[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fgXpGulbq5fVoOq_am6OE9TEmzwewRSzhkt1DO-jtNr0":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":13,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":60,"crawl_stats":36,"alternatives":64,"analysis":169,"fingerprints":324},"simple-downloads-list","Simple Downloads List","1.5.0","Neofix","https:\u002F\u002Fprofiles.wordpress.org\u002Fneofix\u002F","\u003Cp>Simple Downloads List allows you to provide multiple downloads as a beautiful list for your visitors. Simply add your downloads in the admin section and start using the block or shortcode.\u003C\u002Fp>\n\u003Ch4>Main features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Fully free – there’s no pro version\u003C\u002Fli>\n\u003Cli>Mobile friendly list design\u003C\u002Fli>\n\u003Cli>A search bar allows your visitors to search for downloads\u003C\u002Fli>\n\u003Cli>Filtering possible using categories\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>How to use\u003C\u002Fh3>\n\u003Ch4>Using WordPress block:\u003C\u002Fh4>\n\u003Cp>Add new “Simple Downloads List” Block and (optionally) filter category within the sidepanel\u003C\u002Fp>\n\u003Ch4>Using shortcode:\u003C\u002Fh4>\n\u003Cp>Simply add this shortcode\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[neofix_sdl category=\"\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cstrong>category:\u003C\u002Fstrong> Which categories should be displayed? If this option is missing or empty, all downloads will be visible.\u003C\u002Fp>\n","Provide a list of downloads for your visitors - quick and easy. With download categories and mobile friendly design.",100,2757,0,"2025-11-02T17:01:00.000Z","6.8.5","6.1","8.2",[19,20,21,22,23],"downloads","downloads-list","files","simple","table","http:\u002F\u002Fneofix.ch\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-downloads-list.1.5.0.zip",98,2,"2025-11-07 14:19:32","2026-03-15T15:16:48.613Z",[31,46],{"id":32,"url_slug":33,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":6,"severity":38,"cvss_score":39,"cvss_vector":40,"vuln_type":41,"published_date":28,"updated_date":42,"references":43,"days_to_patch":45},"CVE-2025-12583","simple-downloads-list-missing-authorization-to-authenticated-subscriber-stored-cross-site-scripting","Simple Downloads List \u003C= 1.4.3 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting","The Simple Downloads List plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wp_ajax_neofix_sdl_edit' AJAX endpoint along with many others in all versions up to, and including, 1.4.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to alter many of the plugin's settings\u002Fdownloads and inject malicious web scripts.",null,"\u003C=1.4.3","medium",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Missing Authorization","2025-11-08 02:28:03",[44],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fcbee3d3b-383b-48f5-be63-61cd692a18a0?source=api-prod",1,{"id":47,"url_slug":48,"title":49,"description":50,"plugin_slug":4,"theme_slug":36,"affected_versions":51,"patched_in_version":52,"severity":38,"cvss_score":53,"cvss_vector":54,"vuln_type":55,"published_date":56,"updated_date":57,"references":58,"days_to_patch":45},"CVE-2024-13594","simple-downloads-list-authenticated-contributor-sql-injection","Simple Downloads List \u003C= 1.4.2 - Authenticated (Contributor+) SQL Injection","The Simple Downloads List plugin for WordPress is vulnerable to SQL Injection via the 'category' attribute of the 'neofix_sdl' shortcode in all versions up to, and including, 1.4.