[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fvzS6Y6NC1eW7kNN3-MBXGSeJoeyIsf0R8Gwzzz3sVhc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":17,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":36,"analysis":139,"fingerprints":197},"tumble","Tumble","0.2","Scott Taylor","https:\u002F\u002Fprofiles.wordpress.org\u002Fwonderboymusic\u002F","\u003Cp>Your Media Library and Post History are a wealth of information and assets. Tumble allows you to pick items to share on Tumblr with just one click. The plugin is smart enough to know what kind of content you are sending and will make the proper API call to Tumblr. Super easy!\u003C\u002Fp>\n\u003Cp>Read more: http:\u002F\u002Fscottctaylor.wordpress.com\u002F2010\u002F11\u002F18\u002Fnew-plugin-tumble\u002F\u003C\u002Fp>\n","Tumble is simple-to-use and allows you to manually send Posts, Images, Audio, and Video to Tumblr from within your Dashboard\u002FMedia Library",10,8056,0,"2010-11-22T21:47:00.000Z","3.0.5","3.0","",[19,20,21,22,23],"admin","attachments","media","social","tumblr","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftumble.0.2.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":33,"avg_patch_time_days":34,"trust_score":25,"computed_at":35},"wonderboymusic",8,210,87,30,"2026-04-04T02:39:37.479Z",[37,57,79,99,116],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":17,"tags":52,"homepage":54,"download_link":55,"security_score":56,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"media-deduper","Media Deduper","1.5.9","cornershop","https:\u002F\u002Fprofiles.wordpress.org\u002Fcornershop\u002F","\u003Cp>Media Deduper will find and eliminate duplicate images and attachments from your WordPress media library. After installing, you’ll have a new “Manage Duplicates” option in your Media section.\u003C\u002Fp>\n\u003Cp>Before Media Deduper can identify duplicate assets, it will build an index of all the files in your media library, which can take some time. Once that’s done, however, Media Deduper automatically adds new uploads to its index, so you shouldn’t have to generate the index again.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Need faster indexing? \u003Ca href=\"https:\u002F\u002Fwww.mediadeduper.com\u002F\" rel=\"nofollow ugc\">Check out Media Deduper Pro\u003C\u002Fa>.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Once up and running, Media Deduper provides you with a “Manage Duplicates” page listing all of your duplicate media files. The list makes it easy to see and delete duplicate files: delete one and its twin will disappear from the list because it’s then no longer a duplicate. Easy! By default, the list is sorted by file size, so you can focus on deleting the files that will free up the most space.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Use this plugin at your own risk. The plugin developers are not responsible for any lost data or site issues as a result of using this plugin.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Media Deduper comes with a “Smart Delete” option that prevents a post’s Featured Image from being deleted, even if that image is found to be a duplicate elsewhere on the site.\u003C\u002Fp>\n\u003Cp>If a post has a featured image that’s a duplicate file, Smart Delete will re-assign that post’s image to an already-in-use copy of the image before deleting the duplicate so that the post’s appearance is unaffected. This feature only tracks Featured Images, and not images used in galleries, post bodies, shortcodes, meta fields, or anywhere else.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Looking for more features? \u003Ca href=\"https:\u002F\u002Fwww.mediadeduper.com\u002F\" rel=\"nofollow ugc\">Media Deduper Pro\u003C\u002Fa> includes features for image fields from several popular plugins as well.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Note that duplicate identification is based on the data of the files themselves, not any titles, captions or other metadata you may have provided in the WordPress admin.\u003C\u002Fp>\n\u003Cp>Media Deduper can differentiate between 1.) media items that are duplicates because the media files they link to have the same data and 2.) those that actually point to the same data file, which can happen with a plugin like WP Job Manager or Duplicate Post.