[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fbxN0o4piFEdv_JBBtMFGW9acz1a0Hr-JdhHm7McfULc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":37,"analysis":120,"fingerprints":261},"thumbnail-manager","Thumbnail Manager","1.0.1","YoOhw Studio","https:\u002F\u002Fprofiles.wordpress.org\u002Fyoohw\u002F","\u003Cp>Thumbnail Manager helps you take back disk space from oversized Media Libraries.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What it does\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>Prune Files:\u003C\u002Fstrong> Select the image sizes you want to \u003Cstrong>KEEP\u003C\u002Fstrong>. The plugin scans your \u003Ccode>\u002Fuploads\u002F\u003C\u002Fcode> folder and targets all \u003Cem>non-selected\u003C\u002Fem> registered sizes for removal. It shows a \u003Cstrong>dry-run\u003C\u002Fstrong> summary first, then lets you delete in \u003Cstrong>batches\u003C\u002Fstrong> with a live \u003Cstrong>progress bar\u003C\u002Fstrong>.\u003Cbr \u002F>\n– \u003Cstrong>Orphan discovery:\u003C\u002Fstrong> Finds on-disk files that match \u003Ccode>-WxH\u003C\u002Fcode> patterns (including \u003Ccode>.jpg.webp\u003C\u002Fcode>, \u003Ccode>.bak.jpg\u003C\u002Fcode>, retina \u003Ccode>@2x\u003C\u002Fcode>, and duplicate \u003Ccode>-1\u003C\u002Fcode> suffixes) even if those sizes are no longer registered. Aggressively deletes \u003Cstrong>any\u003C\u002Fstrong> \u003Ccode>-WxH\u003C\u002Fcode> files that don’t exactly match the sizes you chose to keep (use with care).\u003Cbr \u002F>\n– \u003Cstrong>Subfolder scope:\u003C\u002Fstrong> Limit scans to a specific year\u002Fmonth inside \u003Ccode>uploads\u002F\u003C\u002Fcode> for faster, safer runs on large libraries.\u003Cbr \u002F>\n– \u003Cstrong>Thumbnail Sizes:\u003C\u002Fstrong> Choose which sizes should be \u003Cstrong>generated for future uploads\u003C\u002Fstrong>. Disabled sizes won’t be created at upload time (and are hidden from size pickers).\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What it doesn’t do\u003C\u002Fstrong>\u003Cbr \u002F>\n– It \u003Cstrong>does not regenerate\u003C\u002Fstrong> thumbnails. Use a regeneration plugin if you need to rebuild sizes after changing settings.\u003Cbr \u002F>\n– It never deletes original full-size images.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Who is it for?\u003C\u002Fstrong>\u003Cbr \u002F>\nSite owners, editors, and developers who’ve accumulated many custom image sizes (themes, page builders, sliders) and want to reduce storage bloat safely.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Two-tab UI: \u003Cstrong>Prune Files\u003C\u002Fstrong> & \u003Cstrong>Thumbnail Sizes\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Dry-run\u003C\u002Fstrong> mode with sample matches before any deletion\u003C\u002Fli>\n\u003Cli>\u003Cstrong>AJAX progress bar\u003C\u002Fstrong> and \u003Cstrong>batch deletes\u003C\u002Fstrong> to avoid timeouts\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Orphan \u003Ccode>-WxH\u003C\u002Fcode> discovery\u003C\u002Fstrong> report and delete found dimensions\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Limit to subfolder\u003C\u002Fstrong> (All, year, or year\u002Fmonth)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Disable sizes for future uploads\u003C\u002Fstrong> (does not unregister core sizes; simply prevents generation)\u003C\u002Fli>\n\u003Cli>Hides disabled sizes from Media size dropdowns (optional filter)\u003C\u002Fli>\n\u003Cli>Works per-site on single and multisite (run on each site as needed)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Ch3>Prune Files\u003C\u002Fh3>\n\u003Col>\n\u003Cli>In the table, \u003Cstrong>check\u003C\u002Fstrong> the sizes you want to \u003Cstrong>KEEP\u003C\u002Fstrong> (e.g., \u003Ccode>thumbnail\u003C\u002Fcode>, \u003Ccode>medium\u003C\u002Fcode>, \u003Ccode>large\u003C\u002Fcode>, and optionally \u003Ccode>medium_large\u003C\u002Fcode>).