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.","\u003C=1.4.2","1.4.3",6.5,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:H\u002FI:N\u002FA:N","Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')","2025-01-23 00:00:00","2025-01-24 11:07:52",[59],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F49f5bb21-d18f-453b-bef4-e3b234d162c8?source=api-prod",{"slug":61,"display_name":7,"profile_url":8,"plugin_count":45,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":45,"trust_score":62,"computed_at":63},"neofix",99,"2026-04-04T22:39:57.443Z",[65,90,110,132,151],{"slug":66,"name":67,"version":68,"author":69,"author_profile":70,"description":71,"short_description":72,"active_installs":73,"downloaded":74,"rating":75,"num_ratings":76,"last_updated":77,"tested_up_to":78,"requires_at_least":79,"requires_php":80,"tags":81,"homepage":85,"download_link":86,"security_score":87,"vuln_count":88,"unpatched_count":13,"last_vuln_date":89,"fetched_at":29},"wp-downloadmanager","WP-DownloadManager","1.69.1","Lester Chan","https:\u002F\u002Fprofiles.wordpress.org\u002Fgamerz\u002F","\u003Ch3>General Usage\u003C\u002Fh3>\n\u003Col>\n\u003Cli>You Need To Re-Generate The Permalink \u003Ccode>WP-Admin -> Settings -> Permalinks -> Save Changes\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>To embed a specific file to be downloaded into a post\u002Fpage, use \u003Ccode>[download id=\"2\"]\u003C\u002Fcode> where 2 is your file id.\u003C\u002Fli>\n\u003Cli>To embed multiple files to be downloaded into a post\u002Fpage, use \u003Ccode>[download id=\"1,2,3\"]\u003C\u002Fcode> where 1,2,3 are your file ids.\u003C\u002Fli>\n\u003Cli>To limit the number of embedded downloads shown for each post in a post stream, use the \u003Ccode>stream_limit\u003C\u002Fcode> option.\n\u003Col>\n\u003Cli>Example: \u003Ccode>[download id=\"2\" stream_limit=\"4\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>This will only display the first 4 downloads for the post when rendered in a post stream, and display the full list of downloads when viewing the single post.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003C\u002Fli>\n\u003Cli>To sort embedded downloads, use the \u003Ccode>sort_by\u003C\u002Fcode> and \u003Ccode>sort_order\u003C\u002Fcode> options.\n\u003Col>\n\u003Cli>Example: \u003Ccode>[download id=\"2\" sort_by=\"file_id\" sort_order=\"asc\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>This will sort the embedded downloads by file ID in ascending order.\u003C\u002Fli>\n\u003Cli>Valid values for \u003Ccode>sort_by\u003C\u002Fcode> are: \u003Ccode>file_id\u003C\u002Fcode>, \u003Ccode>file\u003C\u002Fcode>, \u003Ccode>file_name\u003C\u002Fcode>, \u003Ccode>file_size\u003C\u002Fcode>, \u003Ccode>file_date\u003C\u002Fcode>, and \u003Ccode>file_hits\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Fol>\n\u003C\u002Fli>\n\u003Cli>To choose what to display within the embedded file, use \u003Ccode>[download id=\"1\" display=\"both\"]\u003C\u002Fcode> where 1 is your file id and both will display both the file name and file desccription, whereas name will only display the filename. Note that this will overwrite the “Download Embedded File” template you have in your Download Templates.\u003C\u002Fli>\n\u003Cli>To embed files as well as categories, use \u003Ccode>[download id=\"1,2,3\" category=\"4,5,6\"]\u003C\u002Fcode> where 1,2,3 are your file id and 4,5,6 are your category ids.\u003C\u002Fli>\n\u003Cli>If you are using Default Permalinks, the file direct download link will be \u003Ccode>http:\u002F\u002Fyoursite.com\u002Findex.php?dl_id=2\u003C\u002Fcode>. If you are using Nice Permalinks, the file direct download link will be \u003Ccode>http:\u002F\u002Fyoursite.com\u002Fdownload\u002F2\u002F\u003C\u002Fcode>, where yoursite.com is your WordPress URL and 2 is your file id.\u003C\u002Fli>\n\u003Cli>The direct download category link will be \u003Ccode>http:\u002F\u002Fyoursite.com\u002Fdownloads\u002F?dl_cat=3\u003C\u002Fcode>, where yoursite.com is your WordPress URL, downloads is your Downloads Page name and 3 is your download category id.\u003C\u002Fli>\n\u003Cli>In order to upload the files straight to the downloads folder, the folder must be first CHMOD to 777. You can specify which folder to be the downloads folder in Download Options.