\u003C\u002Fp>\n\u003Cp>As with any plugin that can perform destructive operations on your database and\u002For files, using Media Deduper can result in permanent data loss if you’re not careful. \u003Cstrong>Back up your data before you try out Media Deduper! Please!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Use this plugin at your own risk. The plugin developers are not responsible for any lost data or site issues as a result of using this plugin.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Need more support? \u003Ca href=\"https:\u002F\u002Fwww.mediadeduper.com\u002F\" rel=\"nofollow ugc\">Media Deduper Pro\u003C\u002Fa> includes dedicated support from Cornershop Creative.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>Requirements\u003C\u002Fh3>\n\u003Cp>Media Deduper requires PHP 7.0 or later.\u003C\u002Fp>\n","Save disk space and bring some order to the chaos of your media library by removing and preventing duplicate files.",9000,169474,76,43,"2025-12-03T19:24:00.000Z","6.9.4","4.3",[19,20,21,53],"upload","https:\u002F\u002Fwww.mediadeduper.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmedia-deduper.1.5.9.zip",100,{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":65,"downloaded":66,"rating":67,"num_ratings":68,"last_updated":69,"tested_up_to":70,"requires_at_least":16,"requires_php":17,"tags":71,"homepage":74,"download_link":75,"security_score":76,"vuln_count":77,"unpatched_count":13,"last_vuln_date":78,"fetched_at":27},"wp-attachment-export","WP Attachment Export","0.3.3","Pete","https:\u002F\u002Fprofiles.wordpress.org\u002Fhelvetian\u002F","\u003Cp>\u003Cstrong>Note: Obsolete since WordPress 4.4\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fcore.trac.wordpress.org\u002Fticket\u002F32230\" rel=\"nofollow ugc\">This feature has been added into the core of WordPress 4.4\u003C\u002Fa>. You can now export your attachments by going to Tools->Export and select ‘Media’ as the export type.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Original Description\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>WP Attachment Export allows you to export your media library into a WordPress eXtended RSS or WXR file. You can then use the Tools->Import function in another WordPress installation to import the media library.\u003C\u002Fp>\n\u003Ch4>Issues \u002F Bug reporting\u003C\u002Fh4>\n\u003Cp>Found a bug? Please use the issue tracker at \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fthehelvetian\u002Fwp-attachment-export\u002Fissues\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002Fthehelvetian\u002Fwp-attachment-export\u002Fissues\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Usage\u003C\u002Fh3>\n\u003Cp>User \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fprofile\u002Fphilho\" rel=\"ugc\">PhiLho\u003C\u002Fa> has put together a good summary on how to use the plugin at \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fgood-but-could-use-more-explanations\" rel=\"ugc\">https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fgood-but-could-use-more-explanations\u003C\u002Fa>. Thanks PhiLho!\u003C\u002Fp>\n","Exports only posts of type 'attachment', i.e. your media library",700,53108,92,19,"2017-11-28T21:33:00.000Z","4.3.34",[19,20,72,73,21],"export","image","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-attachment-export","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-attachment-export.zip",84,1,"2015-07-15 00:00:00",{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":87,"downloaded":88,"rating":89,"num_ratings":90,"last_updated":91,"tested_up_to":92,"requires_at_least":93,"requires_php":94,"tags":95,"homepage":97,"download_link":98,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"default-media-uploader-view","Default Media Uploader View","1.0.8","leemon","https:\u002F\u002Fprofiles.wordpress.org\u002Fleemon\u002F","\u003Cp>WordPress 3.5 introduced an entirely new media uploader which streamlined the way one handles and uploads images to posts. Unfortunately,\u003Cbr \u002F>\nsince then, the default view for the media library is “All media items” instead of “Uploaded to this post”. This plugin sets “Uploaded to this post” as the default view.