[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fy2c_PQDokM7P8KIAYPxsHsIP_A0zhfveHSeulKI62FA":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":9,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":45,"crawl_stats":36,"alternatives":51,"analysis":143,"fingerprints":213},"seo-for-images","SEO For Images","1.0.0","kasonzhao","https:\u002F\u002Fprofiles.wordpress.org\u002Fkasonzhao\u002F","","Imporve your images ranking by insert\u002Famend alt and title text, generate solid traffic from search enigine.",70,5212,74,3,"2013-04-17T05:55:00.000Z","3.5.2","3.2",[19,20,21,22,23],"admin","google-seo","images","post","seo","http:\u002F\u002Fwww.sdssssa.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fseo-for-images.zip",63,1,"2025-08-25 00:00:00","2026-03-15T15:16:48.613Z",[31],{"id":32,"url_slug":33,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":36,"severity":38,"cvss_score":39,"cvss_vector":40,"vuln_type":41,"published_date":28,"updated_date":42,"references":43,"days_to_patch":36},"CVE-2025-48307","seo-for-images-cross-site-request-forgery","SEO For Images \u003C= 1.0.0 - Cross-Site Request Forgery","The SEO For Images plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.0. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to perform an unauthorized action granted they can trick a site administrator into performing an action such as clicking on a link.",null,"\u003C=1.0.0","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Cross-Site Request Forgery (CSRF)","2025-09-03 19:59:59",[44],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Ffcddcf58-7fb7-4fe9-8353-5ec62c5c16d1?source=api-prod",{"slug":7,"display_name":7,"profile_url":8,"plugin_count":46,"total_installs":47,"avg_security_score":13,"avg_patch_time_days":48,"trust_score":49,"computed_at":50},2,120,30,76,"2026-04-04T18:43:01.009Z",[52,74,94,112,126],{"slug":53,"name":54,"version":55,"author":56,"author_profile":57,"description":58,"short_description":59,"active_installs":60,"downloaded":61,"rating":62,"num_ratings":63,"last_updated":64,"tested_up_to":65,"requires_at_least":66,"requires_php":9,"tags":67,"homepage":69,"download_link":70,"security_score":71,"vuln_count":27,"unpatched_count":72,"last_vuln_date":73,"fetched_at":29},"seo-image","SEO Friendly Images","3.0.5","Vladimir Prelovac","https:\u002F\u002Fprofiles.wordpress.org\u002Ffreediver\u002F","\u003Cp>SEO Friendly Images is a WordPress SEO plugin which automatically updates all images with proper ALT and TITLE attributes for SEO purposes. If your images do not have ALT and TITLE already set, SEO Friendly Images will add them according the options you set. Additionally this makes the post W3C\u002FxHTML valid as well.\u003C\u002Fp>\n\u003Cp>ALT attribute is important part of search engine optimization. It describes your images to search engine and when a user searches for a certain image this is a key determining factor for a match.\u003C\u002Fp>\n\u003Cp>TITLE attribute play lesser role but is important for visitors as this text will automatically appear in the tooltip when mouse is over the image.\u003C\u002Fp>\n\u003Cp>Plugin by \u003Ca href=\"http:\u002F\u002Fwww.prelovac.com\u002Fvladimir\u002F\" title=\"Vladimir Prelovac\" rel=\"nofollow ugc\">Vladimir Prelovac\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>If you like what I do in WordPress, you will also like the \u003Ca href=\"https:\u002F\u002Fmanagewp.com\" title=\"Manage WordPress sites\" rel=\"nofollow ugc\">ManageWP\u003C\u002Fa> service.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This file is part of SEO Friendly Images.\u003C\u002Fp>\n\u003Cp>SEO Friendly Images is free software: you can redistribute it and\u002For modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.