\u003C\u002Fli>\n\u003Cli>You can configure the Download Options in \u003Ccode>WP-Admin -> Downloads -> Download Options\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>You can configure the Download Templates in \u003Ccode>WP-Admin -> Downloads -> Download Templates\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Downloads Page\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Go to \u003Ccode>WP-Admin -> Pages -> Add New\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Type any title you like in the post’s title area\u003C\u002Fli>\n\u003Cli>If you \u003Ccode>ARE\u003C\u002Fcode> using nice permalinks, after typing the title, WordPress will generate the permalink to the page. You will see an ‘Edit’ link just beside the permalink.\u003C\u002Fli>\n\u003Cli>Click ‘Edit’ and type in \u003Ccode>downloads\u003C\u002Fcode> in the text field and click ‘Save’.\u003C\u002Fli>\n\u003Cli>Type \u003Ccode>[page_download]\u003C\u002Fcode> in the post’s content area.\u003C\u002Fli>\n\u003Cli>You can also use \u003Ccode>[page_download category=\"1\"]\u003C\u002Fcode>, this will display all downloads in Category ID 1.\u003C\u002Fli>\n\u003Cli>Click ‘Publish’\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Download Stats (With Widgets)\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Go to \u003Ccode>WP-Admin -> Appearance -> Widgets\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>The widget name is \u003Ccode>Downloads\u003C\u002Fcode>.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Development\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Flesterchan\u002Fwp-downloadmanager\" title=\"https:\u002F\u002Fgithub.com\u002Flesterchan\u002Fwp-downloadmanager\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002Flesterchan\u002Fwp-downloadmanager\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Translations\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fdev.wp-plugins.org\u002Fbrowser\u002Fwp-downloadmanager\u002Fi18n\u002F\" title=\"http:\u002F\u002Fdev.wp-plugins.org\u002Fbrowser\u002Fwp-downloadmanager\u002Fi18n\u002F\" rel=\"nofollow ugc\">http:\u002F\u002Fdev.wp-plugins.org\u002Fbrowser\u002Fwp-downloadmanager\u002Fi18n\u002F\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Plugin icon by \u003Ca href=\"http:\u002F\u002Fwww.freepik.com\" rel=\"nofollow ugc\">Freepik\u003C\u002Fa> from \u003Ca href=\"http:\u002F\u002Fwww.flaticon.com\" rel=\"nofollow ugc\">Flaticon\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Icons courtesy of \u003Ca href=\"http:\u002F\u002Fwww.famfamfam.com\u002F\" title=\"FamFamFam\" rel=\"nofollow ugc\">FamFamFam\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Download Icon by \u003Ca href=\"http:\u002F\u002Fwww.imvain.com\u002F\"\" title=\"Ryan Zimmerman\" rel=\"nofollow ugc\">Ryan Zimmerman\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Donations\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>I spent most of my free time creating, updating, maintaining and supporting these plugins, if you really love my plugins and could spare me a couple of bucks, I will really appreciate it. If not feel free to use it without any obligations.\u003C\u002Fli>\n\u003C\u002Ful>\n","Adds a simple download manager to your WordPress blog.",3000,308742,80,37,"2026-02-13T01:54:00.000Z","6.9.4","4.0","",[82,19,83,21,84],"download","file","manager","https:\u002F\u002Flesterchan.net\u002Fportfolio\u002Fprogramming\u002Fphp\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-downloadmanager.1.69.1.zip",89,10,"2026-02-17 21:55:19",{"slug":91,"name":92,"version":93,"author":94,"author_profile":95,"description":96,"short_description":97,"active_installs":98,"downloaded":99,"rating":100,"num_ratings":101,"last_updated":102,"tested_up_to":15,"requires_at_least":79,"requires_php":80,"tags":103,"homepage":106,"download_link":107,"security_score":108,"vuln_count":27,"unpatched_count":45,"last_vuln_date":109,"fetched_at":29},"m1downloadlist","m1.DownloadList","0.24","maennchen1.de","https:\u002F\u002Fprofiles.wordpress.org\u002Fmaennchen1de\u002F","\u003Cp>This plugin easily displays the folders and files from a selected directory. It can be placed by shortcode with the parameters path and target in any post. Uploads must be done by a separate ftp program. No managing options.