[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fQmGDULOwshg2teYbU_ruRJIKVM02xvTs_5P3sw5eX-M":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":39,"analysis":134,"fingerprints":299},"sidebar-photoblog","Sidebar Photoblog","2.06","Hassan1","https:\u002F\u002Fprofiles.wordpress.org\u002Fhassan1\u002F","\u003Cp>There are several photo blog plug-in for WordPress. Most of them assume that you are a professional photographer who makes lots of money via his\u002Fher camera.\u003C\u002Fp>\n\u003Cp>Sidebar Photo blog does not use lots of server resources and doesn’t have any confusing options.  It uses WordPress functions to get maximum compatibility and flexibility.\u003C\u002Fp>\n\u003Cp>New Features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli> Slideshow\u003C\u002Fli>\n\u003Cli> Ability to show random photos\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Sidebar Photo blog is simple, light and easy to use. It also has some nice effects, a simple slideshow, ability to show random photos and an archive page for your pictures.\u003C\u002Fp>\n\u003Cp>To learn how to add your photos please see \u003Ca href=\"http:\u002F\u002Fwpwave.com\u002Fplugins\u002Fsidebar-photoblog\u002F\" rel=\"nofollow ugc\">plugin URL\u003C\u002Fa>. It’s easy!\u003C\u002Fp>\n\u003Cp>Languages:\u003Cbr \u002F>\n    Persian by     \u003Ca href=\"http:\u002F\u002Fcyberia.ir\" rel=\"nofollow ugc\">Cyberia\u003C\u002Fa>\u003Cbr \u002F>\n    Russian by     \u003Ca href=\"http:\u002F\u002Fwww.fatcow.com\" rel=\"nofollow ugc\">Fatcow\u003C\u002Fa>\u003Cbr \u002F>\n    French by      \u003Ca href=\"http:\u002F\u002Fwww.wolforg.eu\" rel=\"nofollow ugc\">Wolforg\u003C\u002Fa>\u003Cbr \u002F>\n    Turkish by     \u003Ca href=\"http:\u002F\u002Fwww.dmry.net\" rel=\"nofollow ugc\">Hakan Demiray\u003C\u002Fa>\u003Cbr \u002F>\n        Belorussian by \u003Ca href=\"http:\u002F\u002Fantsar.info\" rel=\"nofollow ugc\">ilyuha\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>To add your own language contact us.\u003C\u002Fp>\n","An easy to use photoblog plugin helps you to share your daily photos on your sidebar. With slideshow, photo archive, nice effects and ability to show  &hellip;",70,45006,80,1,"2010-03-21T17:39:00.000Z","2.9.2","2.7","",[20,21,22,23,24],"image","images","photo","photoblog","widget","http:\u002F\u002Fwpwave.com\u002Fplugins\u002Fsidebar-photoblog\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsidebar-photoblog.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":27,"avg_patch_time_days":36,"trust_score":37,"computed_at":38},"hassan1",4,100,30,84,"2026-04-04T13:59:05.147Z",[40,64,81,100,116],{"slug":41,"name":42,"version":43,"author":44,"author_profile":45,"description":46,"short_description":47,"active_installs":48,"downloaded":49,"rating":50,"num_ratings":51,"last_updated":52,"tested_up_to":53,"requires_at_least":54,"requires_php":18,"tags":55,"homepage":59,"download_link":60,"security_score":61,"vuln_count":62,"unpatched_count":62,"last_vuln_date":63,"fetched_at":30},"import-external-attachments","Import external attachments","1.5.12","ryanpcmcquen","https:\u002F\u002Fprofiles.wordpress.org\u002Fryanpcmcquen\u002F","\u003Cp>Makes local copies of all the linked images and pdfs in a post, adding them as gallery attachments.\u003C\u002Fp>\n\u003Cp>Source & support:\u003C\u002Fp>\n\u003Cp>https:\u002F\u002Fgithub.com\u002Fryanpcmcquen\u002Fimport-external-attachments\u003C\u002Fp>\n\u003Ch4>Credits\u003C\u002Fh4>\n\u003Cp>This plugin is based on the work done in the “Import External Images” plugin by MartyThornley.\u003C\u002Fp>\n\u003Cp>https:\u002F\u002Fgithub.com\u002FMartyThornley\u003C\u002Fp>\n\u003Cp>HTTPS support added by IvanDoomer:\u003Cbr \u002F>\nhttps:\u002F\u002Fgithub.com\u002FIvanDoomer\u003C\u002Fp>\n\u003Cp>PDF support added by bengreeley:\u003Cbr \u002F>\nhttps:\u002F\u002Fgithub.com\u002Fbengreeley\u003C\u002Fp>\n\u003Cp>Most of the JavaScript was rewritten from the original plugin, to reduce the\u003Cbr \u002F>\nnumber of global variables.