\u003C\u002Fp>\n\u003Cp>SEO Friendly Images is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.\u003C\u002Fp>\n\u003Cp>You should have received a copy of the GNU General Public License along with SEO Friendly Images. If not, see \u003Ca href=\"http:\u002F\u002Fwww.gnu.org\u002Flicenses\u002F\" rel=\"nofollow ugc\">http:\u002F\u002Fwww.gnu.org\u002Flicenses\u002F\u003C\u002Fa>.\u003C\u002Fp>\n","SEO Friendly Images automatically adds alt and title attributes to all your images improving traffic from search engines.",20000,1887523,60,59,"2017-11-28T03:19:00.000Z","4.1.42","2.7",[19,68,21,22,23],"google","http:\u002F\u002Fwww.prelovac.com\u002Fvladimir\u002Fwordpress-plugins\u002Fseo-friendly-images","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fseo-image.zip",85,0,"2015-01-03 00:00:00",{"slug":75,"name":76,"version":77,"author":78,"author_profile":79,"description":80,"short_description":81,"active_installs":82,"downloaded":83,"rating":84,"num_ratings":85,"last_updated":86,"tested_up_to":87,"requires_at_least":88,"requires_php":9,"tags":89,"homepage":92,"download_link":93,"security_score":71,"vuln_count":72,"unpatched_count":72,"last_vuln_date":36,"fetched_at":29},"require-featured-image","Require Featured Image","1.5.0","pressupinc","https:\u002F\u002Fprofiles.wordpress.org\u002Fpressupinc\u002F","\u003Ch4>Simplify Your Editing Life\u003C\u002Fh4>\n\u003Cp>Requires your various post types — as specified in a simple options page — to have a featured image set before they can be published. If a lack of featured images causes your layout to break, or just look less-than-optimal, this is the plugin for you.\u003C\u002Fp>\n\u003Cp>Rather than forcing you to manually enforce your editorial standards of including a featured image in every post, if your contributors fail to add a featured image to a post before publishing it they’ll simply find it impossible to publish.\u003C\u002Fp>\n\u003Ch4>Setting up the Plugin\u003C\u002Fh4>\n\u003Cp>By default it works on the “Post” content type only, but you can specify other content types, or turn it off for Posts in the new options page in your left sidebar: Settings > Req Featured Image. Simply check and uncheck the appropriate types, set a minimum image size if you desire, hit save and you’re all set. Happy publishing!\u003C\u002Fp>\n\u003Ch4>Anything else?\u003C\u002Fh4>\n\u003Cp>Don’t forget to check out \u003Ca href=\"http:\u002F\u002Fpressupinc.com\u002Fwordpress-plugins\u002Frequire-featured-image\u002F\" rel=\"nofollow ugc\">the plugins page on our website\u003C\u002Fa>, and don’t hesitate to \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fpressupinc\u002Frequire-featured-image\" rel=\"nofollow ugc\">browse and fork on GitHub\u003C\u002Fa>. Have a unique WordPress project you need help on? \u003Ca href=\"http:\u002F\u002Fpressupinc.com\u002Fcontact\u002F\" rel=\"nofollow ugc\">Get in touch with Press Up\u003C\u002Fa> to set yourself up for success.\u003C\u002Fp>\n","Requires content you specify to have a featured image set before they can be published.",4000,96012,78,16,"2019-12-17T23:32:00.000Z","5.3.21","3.5",[19,90,91,21,22],"edit","featured-image","http:\u002F\u002Fpressupinc.com\u002Fwordpress-plugins\u002Frequire-featured-image\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frequire-featured-image.1.5.0.zip",{"slug":95,"name":96,"version":6,"author":97,"author_profile":98,"description":99,"short_description":100,"active_installs":101,"downloaded":102,"rating":103,"num_ratings":104,"last_updated":105,"tested_up_to":9,"requires_at_least":106,"requires_php":9,"tags":107,"homepage":110,"download_link":111,"security_score":71,"vuln_count":72,"unpatched_count":72,"last_vuln_date":36,"fetched_at":29},"custom-header-extended","Custom Header Extended","Justin Tadlock","https:\u002F\u002Fprofiles.wordpress.org\u002Fgreenshady\u002F","\u003Cp>A plugin for allowing users to set a custom header on a per-post basis. This plugin hooks into the WordPress \u003Ccode>custom-header\u003C\u002Fcode> theme feature and overwrites the values on single post views if the post has been given a custom header.