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>compatible up to PHP 8.3.20\u003C\u002Fli>\n\u003Cli>need PHP extension \u003Ca href=\"http:\u002F\u002Fphp.net\u002Fmb_string\" rel=\"nofollow ugc\">mb_string\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>available optional shortcode parameters\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>path = directory path, starting by web root (default: wp-content\u002Fuploads\u002F)\u003C\u002Fli>\n\u003Cli>target = browser window name\u003C\u002Fli>\n\u003Cli>sort = by name ASC\u002FDESC (default: ASC)\u003C\u002Fli>\n\u003Cli>sort-order = filename\u002Ffiletype\u002Fftime\u002Ffiletime\u002Ffoldertime (default: filename)\u003C\u002Fli>\n\u003Cli>label = custom top level label\u003C\u002Fli>\n\u003Cli>nosize = displays no file size\u003C\u002Fli>\n\u003Cli>hidedirs = displays no folders, only files\u003C\u002Fli>\n\u003Cli>filetype = (comma separated list) filter files by their extension\u003C\u002Fli>\n\u003Cli>hidefiletype = (comma separated list) hide files with filetype\u003C\u002Fli>\n\u003Cli>hidefilename = (comma separated list) hide named files and folders\u003C\u002Fli>\n\u003Cli>noext = hide the file extensions\u003C\u002Fli>\n\u003Cli>nobreadcrumb = hide breadcrumb \u002F title\u003C\u002Fli>\n\u003Cli>ftime = display file and folder modification date and time (standard = “1” or use date formatting like “Y-m-d H:i”), see \u003Ca href=\"http:\u002F\u002Fphp.net\u002Fdate\" rel=\"nofollow ugc\">PHP date formatting\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>filetime = same as ftime, just for files\u003C\u002Fli>\n\u003Cli>foldertime = same as ftime, just for folders\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>(most of it can be combined together)\u003C\u002Fp>\n\u003Ch4>shortcode examples\u003C\u002Fh4>\n\u003Col>\n\u003Cli>displays content of \u003Ccode>wp-content\u002Fuploads\u002F\u003C\u002Fcode>: \u003Ccode>[m1dll]\u003C\u002Fcode> \u003C\u002Fli>\n\u003Cli>displays content of \u003Ccode>your\u002Ffoldername\u002Fhere\u002F\u003C\u002Fcode>: \u003Ccode>[m1dll path=\"your\u002Ffoldername\u002Fhere\u002F\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>displays content of \u003Ccode>your\u002Ffoldername\u002Fhere\u002F\u003C\u002Fcode> and sort descending: \u003Ccode>[m1dll path=\"your\u002Ffoldername\u002Fhere\u002F\" sort=\"DESC\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>displays content of \u003Ccode>your\u002Ffoldername\u002Fhere\u002F\u003C\u002Fcode>, open files in a new window: \u003Ccode>[m1dll path=\"your\u002Ffoldername\u002Fhere\u002F\" target=\"_blank\"]\u003C\u002Fcode> \u003C\u002Fli>\n\u003Cli>displays content of \u003Ccode>your\u002Ffoldername\u002Fhere\u002F\u003C\u002Fcode>, change label ‘downloads’ to ‘our downloads’: \u003Ccode>[m1dll path=\"your\u002Ffoldername\u002Fhere\u002F\" label=\"our downloads\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>displays content of \u003Ccode>wp-content\u002Fuploads\u002F\u003C\u002Fcode>, displays no file size: \u003Ccode>[m1dll nosize=\"1\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>displays content of \u003Ccode>wp-content\u002Fuploads\u002F\u003C\u002Fcode>, displays no folders: \u003Ccode>[m1dll hidedirs=\"1\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>displays content of \u003Ccode>wp-content\u002Fuploads\u002F\u003C\u002Fcode>, displays only pdf- and docx-documents: \u003Ccode>[m1dll filetype=\"pdf,docx\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>displays