[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fy1yCsWAgWwZqdf1ZFEAsTxBO3er0fmbfk7vlrSo4alQ":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":35,"analysis":136,"fingerprints":521},"ultimate-post-thumbnails","Ultimate Post Thumbnails","2.1","Edward","https:\u002F\u002Fprofiles.wordpress.org\u002Fkamiyeye\u002F","\u003Cp>Seamlessly WordPress integrated multipe featured images plugin, re-designed the Featured Image functionality of WordPress, turns single post thumbnail to a responsive slider of multiple post thumbnails, automatically match theme style, has two built-in lightboxes, comes with a drag-and-drop backend, and no theme modification required!\u003C\u002Fp>\n\u003Cp>Install and ready to use!\u003C\u002Fp>\n\u003Cp>Features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Bring multiple featured images support for WordPress\u003C\u002Fli>\n\u003Cli>Compatible with existent featured image\u003C\u002Fli>\n\u003Cli>Responsive thumbnail slider\u003C\u002Fli>\n\u003Cli>Match theme style\u003C\u002Fli>\n\u003Cli>Thumbnail link control\u003C\u002Fli>\n\u003Cli>Thumbnail open method control\u003C\u002Fli>\n\u003Cli>PrettyPhoto Lightbox\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Features of the premium version:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Unlimited featured images\u003C\u002Fli>\n\u003Cli>Custom post types support\u003C\u002Fli>\n\u003Cli>Custom thumbnail link\u003C\u002Fli>\n\u003Cli>Advanced slider settings\u003C\u002Fli>\n\u003Cli>Built-in slider styles\u003C\u002Fli>\n\u003Cli>Dedicated lightbox\u003C\u002Fli>\n\u003Cli>Lightbox themes\u003C\u002Fli>\n\u003Cli>Smart image size\u003C\u002Fli>\n\u003Cli>Custom Image Ratio\u003C\u002Fli>\n\u003Cli>PhotoSwipe lightbox\u003C\u002Fli>\n\u003Cli>Visual Composer integration\u003C\u002Fli>\n\u003Cli>WooCommerce support\u003C\u002Fli>\n\u003Cli>Fast and professional support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>More information at \u003Ca href=\"http:\u002F\u002Fwww.themenow.com\u002Fplugins\u002Fultimate-post-thumbnails\" rel=\"nofollow ugc\">Offical Site\u003C\u002Fa>.\u003C\u002Fp>\n","The easiest way to add multiple featured images (and lightbox) to WordPress.",10,3013,60,1,"2017-01-15T05:47:00.000Z","4.7.32","4.6","",[20,21,22],"featured-image","multiple-post-thumbnails","responsive","http:\u002F\u002Fwww.themenow.com\u002Fplugins\u002Fultimate-post-thumbnails","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fultimate-post-thumbnails.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":14,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},"kamiyeye",30,84,"2026-04-05T17:34:09.305Z",[36,57,79,97,117],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":46,"num_ratings":47,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":18,"tags":51,"homepage":18,"download_link":56,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"feslider","Feslider – Featured Slider","1.3","Haris","https:\u002F\u002Fprofiles.wordpress.org\u002Fharisrozak\u002F","\u003Cp>FESlider is fast and responsive slider that act like featured image. You can just directly add the slides from your post editor page.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features :\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Fast and responsive slider\u003C\u002Fli>\n\u003Cli>Rich of setting options\u003C\u002Fli>\n\u003Cli>Slide caption\u003C\u002Fli>\n\u003Cli>As easy as featured image\u003C\u002Fli>\n\u003Cli>Ability to replace the featured image\u003C\u002Fli>\n\u003Cli>Enable for all post type\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Usage Instruction\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>After installation, go to your post editor, you will notice a new FESlider metabox\u003C\u002Fli>\n\u003Cli>Add your image(s) for use as slides. You can add multiple images by hold CTRL while select\u002Fclick the images\u003C\u002Fli>\n\u003Cli>Add the slide text if you wish by edit the caption field on the wordpress media library editor\u003C\u002Fli>\n\u003Cli>The slideshow will automatically appears on the top of the post. You can also place the slideshow manually by put the shortcode \u003Ccode>[feslider]\u003C\u002Fcode> on the current post content\u003C\u002Fli>\n\u003Cli>Visit the slideshow settings page by click the settings button on post editor or click the FESlider menu on wordpress admin sidebar\u003C\u002Fli>\n\u003Cli>Slideshow settings values will working on all FESlider slideshow on the site.