\u003C\u002Fp>\n","Sets \"Uploaded to this post\" instead of \"All media items\" as the default view in the media uploader.",600,15387,96,13,"2019-05-16T09:55:00.000Z","5.2.24","3.5","5.3",[19,20,96,21,53],"filter","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdefault-media-uploader-view\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdefault-media-uploader-view.1.0.8.zip",{"slug":100,"name":101,"version":102,"author":83,"author_profile":84,"description":103,"short_description":104,"active_installs":56,"downloaded":105,"rating":106,"num_ratings":107,"last_updated":108,"tested_up_to":109,"requires_at_least":110,"requires_php":94,"tags":111,"homepage":114,"download_link":115,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"add-external-media","Add External Media","1.0.5","\u003Cp>Add external media from a \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FEmbeds\" rel=\"nofollow ugc\">supported oEmbed provider\u003C\u002Fa> (YouTube, Vimeo, SoundCloud, Twitter, …) to the media library\u003C\u002Fp>\n","Add external media to the media library",17566,94,3,"2019-11-13T07:41:00.000Z","5.3.21","4.0",[19,20,112,21,113],"external","oembed","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fadd-external-media\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadd-external-media.1.0.5.zip",{"slug":117,"name":118,"version":119,"author":120,"author_profile":121,"description":122,"short_description":123,"active_installs":124,"downloaded":125,"rating":106,"num_ratings":126,"last_updated":127,"tested_up_to":50,"requires_at_least":128,"requires_php":129,"tags":130,"homepage":135,"download_link":136,"security_score":137,"vuln_count":107,"unpatched_count":13,"last_vuln_date":138,"fetched_at":27},"add-to-any","AddToAny Share Buttons","1.8.16","micropat","https:\u002F\u002Fprofiles.wordpress.org\u002Fmicropat\u002F","\u003Cp>The AddToAny Share Buttons plugin for WordPress increases traffic & engagement by helping people share your posts and pages to any service. Services include Facebook, Bluesky, Mastodon, Pinterest, WhatsApp, LinkedIn, Threads, Tumblr, Reddit, X, WeChat, and many more sharing and social media sites & apps.\u003C\u002Fp>\n\u003Cp>AddToAny is the home of universal sharing, and the AddToAny plugin is the most popular share plugin for WordPress, making sites social media ready since 2006.\u003C\u002Fp>\n\u003Ch4>Share Buttons\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.addtoany.com\u002Fbuttons\u002Fcustomize\u002Fwordpress\u002Fstandalone_services\" rel=\"nofollow ugc\">\u003Cstrong>Standard\u003C\u002Fstrong>\u003C\u002Fa> share buttons — share each piece of content\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.addtoany.com\u002Fbuttons\u002Fcustomize\u002Fwordpress\u002Ffloating_share_buttons\" rel=\"nofollow ugc\">\u003Cstrong>Floating\u003C\u002Fstrong>\u003C\u002Fa> share buttons — responsive & customizable, vertical & horizontal\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Counters\u003C\u002Fstrong> — fast & official \u003Ca href=\"https:\u002F\u002Fwww.addtoany.com\u002Fbuttons\u002Fcustomize\u002Fwordpress\u002Fshare_counters\" rel=\"nofollow ugc\">share counts\u003C\u002Fa> in the same style\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Follow\u003C\u002Fstrong> buttons — \u003Ca href=\"https:\u002F\u002Fwww.addtoany.com\u002Fbuttons\u002Fcustomize\u002Fwordpress\u002Ffollow_buttons\" rel=\"nofollow ugc\">social media links\u003C\u002Fa> to your Instagram, YouTube, Discord, Snapchat\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Image\u003C\u002Fstrong> sharing buttons – share buttons for \u003Ca href=\"https:\u002F\u002Fwww.addtoany.com\u002Fbuttons\u002Fcustomize\u002Fwordpress\u002Fimage_sharing\" rel=\"nofollow ugc\">sharing images\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Vector\u003C\u002Fstrong> share buttons & follow buttons — \u003Ca href=\"https:\u002F\u002Fwww.addtoany.com\u002Fbuttons\u002Fcustomize\u002Fwordpress\u002Ficon_color\" rel=\"nofollow ugc\">custom color\u003C\u002Fa> SVG icons\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom\u003C\u002Fstrong> share icons — use your own if you prefer\u003C\u002Fli>\n\u003Cli>Official buttons including the Facebook Like Button, Pinterest Save Button, and LinkedIn Share