content of \u003Ccode>wp-content\u002Fuploads\u002F\u003C\u002Fcode>, do not display pdf- and docx-documents: \u003Ccode>[m1dll hidefiletype=\"pdf,docx\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>displays content of \u003Ccode>wp-content\u002Fuploads\u002F\u003C\u002Fcode>, do not display file secret.txt and secret.docx: \u003Ccode>[m1dll hidefilename=\"secret.txt,secret.docx\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>displays content of \u003Ccode>wp-content\u002Fuploads\u002F\u003C\u002Fcode>, displays no file extensions: \u003Ccode>[m1dll noext=\"1\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>displays content of \u003Ccode>wp-content\u002Fuploads\u002F\u003C\u002Fcode>, displays no breadcrumb: \u003Ccode>[m1dll nobreadcrumb=\"1\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>displays content of \u003Ccode>wp-content\u002Fuploads\u002F\u003C\u002Fcode>, with file and folder time with own format \u003Ccode>[m1dll ftime=\"Y-m-d, H:i\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>displays content of \u003Ccode>wp-content\u002Fuploads\u002F\u003C\u002Fcode>, with file and folder date and time (standard from WordPress) \u003Ccode>[m1dll ftime=\"1\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>displays content of \u003Ccode>wp-content\u002Fuploads\u002F\u003C\u002Fcode>, with file and folder self formated date \u003Ccode>[m1dll ftime=\"Y-m-d\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>displays content of \u003Ccode>wp-content\u002Fuploads\u002F\u003C\u002Fcode>, with file date and time (standard from WordPress) \u003Ccode>[m1dll filetime=\"1\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>displays content of \u003Ccode>wp-content\u002Fuploads\u002F\u003C\u002Fcode>, with folder date and time (standard from WordPress) \u003Ccode>[m1dll foldertime=\"1\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Fol>\n","This plugin easily displays the folders and files from a selected directory. It can be placed by shortcode in any post.",400,17902,94,21,"2025-11-25T14:32:00.000Z",[104,19,83,105,21],"attachment","filemanager","http:\u002F\u002Fmaennchen1.de","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fm1downloadlist.0.24.zip",77,"2025-04-04 00:00:00",{"slug":111,"name":112,"version":113,"author":114,"author_profile":115,"description":116,"short_description":117,"active_installs":118,"downloaded":119,"rating":120,"num_ratings":121,"last_updated":122,"tested_up_to":123,"requires_at_least":124,"requires_php":80,"tags":125,"homepage":129,"download_link":130,"security_score":131,"vuln_count":13,"unpatched_count":13,"last_vuln_date":36,"fetched_at":29},"s2member-secure-file-uploader","s2member Secure File Uploader","0.0.2","Lew Ayotte","https:\u002F\u002Fprofiles.wordpress.org\u002Flayotte\u002F","\u003Cp>You must have the \u003Ca href=\"http:\u002F\u002Fwww.s2member.com\u002F2496.html\" rel=\"nofollow ugc\">s2member Membership Plugin\u003C\u002Fa> installed and activated to use this plugin.\u003C\u002Fp>\n\u003Cp>This simple plugin that allows you to upload a file to the s2member-files\u002F secure directory and automatically insert it into your post.\u003C\u002Fp>\n\u003Cp>This plugin was requested by a client, who would only pay for 5 hours worth of work. The plugin could use some polishing and maybe some extra GUI love, but it does what the cliented wanted at the time. Because I feel like it could use some improvements, I’m releasing it as version 0.0.1.