\u003C\u002Fli>\n\u003C\u002Fol>\n","Image slider that act like featured image, its featured slider!",80,5981,100,5,"2023-02-15T07:09:00.000Z","6.1.10","4.0",[20,52,53,54,55],"featured-slider","featured-slideshow","responsive-slider","single-slider","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffeslider.1.3.zip",{"slug":58,"name":59,"version":60,"author":61,"author_profile":62,"description":63,"short_description":64,"active_installs":44,"downloaded":65,"rating":46,"num_ratings":66,"last_updated":67,"tested_up_to":68,"requires_at_least":69,"requires_php":70,"tags":71,"homepage":77,"download_link":78,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"paj-featured-image-owl-carousel","PAJ Featured Image Owl Carousel \u002F Slider","1.2.1","phillip2532","https:\u002F\u002Fprofiles.wordpress.org\u002Fphillip2532\u002F","\u003Cp>PAJ Featured Image Owl Carousel is an easy to use plugin to display featured images from posts, pages and custom post types as a carousel. It can also be used as a basic slider by setting the number of slides to 1.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fgreenorbwebdesign.co.uk\u002Fpaj-carousel-plugin\u002F\" rel=\"nofollow ugc\">View Documentation and live Demos »\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Plugin Features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Display featured images from posts, pages or custom post types as an Owl carousel.\u003C\u002Fli>\n\u003Cli>Option to display post heading, post excerpt and post author etc.\u003C\u002Fli>\n\u003Cli>Option to choose excerpt length.\u003C\u002Fli>\n\u003Cli>Font size and colour options\u003C\u002Fli>\n\u003Cli>Each slide is a link back to the post or custom post type.\u003C\u002Fli>\n\u003Cli>Select from different categories\u003C\u002Fli>\n\u003Cli>Easy installable\u003C\u002Fli>\n\u003Cli>Fully responsive OWL Carousel.\u003C\u002Fli>\n\u003Cli>Mobile, Tablet touch supported.\u003C\u002Fli>\n\u003Cli>Mouse drag option\u003C\u002Fli>\n\u003Cli>Multiple Carousels on same page with different content.\u003C\u002Fli>\n\u003Cli>Uses SrcSet along with column number to improve google page speed results.\u003C\u002Fli>\n\u003Cli>Use with shortcode or as a Siteorigin widget.\u003C\u002Fli>\n\u003Cli>2 navigation styles\u003C\u002Fli>\n\u003Cli>Image hover or boxed layout\u003C\u002Fli>\n\u003Cli>Options to choose number of slides on desktop, tablet and mobile\u003C\u002Fli>\n\u003Cli>Gap between slides option\u003C\u002Fli>\n\u003Cli>option to make images equal heights\u003C\u002Fli>\n\u003Cli>you can add a title for each carousel\u003C\u002Fli>\n\u003C\u002Ful>\n","Responsive feature image Carousel slider for posts and pages, use with shortcode or SiteOrigin Widgets Bundle by SiteOrigin.",4289,2,"2020-04-06T14:24:00.000Z","5.4.19","4.0.1","5.6",[72,73,74,75,76],"carousel","featured-image-carousel","image","responsive-carousel","siteorigin-widget","https:\u002F\u002Fgreenorbwebdesign.co.uk\u002Fpaj-carousel-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpaj-featured-image-owl-carousel.zip",{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":87,"downloaded":88,"rating":13,"num_ratings":66,"last_updated":89,"tested_up_to":16,"requires_at_least":90,"requires_php":18,"tags":91,"homepage":95,"download_link":96,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"mobile-featured-image","Mobile Featured Image","0.1","ryanshoover","https:\u002F\u002Fprofiles.wordpress.org\u002Fryanshoover\u002F","\u003Cp>Easily display a mobile featured image on your posts and page!\u003C\u002Fp>\n\u003Cp>Up to 70% of website traffic today is on mobile devices. Sometimes WordPress does not quite resize the featured image in the best way. Avoid this and have full control over your featured images on any device with this plugin.\u003C\u002Fp>\n\u003Cp>To add a mobile featured image, simply upload a new image in the meta box right below the WordPress Featured Image called \u003Cem>Mobile Featured Image\u003C\u002Fem>. The new image can be a specifically resized version of your featured image or an entirely new image targeted especially for mobile viewers.\u003C\u002Fp>\n\u003Cp>You can add your mobile featured image without worrying about slowing down your site. The mobile image is added to the \u003Ccode>srcset\u003C\u002Fcode> attribute of your featured image. Vistors’ browsers will automatically download the best image for the size of their screen.