Button\u003C\u002Fli>\n\u003Cli>Universal email sharing makes it easy to share via Gmail, Yahoo Mail, Outlook.com (Hotmail), AOL Mail, and any other web or native apps\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Custom Placement & Appearance\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Before content, after content, or before & after content\u003C\u002Fli>\n\u003Cli>Vertical Floating Share Bar, and Horizontal Floating Share Bar\u003C\u002Fli>\n\u003Cli>As a shortcode, or a widget within a theme’s layout\u003C\u002Fli>\n\u003Cli>Programmatically with template tags\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Analytics Integration\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Google Analytics integration (\u003Ca href=\"https:\u002F\u002Fwww.addtoany.com\u002Fext\u002Fgoogle_analytics\u002F\" rel=\"nofollow ugc\">access guide\u003C\u002Fa>) for sharing analytics\u003C\u002Fli>\n\u003Cli>Track shared links with Bitly and custom URL shorteners\u003C\u002Fli>\n\u003Cli>Display share counts on posts and pages\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>WordPress Optimized\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Loads asynchronously so your content always loads before or in parallel with AddToAny\u003C\u002Fli>\n\u003Cli>Supports theme features such as HTML5, widgets, infinite scroll, post formats\u003C\u002Fli>\n\u003Cli>Supports WooCommerce, multilingual sites, multisite networks, and accessibility standards\u003C\u002Fli>\n\u003Cli>AddToAny is free — no signup, no login, no accounts to manage\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Mobile Optimized & Retina Ready\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>AddToAny gives users the choice in sharing from a service’s native app or from a web app\u003C\u002Fli>\n\u003Cli>Responsive Floating Share Buttons are mobile ready by default, and configurable breakpoints make floating buttons work with any theme\u003C\u002Fli>\n\u003Cli>AddToAny’s SVG icons are super-lightweight and pixel-perfect at any size, and AddToAny’s responsive share menu fits on all displays\u003C\u002Fli>\n\u003Cli>Automatic \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Famp\u002F\" rel=\"ugc\">AMP\u003C\u002Fa> (Accelerated Mobile Pages) support for social share buttons on AMP pages\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Customizable & Extensible\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Choose exactly where you want AddToAny to appear\u003C\u002Fli>\n\u003Cli>Easily \u003Ca href=\"https:\u002F\u002Fwww.addtoany.com\u002Fbuttons\u002Fcustomize\u002Fwordpress\" rel=\"nofollow ugc\">customize sharing\u003C\u002Fa> on your WordPress site\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fadd-to-any\u002F#faq\" rel=\"ugc\">Highly extensible\u003C\u002Fa> for developers and designers\u003C\u002Fli>\n\u003Cli>Custom icons let you use any icons from any location (media uploads directory, CDN, etc.)\u003C\u002Fli>\n\u003Cli>Many more publisher and user features\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Wide Support\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Over 10 years of development\u003C\u002Fli>\n\u003Cli>Over 18 million downloads\u003C\u002Fli>\n\u003Cli>Translated into dozens of languages\u003C\u002Fli>\n\u003Cli>Ongoing support from the community\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin always strives to be the best WordPress plugin for sharing. Development is fueled by your kind words and feedback.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.addtoany.com\u002Fshare#url=https%3A%2F%2Fwordpress.org%2Fplugins%2Fadd-to-any%2F&title=AddToAny%20Sharing%20Plugin%20for%20WordPress\" title=\"Share\" rel=\"nofollow ugc\">Share\u003C\u002Fa> this plugin\u003C\u002Fp>\n\u003Cp>See also:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The \u003Ca href=\"https:\u002F\u002Fwww.addtoany.com\u002Fbuttons\u002F\" rel=\"nofollow ugc\">share buttons\u003C\u002Fa> for all platforms\u003C\u002Fli>\n\u003Cli>The \u003Ca href=\"https:\u002F\u002Fwww.addtoany.com\u002Fbuttons\u002Ffor\u002Fwordpress_com\" rel=\"nofollow ugc\">share buttons for WordPress.com\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.addtoany.com\u002Fblog\u002F\" rel=\"nofollow ugc\">AddToAny Blog\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.addtoany.com\u002Fprivacy\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>\u003C\u002Fp>\n","Share buttons for WordPress including the AddToAny button, Facebook, Bluesky, Mastodon, WhatsApp, Pinterest, Reddit, many more, and follow icons too.",300000,18518979,1111,"2026-01-09T05:34:00.000Z","4.5","5.6",[131,132,133,22,134],"share","share-buttons","share-icons","social-media","https:\u002F\u002Fwww.addtoany.