\u003C\u002Fp>\n","A s2member add-on that allows you to upload a file to the s2member-files\u002F secure directory and automatically insert a link into your post.",90,8188,60,4,"2013-03-28T23:27:00.000Z","3.5.2","3.2",[19,21,126,127,128],"s2member","secure","security","http:\u002F\u002Flewayotte.com\u002Fplugins\u002Fs2member-secure-file-uploader\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fs2member-secure-file-uploader.0.0.2.zip",85,{"slug":133,"name":134,"version":135,"author":136,"author_profile":137,"description":138,"short_description":139,"active_installs":88,"downloaded":140,"rating":141,"num_ratings":142,"last_updated":143,"tested_up_to":144,"requires_at_least":145,"requires_php":80,"tags":146,"homepage":149,"download_link":150,"security_score":131,"vuln_count":13,"unpatched_count":13,"last_vuln_date":36,"fetched_at":29},"download-manager-ms","Download Manager MS","1.1.0","bquade","https:\u002F\u002Fprofiles.wordpress.org\u002Fbquade\u002F","\u003Cp>Download manager with:\u003Cbr \u002F>\n* multisite support\u003Cbr \u002F>\n* download buttons and forms\u003Cbr \u002F>\n* easy file uploads\u003Cbr \u002F>\n* stats charts\u003Cbr \u002F>\n* much more\u003C\u002Fp>\n","Download manager with multisite support. Stats charts, shortcodes for download buttons and forms, easy file uploads, and much more.",4526,20,3,"2012-12-09T18:05:00.000Z","3.5.0","3.1.0",[82,147,19,148,21],"download-manager","file-manager","http:\u002F\u002Fbqplugins.com\u002Fbq-download","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdownload-manager-ms.1.1.0.zip",{"slug":152,"name":153,"version":154,"author":155,"author_profile":156,"description":157,"short_description":158,"active_installs":88,"downloaded":159,"rating":11,"num_ratings":27,"last_updated":160,"tested_up_to":161,"requires_at_least":80,"requires_php":80,"tags":162,"homepage":167,"download_link":168,"security_score":131,"vuln_count":13,"unpatched_count":13,"last_vuln_date":36,"fetched_at":29},"edd-product-table","Product Table – Easy Digital Downloads","1.1.1","Akhtarujjaman Shuvo","https:\u002F\u002Fprofiles.wordpress.org\u002Fmdshuvo\u002F","\u003Cp>No need to add any code on your theme core file. Just plug and play. A simple plugin that will help you build product table for Easy Digital Downloads. You can use Product Table on your blog posts, pages, Sidebar widget area or whatever you want using shortcode.\u003C\u002Fp>\n\u003Ch3>Features:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>No need to put any code on theme files\u003C\u002Fli>\n\u003Cli>No need  add_action or add_filter hooks\u003C\u002Fli>\n\u003Cli>Plug and Play\u003C\u002Fli>\n\u003Cli>Customizable Shortcode\u003C\u002Fli>\n\u003Cli>Shortable Table\u003C\u002Fli>\n\u003Cli>Add to cart button\u003C\u002Fli>\n\u003Cli>Quantity Button\u003C\u002Fli>\n\u003Cli>Product Thumbnail\u003C\u002Fli>\n\u003Cli>Variable Price Support\u003C\u002Fli>\n\u003Cli>Product Title column\u003C\u002Fli>\n\u003Cli>Content Column\u003C\u002Fli>\n\u003Cli>Price sorting\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Default Shortcode\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>[eddpt]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Hide table header\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>[eddpt thead=false]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Hide table footer\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>[eddpt tfoot=false]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cstrong>For hide any column use the column key in shortcode like this.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>Hide Thumbnail column\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>[eddpt hidecol=thumbnail]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Hide content column\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>[eddpt hidecol=content]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Hide title column\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>[eddpt hidecol=title]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Hide price column\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>[eddpt hidecol=price]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Hide Add to cart button column\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>[eddpt hidecol=cart]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Hide