\u003C\u002Fli>\n\u003Cli>(Optional) Choose a \u003Cstrong>subfolder\u003C\u002Fstrong> (e.g., \u003Ccode>2024\u002F11\u003C\u002Fcode>) for a quicker, safer trial run.\u003C\u002Fli>\n\u003Cli>Make \u003Cstrong>Orphan discovery\u003C\u002Fstrong> ON to see a report or do a deletion of found dimensions.\u003C\u002Fli>\n\u003Cli>Click \u003Cstrong>Run\u003C\u002Fstrong> with \u003Cstrong>Dry-run\u003C\u002Fstrong> selected to preview matches.\u003C\u002Fli>\n\u003Cli>Review results \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> switch to \u003Cstrong>Delete\u003C\u002Fstrong> when you’re confident.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>\u003Cstrong>Tip:\u003C\u002Fstrong> Enable \u003Cstrong>Orphan discovery\u003C\u002Fstrong> only when you want to remove any extra \u003Ccode>-WxH\u003C\u002Fcode> sizes not exactly matching your KEEP list (great for cleaning legacy sizes like \u003Ccode>-1200x860\u003C\u002Fcode> or \u003Ccode>.bak.jpg\u003C\u002Fcode> files).\u003C\u002Fp>\n\u003Ch3>Thumbnail Sizes\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Uncheck any sizes you no longer want generated for \u003Cstrong>future\u003C\u002Fstrong> uploads.\u003C\u002Fli>\n\u003Cli>Click \u003Cstrong>Save changes\u003C\u002Fstrong>.\u003Cbr \u002F>\n(This prevents those sizes from being created going forward; existing files are unaffected until you prune them in Prune Files Tab.)\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Technical Notes\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Prevent generation via: \u003Ccode>intermediate_image_sizes_advanced\u003C\u002Fcode> (removes disabled sizes at upload time).  \u003C\u002Fli>\n\u003Cli>Optionally hide in UI via: \u003Ccode>image_size_names_choose\u003C\u002Fcode> and reduce the base list via \u003Ccode>intermediate_image_sizes\u003C\u002Fcode>.  \u003C\u002Fli>\n\u003Cli>Auto-scaled big image can be disabled with \u003Ccode>big_image_size_threshold\u003C\u002Fcode> if desired (not enabled by default).  \u003C\u002Fli>\n\u003Cli>Requires capability \u003Ccode>manage_options\u003C\u002Fcode>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Privacy\u003C\u002Fh3>\n\u003Cp>This plugin does not collect personal data or send data to external services. It only reads and modifies files within your \u003Ccode>\u002Fuploads\u002F\u003C\u002Fcode> directory based on your actions.\u003C\u002Fp>\n","Clean up unused thumbnails with progress; find orphan -WxH files; disable sizes for future uploads.",30,292,0,"","6.9.4","6.3","7.4",[19,20,21,22,23],"cleanup","images","media","orphan","thumbnails","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fthumbnail-manager","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fthumbnail-manager.1.0.1.zip",100,null,"2026-03-15T10:48:56.248Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":33,"avg_security_score":34,"avg_patch_time_days":11,"trust_score":35,"computed_at":36},"yoohw",7,2520,97,92,"2026-04-04T11:06:21.162Z",[38,56,71,84,102],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":13,"num_ratings":13,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":14,"tags":51,"homepage":53,"download_link":54,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":55},"auto-generated-images-remover","Auto Generated Images Remover","1.1.2","socialeum","https:\u002F\u002Fprofiles.wordpress.org\u002Fsocialeum\u002F","\u003Cp>Scan and delete unwanted auto-generated WordPress images and save huge diskspace. Delete thumbnail sizes (started or ended with 150px, 280px 300px or 1024px) and move them to a trash folder inside your uploads directory. Preview and restore images from the trash.