\u003C\u002Fp>\n","Makes local copies of all the linked images and pdfs in a post, adding them as gallery attachments.",2000,24175,86,26,"2017-02-24T14:39:00.000Z","4.4.34","3.2",[56,57,21,22,58],"attachments","gallery","photobloggers","https:\u002F\u002Fgithub.com\u002Fryanpcmcquen\u002Fimport-external-attachments","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fimport-external-attachments.zip",41,2,"2025-12-14 00:00:00",{"slug":65,"name":66,"version":67,"author":68,"author_profile":69,"description":70,"short_description":71,"active_installs":13,"downloaded":72,"rating":35,"num_ratings":14,"last_updated":73,"tested_up_to":74,"requires_at_least":75,"requires_php":18,"tags":76,"homepage":79,"download_link":80,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"ci-image-widget","The Image Widget","1.0.1","Nik","https:\u002F\u002Fprofiles.wordpress.org\u002Fnvourva\u002F","\u003Cp>Using this simple image widget you can display a clickable image in any sidebar.\u003C\u002Fp>\n\u003Cp>You can set the image to link to a URL of your choice or make it pop-up in a lightbox.\u003C\u002Fp>\n\u003Cp>The widget uses WordPress\\’ built in media manager to provide you with a familiar interface for image upload\u002Fselection.\u003C\u002Fp>\n\u003Cp>You can select the widget\\’s image size from the available drop-down menu which lists all available WordPress default image sizes.\u003C\u002Fp>\n","A simple image widget that allows you to display an image in any sidebar. The image can either link to another page or it can pop out in a lightbox.",4468,"2023-11-13T08:32:00.000Z","6.4.8","4.4",[77,21,78,24],"image-widget","photo-widget","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fci-image-widget\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fci-image-widget.1.0.1.zip",{"slug":82,"name":83,"version":84,"author":85,"author_profile":86,"description":87,"short_description":88,"active_installs":89,"downloaded":90,"rating":35,"num_ratings":14,"last_updated":91,"tested_up_to":92,"requires_at_least":93,"requires_php":18,"tags":94,"homepage":98,"download_link":99,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"flickr-me","Flickr Me","1.0.6","Erik Ford","https:\u002F\u002Fprofiles.wordpress.org\u002Fwearepixel8\u002F","\u003Cp>With Flickr Me, you can add Flickr feeds, from an individual account or group, to your widget ready areas. Once installed and activated the widget is an easy to manage, out of box solution for displaying a Flickr gallery of images. Each photo, in the feed, will link to its Flickr permalink and you can optionally set to display the title when stacking images.\u003C\u002Fp>\n","Add Flickr feeds to your widget ready areas.",40,6088,"2016-05-02T15:14:00.000Z","4.5.33","3.1",[95,21,96,97,24],"flickr","photos","sidebar","http:\u002F\u002Fheavyheavy.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fflickr-me.zip",{"slug":101,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":108,"downloaded":109,"rating":28,"num_ratings":28,"last_updated":110,"tested_up_to":111,"requires_at_least":18,"requires_php":18,"tags":112,"homepage":114,"download_link":115,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"photoblog-image-fixer","PhotoBlog Image Fixer","1.4","MartyThornley","https:\u002F\u002Fprofiles.wordpress.org\u002Fmartythornley\u002F","\u003Cp>PhotoBlog Image Fixer allows better image sizing and removes those ugly squished images when you accidently upload a larger image.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Removes the inline height dimension added by the WordPress content filter.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Adds class names to the automatically generated p tags that wrap each image as well as the image itself.