multiple table column\u003C\u002Fh3>\n\u003Cpre>\u003Ccode>[eddpt hidecol=thumbnail,content,title,price,cart]\n\u003C\u002Fcode>\u003C\u002Fpre>\n","A simple plugin that will help you build product table for Easy Digital Downloads",1610,"2021-02-14T10:02:00.000Z","5.6.17",[163,164,165,152,166],"easy-digital-downloads","easy-digital-downloads-product-table","easy-digital-downloads-table","product-table","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fedd-product-table\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fedd-product-table.zip",{"attackSurface":170,"codeSignals":243,"taintFlows":310,"riskAssessment":311,"analyzedAt":323},{"hooks":171,"ajaxHandlers":201,"restRoutes":202,"shortcodes":237,"cronEvents":242,"entryPointCount":177,"unprotectedCount":13},[172,178,182,186,191,194,198],{"type":173,"name":174,"callback":175,"file":176,"line":177},"action","rest_api_init","register_routes","admin\\adminpanel_v3.php",7,{"type":173,"name":179,"callback":180,"file":176,"line":181},"admin_menu","add_admin_menu_page",8,{"type":173,"name":183,"callback":184,"file":176,"line":185},"admin_enqueue_scripts","enqueue_admin_assets",9,{"type":173,"name":187,"callback":188,"file":189,"line":190},"init","register_block","blocks\\sdl\\download_block.php",12,{"type":173,"name":174,"callback":192,"file":189,"line":193},"register_api_routes",13,{"type":173,"name":195,"callback":196,"file":197,"line":177},"plugins_loaded","load_textdomain","setup\\setup.php",{"type":173,"name":199,"callback":200,"file":197,"line":181},"admin_notices","register_installation_confirmation_notice",[],[203,211,217,222,226,232],{"namespace":204,"route":205,"methods":206,"callback":208,"permissionCallback":209,"file":176,"line":210},"neofix-sdl\u002Fv1","\u002Fall",[207],"GET","get_all_downloads","check_permissions",62,{"namespace":204,"route":212,"methods":213,"callback":215,"permissionCallback":209,"file":176,"line":216},"\u002Fadd",[214],"POST","add_download",68,{"namespace":204,"route":218,"methods":219,"callback":220,"permissionCallback":209,"file":176,"line":221},"\u002Fedit",[214],"edit_download",74,{"namespace":204,"route":223,"methods":224,"callback":225,"permissionCallback":209,"file":176,"line":75},"\u002Fdelete",[214],"delete_download",{"namespace":204,"route":227,"methods":228,"callback":229,"permissionCallback":230,"file":189,"line":231},"\u002Feditor-preview\u002F",[207],"sdl_preview","has_admin_privilege",33,{"namespace":204,"route":233,"methods":234,"callback":235,"permissionCallback":230,"file":189,"line":236},"\u002Fdownload-categories\u002F",[207],"get_download_categories",42,[238],{"tag":239,"callback":240,"file":241,"line":177},"neofix_sdl","neofix_sdl_render_list_1","lists\\list_1\\download_list_1.php",[],{"dangerousFunctions":244,"sqlUsage":245,"outputEscaping":257,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":27,"bundledLibraries":309},[],{"prepared":121,"raw":121,"locations":246},[247,250,253,254],{"file":176,"line":248,"context":249},108,"$wpdb->get_results() with variable interpolation",{"file":176,"line":251,"context":252},155,"$wpdb->get_row() with variable interpolation",{"file":189,"line":216,"context":249},{"file":197,"line":255,"context":256},58,"$wpdb->query() with variable interpolation",{"escaped":193,"rawEcho":258,"locations":259},30,[260,264,266,268,269,271,272,274,276,278,280,282,283,284,285,286,287,288,290,291,292,294,296,298,299,300,302,304,305,307],{"file":261,"line":262,"context":263},"blocks\\sdl\\list_1.php",14,"raw