code analysis. The complete lack of output escaping for any of the identified outputs is a significant weakness, potentially exposing the site to Cross-Site Scripting (XSS) vulnerabilities if user-supplied data is rendered directly. The presence of file operations without a clear indication of sanitization or security controls also raises a red flag, as it could be a vector for unauthorized file access or manipulation. The absence of nonce checks and capability checks, especially in conjunction with file operations and the lack of output escaping, creates a concerning situation where actions might be performed without proper authorization or validation.\n\nWhile the plugin has a clean vulnerability history and follows good practices regarding SQL queries and attack surface management, the identified gaps in output escaping and the potential risks associated with file operations, coupled with a lack of authorization checks for potentially sensitive functions, indicate a moderate to high risk. The absence of taint analysis results showing zero unsanitized paths might be due to the limited scope of the analysis or the specific code paths examined, but the other identified code signals warrant caution. The overall security is compromised by the lack of basic output sanitization and potential unvalidated file operations.",[246,249,252,255,257],{"reason":247,"points":248},"No output escaping",8,{"reason":250,"points":251},"File operations without apparent checks",7,{"reason":253,"points":254},"No nonce checks",6,{"reason":256,"points":254},"No capability checks",{"reason":258,"points":259},"Bundled library (TinyMCE) potentially outdated",3,"2026-03-16T22:15:12.368Z",{"wat":262,"direct":275},{"assetPaths":263,"generatorPatterns":268,"scriptPaths":269,"versionParams":270},[264,265,266,267],"\u002Fwp-content\u002Fplugins\u002Fprivate-media\u002Fassets\u002Fcss\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Fprivate-media\u002Fassets\u002Fcss\u002Ffrontend.css","\u002Fwp-content\u002Fplugins\u002Fprivate-media\u002Fassets\u002Fjs\u002Fadmin.js","\u002Fwp-content\u002Fplugins\u002Fprivate-media\u002Fassets\u002Fjs\u002Ffrontend.js",[],[266,267],[271,272,273,274],"private-media\u002Fassets\u002Fcss\u002Fadmin.css?ver=","private-media\u002Fassets\u002Fcss\u002Ffrontend.css?ver=","private-media\u002Fassets\u002Fjs\u002Fadmin.js?ver=","private-media\u002Fassets\u002Fjs\u002Ffrontend.js?ver=",{"cssClasses":276,"htmlComments":280,"htmlAttributes":281,"restEndpoints":283,"jsGlobals":284,"shortcodeOutput":287},[277,278,279],"pvtmed-settings-wrapper","pvtmed-roles-selector","pvtmed-role-field",[],[282],"data-pvtmed-attachment-id",[],[285,286],"pvtmed_admin","pvtmed_frontend",[]]