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Adds a quick line of CSS to the page making images in a p tag have a max-width of 100% of the containing element\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","PhotoBlog Image Fixer allows better image sizing ensuring that the largest possible image is 100% of the post area, without extending past the edges.",10,3002,"2014-10-17T23:39:00.000Z","4.0.38",[113,21,23],"image-p-tags-autop","http:\u002F\u002Fphotographyblogsites.com\u002Fresources\u002Fwordpress-plugins\u002Fphotoblog-image-fixer","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fphotoblog-image-fixer.zip",{"slug":117,"name":117,"version":118,"author":18,"author_profile":119,"description":120,"short_description":121,"active_installs":108,"downloaded":122,"rating":123,"num_ratings":124,"last_updated":125,"tested_up_to":126,"requires_at_least":127,"requires_php":18,"tags":128,"homepage":132,"download_link":133,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"wp2flickr","0.15","https:\u002F\u002Fprofiles.wordpress.org\u002Ffsimo\u002F","\u003Cp>Uploads photos from WordPress posts to Flickr.\u003Cbr \u002F>\nIt works with standard WordPress media and with YAPB plugin (recomended).\u003Cbr \u002F>\nPerfect for photoblogging.\u003C\u002Fp>\n\u003Ch4>Typical usage\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Anytime you publish a new post it will be uploaded to flickr.\u003C\u002Fli>\n\u003C\u002Ful>\n","Uploads photos from WordPress posts to Flickr. It works with standard Wordpress media and with YAPB plugin (recomended).",3768,20,3,"2014-12-15T16:49:00.000Z","3.9.40","3.8",[21,129,130,23,131],"photo-blog","photo-blogging","yapb","http:\u002F\u002Fwp2flickr.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp2flickr.zip",{"attackSurface":135,"codeSignals":160,"taintFlows":218,"riskAssessment":285,"analyzedAt":298},{"hooks":136,"ajaxHandlers":152,"restRoutes":153,"shortcodes":154,"cronEvents":159,"entryPointCount":14,"unprotectedCount":28},[137,143,147],{"type":138,"name":139,"callback":140,"file":141,"line":142},"action","wp_head","sphoto_header","sidebar-photoblog.php",498,{"type":138,"name":144,"callback":145,"file":141,"line":146},"plugins_loaded","widget_sphoto_init",499,{"type":148,"name":149,"callback":150,"file":141,"line":151},"filter","wp_list_categories","sphoto_list_categories",551,[],[],[155],{"tag":156,"callback":157,"file":141,"line":158},"sphoto_archive","sphoto_archive_page",114,[],{"dangerousFunctions":161,"sqlUsage":162,"outputEscaping":165,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":217},[],{"prepared":163,"raw":28,"locations":164},5,[],{"escaped":28,"rawEcho":166,"locations":167},29,[168,171,173,175,177,179,181,183,185,187,189,190,191,192,193,194,196,198,200,202,204,205,206,207,208,209,211,213,215],{"file":141,"line":169,"context":170},187,"raw output",{"file":141,"line":172,"context":170},192,{"file":141,"line":174,"context":170},200,{"file":141,"line":176,"context":170},205,{"file":141,"line":178,"context":170},206,{"file":141,"line":180,"context":170},209,{"file":141,"line":182,"context":170},266,{"file":141,"line":184,"context":170},272,{"file":141,"line":186,"context":170},273,{"file":141,"line":188,"context":170},311,{"file":141,"line":188,"context":170},{"file":141,"line":188,"context":170},{"file":141,"line":188,"context":170},{"file":141,"line":188,"context":170},{"file":141,"line":188,"context":170},{"file":141,"line":195,"context":170},334,{"file":141,"line":197,"context":170},335,{"file":141,"line":199,"context":170},336,{"file":141,"line":201,"context":170},337,{"file":141,"line":203,"context":170},373,{"file":141,"line":203,"context":170},{"file":141,"line":203,"context":170},{"file":141,"line":203,"context":170},{"file":141,"line":203,"context":170},{"file":141,"line":203,"context":170},{"file":141,"line":210,"context":170},378,{"file":141,"line":212,"context":170},379,{"file":141,"line":214,"context":170},380,{"file":141,"line":216,"context":170},444,[],[219,257,268],{"entryPoint":220,"graph":221,"unsanitizedCount":255,"severity":256},"widget_sphoto_init (sidebar-photoblog.php:116)",{"nodes":222,"edges":249},[223,228,234,236,240,243,247],{"id":224,"type":225,"label":226,"file":141,"line":227},"n0","source","$_POST (x2)",161,{"id":229,"type":230,"label":231,"file":141,"line":232,"wp_function":233},"n1","sink","update_option() [Settings Manipulation]",165,"update_option",{"id":235,"type":225,"label":226,"file":141,"line":227},"n2",{"id":237,"type":230,"label":238,"file":141,"line":176,"wp_function":239},"n3","echo() [XSS]","echo",{"id":241,"type":225,"label":226,"file":141,"line":242},"n4",270,{"id":244,"type":245,"label":246,"file":141,"line":242},"n5","transform","→ print_sphoto()",{"id":248,"type":230,"label":238,"file":141,"line":203,"wp_function":239},"n6",[250,252,253,254],{"from":224,"to":229,"sanitized":251},false,{"from":235,"to":237,"sanitized":251},{"from":241,"to":244,"sanitized":251},{"from":244,"to":248,"sanitized":251},6,"medium",{"entryPoint":258,"graph":259,"unsanitizedCount":34,"severity":256},"widget_sphoto_control (sidebar-photoblog.php:119)",{"nodes":260,"edges":265},[261,262,263,264],{"id":224,"type":225,"label":226,"file":141,"line":227},{"id":229,"type":230,"label":231,"file":141,"line":232,"wp_function":233},{"id":235,"type":225,"label":226,"file":141,"line":227},{"id":237,"type":230,"label":238,"file":141,"line":176,"wp_function":239},[266,267],{"from":224,"to":229,"sanitized":251},{"from":235,"to":237,"sanitized":251},{"entryPoint":269,"graph":270,"unsanitizedCount":108,"severity":256},"\u003Csidebar-photoblog> (sidebar-photoblog.php:0)",{"nodes":271,"edges":280},[272,273,274,276,277,278,279],{"id":224,"type":225,"label":226,"file":141,"line":227},{"id":229,"type":230,"label":231,"file":141,"line":232,"wp_function":233},{"id":235,"type":225,"label":275,"file":141,"line":227},"$_POST (x6)",{"id":237,"type":230,"label":238,"file":141,"line":176,"wp_function":239},{"id":241,"type":225,"label":226,"file":141,"line":242},{"id":244,"type":245,"label":246,"file":141,"line":242},{"id":248,"type":230,"label":238,"file":141,"line":203,"wp_function":239},[281,282,283,284],{"from":224,"to":229,"sanitized":251},{"from":235,"to":237,"sanitized":251},{"from":241,"to":244,"sanitized":251},{"from":244,"to":248,"sanitized":251},{"summary":286,"deductions":287},"The \"sidebar-photoblog\" v2.06 plugin exhibits a mixed security posture. On the positive side, it demonstrates good practices regarding database interactions, with all SQL queries utilizing prepared statements, and it has no known past vulnerabilities, suggesting a history of stable development. However, significant concerns arise from the static analysis. The most alarming finding is that 100% of its output is not properly escaped, indicating a high risk of Cross-Site Scripting (XSS) vulnerabilities. Furthermore, the taint analysis reveals that all three analyzed flows involve unsanitized paths, which could lead to various injection attacks if an attacker can control the input data that reaches these paths. While the attack surface is small and has no apparent unprotected entry points based on the provided data, the lack of proper output escaping and the presence of unsanitized paths are critical security weaknesses.",[288,291,294,296],{"reason":289,"points":290},"All outputs are unescaped",15,{"reason":292,"points":293},"Taint analysis shows unsanitized paths",12,{"reason":295,"points":163},"No nonce checks",{"reason":297,"points":163},"No capability checks","2026-03-16T21:38:23.320Z",{"wat":300,"direct":309},{"assetPaths":301,"generatorPatterns":304,"scriptPaths":305,"versionParams":306},[302,303],"\u002Fwp-content\u002Fplugins\u002Fsidebar-photoblog\u002Fsphoto.css","\u002Fwp-content\u002Fplugins\u002Fsidebar-photoblog\u002Fjscript.js",[],[303],[307,308],"sidebar-photoblog\u002Fsphoto.css?ver=","sidebar-photoblog\u002Fjscript.js?ver=",{"cssClasses":310,"htmlComments":312,"htmlAttributes":313,"restEndpoints":314,"jsGlobals":315,"shortcodeOutput":316},[311],"archive_sphoto",[],[],[],[],[317],"[sphoto_archive]"]