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cp>This plugin creates a custom meta box on the edit post screen. From that point, you can select a custom header image.  You can also select whether to display your header text and its color if your theme supports that option.  The options you choose will be shown on the single post page on the front end.\u003C\u002Fp>\n\u003Ch3>Requirements\u003C\u002Fh3>\n\u003Cp>Your theme must support the core WordPress implementation of the \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FCustom_Headers\" rel=\"nofollow ugc\">Custom Headers\u003C\u002Fa> theme feature.\u003C\u002Fp>\n\u003Ch3>Professional Support\u003C\u002Fh3>\n\u003Cp>If you need professional plugin support from me, the plugin author, you can access the support forums at \u003Ca href=\"http:\u002F\u002Fthemehybrid.com\u002Fsupport\" rel=\"nofollow ugc\">Theme Hybrid\u003C\u002Fa>, which is a professional WordPress help\u002Fsupport site where I handle support for all my plugins and themes for a community of 40,000+ users (and growing).\u003C\u002Fp>\n\u003Ch3>Plugin Development\u003C\u002Fh3>\n\u003Cp>If you’re a plugin author or just a code hobbyist, you can follow the development of this plugin on it’s \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fjustintadlock\u002Fcustom-header-extended\" rel=\"nofollow ugc\">GitHub repository\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Donations\u003C\u002Fh3>\n\u003Cp>Yes, I do accept donations.  If you want to buy me a beer or whatever, you can do so from my \u003Ca href=\"http:\u002F\u002Fthemehybrid.com\u002Fdonate\" rel=\"nofollow ugc\">donations page\u003C\u002Fa>.  I appreciate all donations, no matter the size.  Further development of this plugin is not contingent on donations, but they are always a nice incentive.\u003C\u002Fp>\n","Allows users to create a custom header on a per-post basis.",1000,61125,100,12,"2017-11-28T21:10:00.000Z","3.6",[19,108,21,22,109],"image","posts","http:\u002F\u002Fthemehybrid.com\u002Fplugins\u002Fcustom-header-extended","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustom-header-extended.1.0.0.zip",{"slug":113,"name":114,"version":115,"author":97,"author_profile":98,"description":116,"short_description":117,"active_installs":118,"downloaded":119,"rating":103,"num_ratings":120,"last_updated":121,"tested_up_to":122,"requires_at_least":106,"requires_php":9,"tags":123,"homepage":124,"download_link":125,"security_score":71,"vuln_count":72,"unpatched_count":72,"last_vuln_date":36,"fetched_at":29},"custom-background-extended","Custom Background Extended","0.1.0","\u003Cp>A plugin for allowing users to set a custom background on a per-post basis.  This plugin hooks into the WordPress \u003Ccode>custom-background\u003C\u002Fcode> theme feature and overwrites the values on single post views if the post has been given a custom background.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cp>This plugin creates a custom meta box on the edit post screen.  From that point, you can select a custom color and\u002For image.  If you select an image, you’ll be presented with additional options for how the image appears on the site.