\u003C\u002Fp>\n\u003Cp>This plugin works by filtering the \u003Ccode>wp_calculate_image_srcset\u003C\u002Fcode> function and changing the url for all screens under 980w to the mobile featured image. 980w is a reliable breakpoint between the iPhone 6+ and the iPad, two common measures for when a mobile image would be needed.\u003C\u002Fp>\n","Display a mobile featured image",50,3398,"2017-02-04T23:57:00.000Z","4.4",[20,92,22,93,94],"mobile","srcset","thumbnail","https:\u002F\u002Fgithub.com\u002Fdrunken-coding\u002Fmobile-featured-image","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmobile-featured-image.zip",{"slug":98,"name":99,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":11,"downloaded":105,"rating":46,"num_ratings":66,"last_updated":106,"tested_up_to":107,"requires_at_least":108,"requires_php":18,"tags":109,"homepage":115,"download_link":116,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"news-in-pictures","Go News In Pictures","1.0","goresponsive","https:\u002F\u002Fprofiles.wordpress.org\u002Fgoresponsive\u002F","\u003Cp>This widget shows you latest posts featured images in a tiled fashion. It is responsive. You can select the category name you want to display images from. Try it out, it is cool.\u003C\u002Fp>\n\u003Cp>Demo: http:\u002F\u002Fonion.goresponsive.in\u002F\u003C\u002Fp>\n\u003Cp>\u003Cstrong>documentation\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>http:\u002F\u002Fgoresponsive.in\u002Fnews-in-pictures-widget\u002F\u003C\u002Fp>\n","Plugin for viewing best news photos, news pictures online",3696,"2014-08-09T07:44:00.000Z","3.9.40","3.0",[110,111,112,113,114],"featured-images","latest-featured-images","new-in-pictures-widget","news-in-images","responsive-featured-images-widget","http:\u002F\u002Fgoresponsive.in","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnews-in-pictures.zip",{"slug":118,"name":119,"version":120,"author":121,"author_profile":122,"description":123,"short_description":124,"active_installs":11,"downloaded":125,"rating":26,"num_ratings":26,"last_updated":126,"tested_up_to":127,"requires_at_least":128,"requires_php":129,"tags":130,"homepage":18,"download_link":135,"security_score":25,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"rg-responsive-gallery","RG Responsive Gallery","1.6","WP-EXPERTS.IN","https:\u002F\u002Fprofiles.wordpress.org\u002Findia-web-developer\u002F","\u003Cp>It’s the very simple image gallery plugin. With this plugin we have provided admin control panel of gallery, where admin can manage all settings in a very easy way.\u003C\u002Fp>\n\u003Cp>In this plugin we are providing one important feature i.e “Post Featured Image Slider”. If you want to display post featured images of any custom post type as slider then don’t worry, we are providing a shortcode to display the post featrued images as slider.\u003C\u002Fp>\n\u003Cp>Video Tutorial :\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FI9UDBU2E4Qk?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Responsive gallery\u003C\u002Fli>\n\u003Cli>Shortcode\u003C\u002Fli>\n\u003Cli>Featured Image gallery for all custom post type\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Shortcode\u003C\u002Fh4>\n\u003Ch3>[rr_gallery slider_slug=”ENTER SLIDER SLUG”]\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Using this shortcode we can add slider on any page\u002Fpost.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>[rr_post_thumb_gallery category=”ENTER POST CATEGORY SLUG” taxonomy=”Enter custom taxonomy type” post_type=”Enter custom post type”]\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Using this shortcode we can display any tpye of posts featured image as slider.\u003C\u002Fli>\n\u003C\u002Ful>\n","Add a simple and light weighted image gallery. Featured image slider",2159,"2021-04-20T17:10:00.000Z","5.7.15","5.0","5.3",[20,131,132,133,134],"featured-image-sldier","image-gallery","responsive-gallery","wordpress-slider","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frg-responsive-gallery.zip",{"attackSurface":137,"codeSignals":318,"taintFlows":428,"riskAssessment":505,"analyzedAt":520},{"hooks":138,"ajaxHandlers":302,"restRoutes":311,"shortcodes":312,"cronEvents":316,"entryPointCount":317,"unprotectedCount":14},[139,145,148,153,156,159,162,165,170,173,176,179,181,184,189,194,197,200,205,209,213,215,218,222,225,229,233,237,241,245,247,250,256,261,264,268,272,275,277,281,284,286,288,292,295,299],{"type":140,"name":141,"callback":142,"file":143,"line":144},"filter","upt_metabox_options","