output",{"file":261,"line":265,"context":263},15,{"file":261,"line":267,"context":263},19,{"file":261,"line":141,"context":263},{"file":261,"line":270,"context":263},29,{"file":261,"line":231,"context":263},{"file":261,"line":273,"context":263},44,{"file":275,"line":265,"context":263},"blocks\\sdl\\render.php",{"file":197,"line":277,"context":263},24,{"file":279,"line":88,"context":263},"templates\\adminpanel.php",{"file":281,"line":262,"context":263},"templates\\download_lists\\list_1.php",{"file":281,"line":265,"context":263},{"file":281,"line":267,"context":263},{"file":281,"line":141,"context":263},{"file":281,"line":270,"context":263},{"file":281,"line":231,"context":263},{"file":281,"line":273,"context":263},{"file":289,"line":88,"context":263},"templates\\table_editor.php",{"file":289,"line":262,"context":263},{"file":289,"line":265,"context":263},{"file":289,"line":293,"context":263},16,{"file":289,"line":295,"context":263},17,{"file":289,"line":297,"context":263},18,{"file":289,"line":258,"context":263},{"file":289,"line":231,"context":263},{"file":289,"line":301,"context":263},36,{"file":289,"line":303,"context":263},41,{"file":289,"line":273,"context":263},{"file":289,"line":306,"context":263},48,{"file":289,"line":308,"context":263},49,[],[],{"summary":312,"deductions":313},"The security posture of the \"simple-downloads-list\" plugin version 1.5.0 presents a mixed bag of good practices and areas of concern. On the positive side, the plugin boasts a relatively small attack surface with all identified entry points (AJAX handlers, REST API routes, and shortcodes) appearing to have authorization checks in place. Furthermore, there are no reported file operations or external HTTP requests, and no dangerous functions were identified. However, the static analysis reveals some significant weaknesses. A notable concern is the output escaping, with only 30% of outputs being properly escaped, leaving potential for Cross-Site Scripting (XSS) vulnerabilities. The presence of SQL queries where 50% are not using prepared statements also raises red flags for SQL injection risks. The vulnerability history is also a significant concern, with two medium-severity CVEs recorded, both related to Missing Authorization and SQL Injection. Although these are currently unpatched, the historical pattern suggests recurring vulnerabilities in these areas, indicating a need for more robust input validation and authorization mechanisms. The lack of taint analysis results is neither a positive nor a negative; it simply means that specific flows were not analyzed in this manner.",[314,316,318,321],{"reason":315,"points":181},"Output escaping issues (30% properly escaped)",{"reason":317,"points":88},"SQL queries without prepared statements (50%)",{"reason":319,"points":320},"Historical vulnerability pattern: SQL Injection",5,{"reason":322,"points":320},"Historical vulnerability pattern: Missing Authorization","2026-03-16T20:54:44.230Z",{"wat":325,"direct":337},{"assetPaths":326,"generatorPatterns":331,"scriptPaths":332,"versionParams":333},[327,328,329,330],"\u002Fwp-content\u002Fplugins\u002Fsimple-downloads-list\u002Fdist\u002Ffontawesome\u002Ffontawesome-7.1.0\u002Fcss\u002Fall.min.css","\u002Fwp-content\u002Fplugins\u002Fsimple-downloads-list\u002Fdist\u002Fadmin\u002Fadmin-styles.css","\u002Fwp-content\u002Fplugins\u002Fsimple-downloads-list\u002Fdist\u002Fadmin\u002Fadmin-scripts.js","\u002Fwp-content\u002Fplugins\u002Fsimple-downloads-list\u002Fdist\u002Fblocks\u002Fsdl\u002Fstyle-index.css",[],[329],[334,335,336],"\u002Fwp-content\u002Fplugins\u002Fsimple-downloads-list\u002Fdist\u002Ffontawesome\u002Ffontawesome-7.1.0\u002Fcss\u002Fall.min.css?ver=7.1.0","\u002Fwp-content\u002Fplugins\u002Fsimple-downloads-list\u002Fdist\u002Fadmin\u002Fadmin-styles.css?ver=","\u002Fwp-content\u002Fplugins\u002Fsimple-downloads-list\u002Fdist\u002Fadmin\u002Fadmin-scripts.js?ver=",{"cssClasses":338,"htmlComments":339,"htmlAttributes":340,"restEndpoints":342,"jsGlobals":347,"shortcodeOutput":349},[],[],[341],"data-wp-element",[343,344,345,346],"\u002Fwp-json\u002Fneofix-sdl\u002Fv1\u002Fall","\u002Fwp-json\u002Fneofix-sdl\u002Fv1\u002Fadd","\u002Fwp-json\u002Fneofix-sdl\u002Fv1\u002Fedit","\u002Fwp-json\u002Fneofix-sdl\u002Fv1\u002Fdelete",[348],"sdlRest",[350],"[neofix_sdl]"]