\u003C\u002Fp>\n\u003Ch3>Requirements\u003C\u002Fh3>\n\u003Cp>Your theme must support the core WordPress implementation of the \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FCustom_Backgrounds\" rel=\"nofollow ugc\">Custom Backgrounds\u003C\u002Fa> theme feature.\u003C\u002Fp>\n","Allows users to create a custom background on a per-post basis.",900,29060,10,"2013-09-27T08:28:00.000Z","3.7.41",[19,108,21,22,109],"http:\u002F\u002Fthemehybrid.com\u002Fplugins\u002Fcustom-background-extended","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustom-background-extended.0.1.0.zip",{"slug":127,"name":128,"version":129,"author":56,"author_profile":57,"description":130,"short_description":131,"active_installs":132,"downloaded":133,"rating":134,"num_ratings":135,"last_updated":136,"tested_up_to":137,"requires_at_least":138,"requires_php":9,"tags":139,"homepage":141,"download_link":142,"security_score":71,"vuln_count":72,"unpatched_count":72,"last_vuln_date":36,"fetched_at":29},"insights","Insights","1.0.8","\u003Cp>Insights brings a powerful new way to write your blog posts. It increases productivity and at the same time quality of your posts.\u003C\u002Fp>\n\u003Cp>Insights performs following functions in real-time:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Interlink your posts\u003C\u002Fli>\n\u003Cli>Insert Flickr images\u003C\u002Fli>\n\u003Cli>Insert Youtube videos\u003C\u002Fli>\n\u003Cli>Search Wikipedia\u003C\u002Fli>\n\u003Cli>Search Google\u003C\u002Fli>\n\u003Cli>Search Google News\u003C\u002Fli>\n\u003Cli>Google Blog Search\u003C\u002Fli>\n\u003Cli>Google Book Search\u003C\u002Fli>\n\u003Cli>Insert a Google Map\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Check the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Finsights\u002Fscreenshots\u002F\" rel=\"ugc\">screenshots\u003C\u002Fa> for more examples of usage.\u003C\u002Fp>\n\u003Cp>Insights allows you to do all this using dynamic AJAX interface which loads the relevant information to your post in just a few seconds.\u003C\u002Fp>\n\u003Cp>Plugin by Vladimir Prelovac. Also check out \u003Ca href=\"https:\u002F\u002Fmanagewp.com\" rel=\"nofollow ugc\">ManageWP\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>The ideas for a quickly accessible Google Maps solution came from \u003Ca href=\"http:\u002F\u002Flabs.mozilla.com\u002Fprojects\u002Fubiquity\u002F\" rel=\"nofollow ugc\">Ubiquity\u003C\u002Fa> plugin for Firefox, which is just pure coolness.\u003C\u002Fp>\n\u003Cp>Thanks.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This file is part of Insights.\u003C\u002Fp>\n\u003Cp>Insights is free software: you can redistribute it and\u002For modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.\u003C\u002Fp>\n\u003Cp>Insights is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.\u003C\u002Fp>\n\u003Cp>You should have received a copy of the GNU General Public License along with Insights. If not, see \u003Ca href=\"http:\u002F\u002Fwww.gnu.org\u002Flicenses\u002F\" rel=\"nofollow ugc\">http:\u002F\u002Fwww.gnu.org\u002Flicenses\u002F\u003C\u002Fa>.\u003C\u002Fp>\n","Insights allows you to quickly access and insert information (links, images, videos, maps..) into your blog posts.",300,150073,96,5,"2014-12-22T09:10:00.000Z","4.2.39","2.3",[19,68,21,140,109],"links","http:\u002F\u002Fwww.prelovac.com\u002Fvladimir\u002Fwordpress-plugins\u002Finsights","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Finsights.zip",{"attackSurface":144,"codeSignals":165,"taintFlows":175,"riskAssessment":204,"analyzedAt":212},{"hooks":145,"ajaxHandlers":161,"restRoutes":162,"shortcodes":163,"cronEvents":164,"entryPointCount":72,"unprotectedCount":72},[146,152,157],{"type":147,"name":148,"callback":149,"file":150,"line":151},"action","admin_menu","seo_for_images_add_pages","seo-for-images.php",213,{"type":153,"name":154,"callback":155,"priority":103,"file":150,"line":156},"filter","the_content","seo_for_images",328,{"type":147,"name":158,"callback":159,"file":150,"line":160},"plugins_loaded","seo_for_images_install",349,[],[],[],[],{"dangerousFunctions":166,"sqlUsage":167,"outputEscaping":169,"fileOperations":72,"externalRequests":72,"nonceChecks":72,"capabilityChecks":72,"bundledLibraries":174},[],{"prepared":72,"raw":72,"locations":168},[],{"escaped":72,"rawEcho":27,"locations":170},[171],{"file":150,"line":172,"context":173},64,"raw output",[],[176,196],{"entryPoint":177,"graph":178,"unsanitizedCount":194,"severity":195},"seo_for_images_options_page (seo-for-images.php:24)",{"nodes":179,"edges":191},[180,185],{"id":181,"type":182,"label":183,"file":150,"line":184},"n0","source","$_POST (x4)",32,{"id":186,"type":187,"label":188,"file":150,"line":189,"wp_function":190},"n1","sink","update_option() [Settings Manipulation]",36,"update_option",[192],{"from":181,"to":186,"sanitized":193},false,4,"low",{"entryPoint":197,"graph":198,"unsanitizedCount":194,"severity":195},"\u003Cseo-for-images> (seo-for-images.php:0)",{"nodes":199,"edges":202},[200,201],{"id":181,"type":182,"label":183,"file":150,"line":184},{"id":186,"type":187,"label":188,"file":150,"line":189,"wp_function":190},[203],{"from":181,"to":186,"sanitized":193},{"summary":205,"deductions":206},"The 'seo-for-images' plugin version 1.0.0 presents a mixed security posture.  On the positive side, the static analysis reveals no dangerous functions, all SQL queries use prepared statements, and there are no identified file operations or external HTTP requests.  Furthermore, the attack surface appears very small with no exposed AJAX handlers, REST API routes, shortcodes, or cron events that are not protected by authentication or permission checks.\n\nHowever, significant concerns arise from the output escaping and vulnerability history.  The fact that 100% of the single identified output is not properly escaped is a considerable risk, potentially leading to Cross-Site Scripting (XSS) vulnerabilities.  Compounding this, the plugin has a history of one known medium-severity vulnerability, specifically Cross-Site Request Forgery (CSRF), which is currently unpatched. This indicates a pattern of security oversights and a lack of timely remediation for discovered issues.\n\nIn conclusion, while the plugin has strengths in its minimal attack surface and secure handling of database operations, the unescaped output and the presence of an unpatched medium-severity CSRF vulnerability are critical weaknesses.  Users should exercise caution, and the developers should prioritize addressing the output escaping and the existing CVE.",[207,210],{"reason":208,"points":209},"Unpatched medium severity CVE",18,{"reason":211,"points":135},"Output not properly escaped","2026-03-16T21:34:17.160Z",{"wat":214,"direct":221},{"assetPaths":215,"generatorPatterns":218,"scriptPaths":219,"versionParams":220},[216,217],"\u002Fwp-content\u002Fplugins\u002Fseo-for-images\u002Fi","\u002Fwp-content\u002Fplugins\u002Fseo-for-images\u002Fimgs\u002Fsettings.png",[],[],[],{"cssClasses":222,"htmlComments":224,"htmlAttributes":225,"restEndpoints":242,"jsGlobals":243,"shortcodeOutput":245},[223],"sfi_sidebar",[],[226,227,228,229,230,231,232,233,234,235,236,237,238,239,240,241],"name=\"sfiform\"","id=\"alt_text\"","name=\"alttext\"","id=\"title_text\"","name=\"titletext\"","id=\"check1\"","name=\"override\"","id=\"check2\"","name=\"override_title\"","id=\"demo_alt_return\"","id=\"demo_title_return\"","id=\"demo_Title\"","id=\"demo_Category\"","id=\"demo_Tags\"","id=\"demo_name\"","id=\"demo_alt\"",[],[244],"sfi_plugin_url",[]]