\u003C\u002Fp>\n\u003Cp>Whenever you upload an image, WordPress creates three additional resized versions of that image. This increases your hosting inodes and unnecessarily occupies disk space.\u003C\u002Fp>\n","Short Description: Scan and remove auto-generated WordPress image thumbnails safely.",40,528,"2025-09-30T06:01:00.000Z","6.8.5","5.0",[19,20,21,52,23],"remover","https:\u002F\u002Fwordpress.com\u002Fauto-generated-images-remover","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fauto-generated-images-remover.1.1.2.zip","2026-03-15T15:16:48.613Z",{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":26,"num_ratings":66,"last_updated":67,"tested_up_to":15,"requires_at_least":50,"requires_php":17,"tags":68,"homepage":14,"download_link":70,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":55},"cleanup-orphan-images","Cleanup Orphan Images","1.8.0","DimitriAus","https:\u002F\u002Fprofiles.wordpress.org\u002Fdimitriaus\u002F","\u003Cp>Removes files left in the uploads folder that are invisible in the WordPress Media Library. This does not include Unattached media, which can be easily found and removed in the standard Media Library.\u003C\u002Fp>\n\u003Cp>These orphan files may have been left behind from:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Failed or interrupted uploads\u003C\u002Fli>\n\u003Cli>Plugin operations or migrations\u003C\u002Fli>\n\u003Cli>FTP\u002FSFTP uploads not registered in WordPress\u003C\u002Fli>\n\u003Cli>Database restores or imports\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Scans uploads directory for orphan media files\u003C\u002Fli>\n\u003Cli>Supports images: JPG, JPEG, PNG, GIF, WebP, BMP, TIFF, SVG, ICO\u003C\u002Fli>\n\u003Cli>Supports documents: PDF, DOC, DOCX, XLS, XLSX, PPT, PPTX, ODT, ODS, ODP, TXT, RTF, CSV\u003C\u002Fli>\n\u003Cli>Supports audio: MP3, WAV, OGG, FLAC, AAC, M4A, WMA\u003C\u002Fli>\n\u003Cli>Supports video: MP4, MOV, AVI, WMV, MKV, WebM, FLV, M4V, MPEG, MPG\u003C\u002Fli>\n\u003Cli>Supports archives: ZIP, RAR, 7Z, TAR, GZ\u003C\u002Fli>\n\u003Cli>Safe manual selection before deletion\u003C\u002Fli>\n\u003Cli>Warns when orphan count exceeds server’s max_input_vars limit (typically 1000)\u003C\u002Fli>\n\u003Cli>Optimized O(1) performance with hash-based detection\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Note\u003C\u002Fh4>\n\u003Cp>This plugin does NOT manage “unattached” images in the Media Library. WordPress already provides built-in filtering for unattached media. This plugin focuses specifically on finding physical files that WordPress doesn’t know about at all.\u003C\u002Fp>\n","Finds and deletes orphan media files from the uploads directory that are not registered in WordPress.",20,294,1,"2026-01-07T12:25:00.000Z",[19,69,20,21,22],"files","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcleanup-orphan-images.1.8.0.zip",{"slug":72,"name":73,"version":6,"author":74,"author_profile":75,"description":76,"short_description":77,"active_installs":13,"downloaded":78,"rating":13,"num_ratings":13,"last_updated":79,"tested_up_to":49,"requires_at_least":80,"requires_php":17,"tags":81,"homepage":14,"download_link":83,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":55},"thumbs","Thumbs","zeilenhoehe","https:\u002F\u002Fprofiles.wordpress.org\u002Fzeilenhoehe\u002F","\u003Cp>“Thumbs” ist ein WordPress-Plugin zur effizienten Verwaltung automatisch erzeugter Thumbnails im Uploads-Verzeichnis.