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadd-to-any.1.8.16.zip",99,"2021-08-10 00:00:00",{"attackSurface":140,"codeSignals":178,"taintFlows":185,"riskAssessment":186,"analyzedAt":196},{"hooks":141,"ajaxHandlers":174,"restRoutes":175,"shortcodes":176,"cronEvents":177,"entryPointCount":13,"unprotectedCount":13},[142,148,151,155,159,162,166,170],{"type":143,"name":144,"callback":145,"file":146,"line":147},"action","admin_notices","tumble_warning","tumble.php",187,{"type":143,"name":144,"callback":149,"file":146,"line":150},"tumble_message",190,{"type":143,"name":152,"callback":153,"file":146,"line":154},"admin_action_post_to_tumblr","post_to_tumblr",193,{"type":96,"name":156,"callback":157,"priority":11,"file":146,"line":158},"post_row_actions","add_tumblr_link",194,{"type":96,"name":160,"callback":157,"priority":11,"file":146,"line":161},"page_row_actions",195,{"type":96,"name":163,"callback":164,"file":146,"line":165},"manage_media_columns","tumble_columns",196,{"type":143,"name":167,"callback":168,"priority":11,"file":146,"line":169},"manage_media_custom_column","tumble_custom_column",197,{"type":143,"name":171,"callback":172,"file":146,"line":173},"init","tumble_init",200,[],[],[],[],{"dangerousFunctions":179,"sqlUsage":180,"outputEscaping":182,"fileOperations":13,"externalRequests":77,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":184},[],{"prepared":13,"raw":13,"locations":181},[],{"escaped":13,"rawEcho":13,"locations":183},[],[],[],{"summary":187,"deductions":188},"The \"tumble\" plugin v0.2 exhibits a generally strong security posture based on the static analysis provided.  The absence of AJAX handlers, REST API routes, shortcodes, and cron events significantly limits its potential attack surface.  Furthermore, the code signals are positive, with no dangerous functions identified, all SQL queries utilizing prepared statements, and all outputs properly escaped. The lack of file operations and external HTTP requests also reduces risk. The taint analysis showing zero unsanitized paths is a very good indicator of secure coding practices.\n\nHowever, the plugin does make one external HTTP request without any apparent context regarding its security implications or if it's protected by capability checks or nonces. While the vulnerability history is clean, indicating a lack of past issues, this doesn't entirely absolve the plugin of potential future risks, especially concerning that single external HTTP request. The complete absence of nonce and capability checks across all identified entry points (even though there are none in this version) is a notable weakness that could become a concern if the plugin's functionality expands in future versions without proper security controls.\n\nIn conclusion, \"tumble\" v0.2 appears to be a well-coded plugin with minimal direct security risks evident in its current static analysis. The most significant area of potential concern is the single, uncontextualized external HTTP request and the lack of any authentication or authorization checks, which could be exploited if the request's behavior is not inherently secure or if the plugin's functionality evolves. The clean vulnerability history is a positive sign, but vigilance regarding new functionalities and their security implementation is advised.",[189,192,194],{"reason":190,"points":191},"External HTTP request without auth check",5,{"reason":193,"points":191},"No nonce checks implemented",{"reason":195,"points":191},"No capability checks implemented","2026-03-17T01:32:25.202Z",{"wat":198,"direct":203},{"assetPaths":199,"generatorPatterns":200,"scriptPaths":201,"versionParams":202},[],[],[],[],{"cssClasses":204,"htmlComments":206,"htmlAttributes":207,"restEndpoints":208,"jsGlobals":209,"shortcodeOutput":210},[205],"tumble-warning",[],[],[],[],[]]