\u003Cbr \u002F>\nEs ermöglicht Ihnen:\u003Cbr \u002F>\n* Thumbnails zählen, die gelöscht werden könnten\u003Cbr \u002F>\n* Liste der betroffenen Dateien anzeigen\u003Cbr \u002F>\n* Thumbnails sicher löschen\u003Cbr \u002F>\n* Leere Ordner im Uploads-Verzeichnis entfernen\u003C\u002Fp>\n\u003Cp>Dies hilft, Speicherplatz zu sparen und die Performance Ihrer Website zu verbessern.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Sicherheitshinweise:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Erstellen Sie unbedingt ein Backup, bevor Sie Dateien löschen.\u003Cbr \u002F>\n– Testen Sie das Plugin idealerweise in einer Staging-Umgebung.\u003Cbr \u002F>\n– Das Plugin löscht \u003Cstrong>nur Thumbnail-Dateien\u003C\u002Fstrong>, die dem Muster \u003Ccode>-WIDTHxHEIGHT.jpg\u002Fpng\u002F...\u003C\u002Fcode> entsprechen. Originalbilder bleiben unberührt.\u003C\u002Fp>\n\u003Ch3>Additional Information\u003C\u002Fh3>\n\u003Cp>= Regenerierung von Thumbnails =\u003Cbr \u002F>\n– \u003Cstrong>WooCommerce\u003C\u002Fstrong>: Nutzen Sie die eingebaute Funktion zur Regenerierung von Thumbnails, falls WooCommerce aktiv ist.\u003Cbr \u002F>\n– \u003Cstrong>Plugin “Regenerate Thumbnails”\u003C\u002Fstrong>: Für eine umfassendere Lösung können Sie das Plugin “Regenerate Thumbnails” verwenden.\u003C\u002Fp>\n\u003Ch3>Donate Link\u003C\u002Fh3>\n\u003Cp>Unterstützen Sie die Weiterentwicklung:\u003Cbr \u002F>\nhttps:\u002F\u002Fwww.paypal.com\u002Fdonate\u002F?hosted_button_id=RZ822WZ9HRZPS\u003C\u002Fp>\n","Ein einfaches Tool zur Verwaltung von Thumbnail-Dateien in WordPress. Zählt, listet und löscht generierte Thumbnails und entfernt leere Upload-Ordner, &hellip;",570,"2025-08-21T12:15:00.000Z","5.9",[19,20,21,82,23],"optimization","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fthumbs.1.0.1.zip",{"slug":85,"name":86,"version":87,"author":88,"author_profile":89,"description":90,"short_description":91,"active_installs":92,"downloaded":93,"rating":35,"num_ratings":94,"last_updated":95,"tested_up_to":49,"requires_at_least":50,"requires_php":96,"tags":97,"homepage":100,"download_link":101,"security_score":26,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":55},"crop-thumbnails","Crop-Thumbnails","1.9.7","Volkmar Kantor","https:\u002F\u002Fprofiles.wordpress.org\u002Fvolkmar-kantor\u002F","\u003Cp>The plugin provides the functionality to adjust the crop region of cropped images. It add buttons to the edit-pages and media-dialog to access a crop-editor.\u003Cbr \u002F>\nIn the crop-editor you can choose one or more (if they have the same ratio) imagesizes and cut-off the part of the image you want.\u003C\u002Fp>\n\u003Cp>The plugin is especially useful for theme developers who want to keep full control over cropped image sizes. If you want to dive even deeper, you can get informations about the hooks and filters on the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fvollyimnetz\u002Fcrop-thumbnails\" rel=\"nofollow ugc\">github page of the plugin\u003C\u002Fa>.\u003C\u002Fp>\n","\"Crop Thumbnails\" made it easy to get exacly that specific image-detail you want to show in your featured image or gallery image.",40000,836379,67,"2025-12-03T10:59:00.000Z","7.4.0",[20,98,99],"media-library","post-thumbnails","https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fcrop-thumbnails\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcrop-thumbnails.1.9.7.zip",{"slug":103,"name":104,"version":105,"author":106,"author_profile":107,"description":108,"short_description":109,"active_installs":110,"downloaded":111,"rating":35,"num_ratings":11,"last_updated":112,"tested_up_to":113,"requires_at_least":114,"requires_php":14,"tags":115,"homepage":118,"download_link":119,"security_score":35,"vuln_count":13,"unpatched_count":13,"last_vuln_date":27,"fetched_at":55},"ios-images-fixer","iOS images fixer","1.3.0","Bishoy.A","https:\u002F\u002Fprofiles.wordpress.org\u002Fbishoya\u002F","\u003Cp>By default, thumbnails of photos taken by an iOS device (iPhone or iPad) are flipped 90 degrees to the left, it’s a long image EXIF information story. This plugin takes care of this and fixes the uploaded images orientation’s (if needed, based on EXIF data) using ImageMagic Library if available or PHP GD as a fallback.\u003C\u002Fp>\n\u003Cp>No settings editing required, just activate the plugin and try uploading an image from your idevice!\u003C\u002Fp>\n","Automatically fix iOS-taken images' orientation using ImageMagic\u002FPHP GD upon upload.",7000,59114,"2024-06-12T17:02:00.000Z","6.5.8","4.0.0",[20,116,117,21,23],"ios","iphone","http:\u002F\u002Fbishoy.me\u002Fwp-plugins\u002Fios-images-fixer\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fios-images-fixer.1.3.0.zip",{"attackSurface":121,"codeSignals":151,"taintFlows":216,"riskAssessment":254,"analyzedAt":260},{"hooks":122,"ajaxHandlers":138,"restRoutes":147,"shortcodes":148,"cronEvents":149,"entryPointCount":150,"unprotectedCount":13},[123,129,132],{"type":124,"name":125,"callback":126,"file":127,"line":128},"action","admin_enqueue_scripts","closure","inc\\admin-menu.php",15,{"type":124,"name":130,"callback":126,"file":127,"line":131},"admin_menu",51,{"type":133,"name":134,"callback":126,"priority":135,"file":136,"line":137},"filter","intermediate_image_sizes_advanced",9999,"inc\\filter-disabled-sizes.php",8,[139,144],{"action":140,"nopriv":141,"callback":140,"hasNonce":142,"hasCapCheck":142,"file":143,"line":32},"yotm_prune_delete_batch",false,true,"inc\\handle-delete.php",{"action":145,"nopriv":141,"callback":145,"hasNonce":142,"hasCapCheck":142,"file":146,"line":32},"yotm_prune_prepare","inc\\handle-prune.php",[],[],[],2,{"dangerousFunctions":152,"sqlUsage":153,"outputEscaping":155,"fileOperations":13,"externalRequests":13,"nonceChecks":214,"capabilityChecks":214,"bundledLibraries":215},[],{"prepared":13,"raw":13,"locations":154},[],{"escaped":156,"rawEcho":157,"locations":158},38,27,[159,162,164,166,168,170,172,174,176,178,180,182,184,186,188,190,192,194,196,198,200,202,204,206,208,210,212],{"file":127,"line":160,"context":161},123,"raw output",{"file":127,"line":163,"context":161},134,{"file":127,"line":165,"context":161},137,{"file":127,"line":167,"context":161},185,{"file":127,"line":169,"context":161},186,{"file":127,"line":171,"context":161},187,{"file":127,"line":173,"context":161},188,{"file":127,"line":175,"context":161},189,{"file":127,"line":177,"context":161},190,{"file":127,"line":179,"context":161},236,{"file":127,"line":181,"context":161},238,{"file":127,"line":183,"context":161},250,{"file":127,"line":185,"context":161},254,{"file":127,"line":187,"context":161},277,{"file":127,"line":189,"context":161},280,{"file":127,"line":191,"context":161},312,{"file":127,"line":193,"context":161},313,{"file":127,"line":195,"context":161},314,{"file":127,"line":197,"context":161},315,{"file":127,"line":199,"context":161},316,{"file":127,"line":201,"context":161},344,{"file":127,"line":203,"context":161},364,{"file":127,"line":205,"context":161},367,{"file":127,"line":207,"context":161},370,{"file":127,"line":209,"context":161},373,{"file":127,"line":211,"context":161},392,{"file":127,"line":213,"context":161},407,3,[],[217,243],{"entryPoint":218,"graph":219,"unsanitizedCount":13,"severity":242},"yotm_prune_thumbnails_page (inc\\admin-menu.php:62)",{"nodes":220,"edges":239},[221,226,232,234],{"id":222,"type":223,"label":224,"file":127,"line":225},"n0","source","$_POST",72,{"id":227,"type":228,"label":229,"file":127,"line":230,"wp_function":231},"n1","sink","update_option() [Settings Manipulation]",77,"update_option",{"id":233,"type":223,"label":224,"file":127,"line":225},"n2",{"id":235,"type":228,"label":236,"file":127,"line":237,"wp_function":238},"n3","echo() [XSS]",128,"echo",[240,241],{"from":222,"to":227,"sanitized":142},{"from":233,"to":235,"sanitized":142},"low",{"entryPoint":244,"graph":245,"unsanitizedCount":13,"severity":242},"\u003Cadmin-menu> (inc\\admin-menu.php:0)",{"nodes":246,"edges":251},[247,248,249,250],{"id":222,"type":223,"label":224,"file":127,"line":225},{"id":227,"type":228,"label":229,"file":127,"line":230,"wp_function":231},{"id":233,"type":223,"label":224,"file":127,"line":225},{"id":235,"type":228,"label":236,"file":127,"line":237,"wp_function":238},[252,253],{"from":222,"to":227,"sanitized":142},{"from":233,"to":235,"sanitized":142},{"summary":255,"deductions":256},"The thumbnail-manager v1.0.1 plugin exhibits a generally good security posture based on the provided static analysis. The absence of REST API routes, shortcodes, and cron events, combined with all SQL queries using prepared statements and a focus on nonce and capability checks for its two AJAX handlers, are positive indicators.  The code also demonstrates no file operations or external HTTP requests, further reducing its attack surface.  However, a significant concern arises from the output escaping, where only 58% of outputs are properly escaped. This leaves a potential avenue for cross-site scripting (XSS) vulnerabilities if user-supplied data is directly outputted without adequate sanitization.  The plugin's vulnerability history is clean, with no recorded CVEs, which suggests a history of stable and secure development.  Overall, while the plugin has strong foundational security practices in place, the partial output escaping is a notable weakness that requires attention to prevent potential XSS exploits.",[257],{"reason":258,"points":259},"Unescaped output detected",6,"2026-03-16T22:22:17.975Z",{"wat":262,"direct":271},{"assetPaths":263,"generatorPatterns":266,"scriptPaths":267,"versionParams":268},[264,265],"\u002Fwp-content\u002Fplugins\u002Fthumbnail-manager\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fthumbnail-manager\u002Fjs\u002Fadmin.js",[],[265],[269,270],"thumbnail-manager\u002Fcss\u002Fstyle.css?ver=","thumbnail-manager\u002Fjs\u002Fadmin.js?ver=",{"cssClasses":272,"htmlComments":279,"htmlAttributes":280,"restEndpoints":297,"jsGlobals":298,"shortcodeOutput":300},[273,274,275,276,277,278],"yo-tabs","yo-tab","yo-panel","yo-row","yo-sizes","yo-progress",[],[281,282,283,284,285,286,287,288,289,290,291,292,293,294,295,296],"data-tab","id=\"yotm_tabs\"","id=\"yotm_panel_prune\"","id=\"yotm_limit_subpath\"","id=\"yotm_form\"","onsubmit=\"return false;\"","id=\"yotm_sizes_form\"","name=\"yotm_sizes_save\"","id=\"yotm_sizes_save_nonce\"","name=\"yotm_sizes_save_nonce\"","id=\"yotm_enable_sizes\"","name=\"yotm_enable_sizes\"","id=\"yotm_prune_start\"","name=\"yotm_prune_start\"","id=\"yotm_prune_nonce\"","name=\"yotm_prune_nonce\"",[],[299],"YOTM",[]]