upt_image_ratio_options","addons.php",33,{"type":140,"name":141,"callback":146,"file":143,"line":147},"upt_image_filter_option",78,{"type":149,"name":150,"callback":150,"file":151,"line":152},"action","admin_menu","baseadmin\\class.baseadmin.php",47,{"type":140,"name":154,"callback":155,"file":151,"line":46},"media_view_strings","media_uploader_strings",{"type":149,"name":157,"callback":157,"file":151,"line":158},"admin_enqueue_scripts",101,{"type":149,"name":157,"callback":160,"file":151,"line":161},"anonymous",105,{"type":149,"name":163,"callback":160,"file":151,"line":164},"admin_head",108,{"type":149,"name":166,"callback":167,"file":168,"line":169},"save_post","flush_cache","common\\classes\\class.cache.php",11,{"type":149,"name":171,"callback":167,"file":168,"line":172},"deleted_post",12,{"type":149,"name":174,"callback":167,"file":168,"line":175},"switch_theme",13,{"type":149,"name":166,"callback":166,"file":177,"line":178},"common\\classes\\class.meta_box.php",49,{"type":149,"name":157,"callback":180,"file":177,"line":87},"add_admin_script",{"type":149,"name":182,"callback":182,"file":177,"line":183},"add_meta_boxes",59,{"type":140,"name":185,"callback":186,"priority":47,"file":187,"line":188},"style_loader_tag","tn_fix_less_type","common\\helper.php",426,{"type":149,"name":190,"callback":191,"priority":26,"file":192,"line":193},"wp_enqueue_scripts","tn_register_scripts","common\\init.php",20,{"type":149,"name":157,"callback":195,"file":192,"line":196},"tn_register_adm_scripts",46,{"type":149,"name":157,"callback":198,"file":192,"line":199},"tn_admin_script",66,{"type":140,"name":201,"callback":202,"priority":11,"file":203,"line":204},"editor_max_image_size","upt_bypass_content_width","functions.php",651,{"type":149,"name":206,"callback":206,"file":207,"line":208},"init","inc\\fly-dynamic-image-resizer.php",37,{"type":140,"name":210,"callback":211,"priority":11,"file":207,"line":212},"media_row_actions","media_row_action",45,{"type":149,"name":214,"callback":214,"file":207,"line":196},"delete_attachment",{"type":149,"name":157,"callback":216,"file":217,"line":196},"load_script","inc\\notice-dismissal\\persist-admin-notices-dismissal.php",{"type":140,"name":219,"callback":220,"file":221,"line":172},"upt_settings_general","upt_prettyphoto_settings","inc\\prettyphoto\\prettyphoto.php",{"type":140,"name":141,"callback":223,"file":221,"line":224},"upt_prettyphoto_metabox_options",40,{"type":149,"name":190,"callback":226,"priority":227,"file":221,"line":228},"upt_lightbox_script",9999,87,{"type":140,"name":230,"callback":231,"file":221,"line":232},"upt_slider_atts","upt_link_attr_lightbox",120,{"type":140,"name":234,"callback":235,"priority":11,"file":221,"line":236},"upt_post_thumbnail_link_atts","upt_attr_lightbox",127,{"type":149,"name":157,"callback":238,"priority":227,"file":239,"line":240},"upt_welcome_screen_style","inc\\welcome.php",6,{"type":149,"name":242,"callback":243,"file":239,"line":244},"admin_init","upt_welcome_screen_do_activation_redirect",34,{"type":149,"name":150,"callback":246,"file":239,"line":183},"upt_welcome_screen_pages",{"type":149,"name":163,"callback":248,"file":239,"line":249},"upt_welcome_screen_remove_menus",75,{"type":140,"name":251,"callback":252,"priority":253,"file":254,"line":255},"admin_post_thumbnail_html","upt_admin_post_thumbnail_html",1000,"metabox-post-thumbnails.php",148,{"type":149,"name":257,"callback":258,"priority":26,"file":259,"line":260},"after_setup_theme","tn_common_files","register.php",23,{"type":149,"name":257,"callback":206,"file":262,"line":263},"shortcode\\shortcode.thumbslider.php",18,{"type":140,"name":265,"callback":266,"file":262,"line":267},"mce_external_plugins","reg_editor_plugins",26,{"type":140,"name":269,"callback":270,"file":262,"line":271},"mce_buttons_2","reg_editor_btns",27,{"type":149,"name":206,"callback":273,"priority":227,"file":274,"line":32},"upt_init","ultimate-post-thumbnails.php",{"type":149,"name":242,"callback":206,"file":274,"line":276},54,{"type":149,"name":278,"callback":279,"file":274,"line":280},"admin_notices","upt_2_clear_cache_notice",55,{"type":149,"name":157,"callback":282,"file":274,"line":283},"upt_admin_enqueue_scripts",57,{"type":149,"name":190,"callback":285,"priority":227,"file":274,"line":199},"upt_enqueue_scripts",{"type":149,"name":157,"callback":287,"priority":227,"file":274,"line":44},"upt_admin_scripts",{"type":149,"name":289,"callback":290,"file":274,"line":291},"wp_head","upt_print_styles",88,{"type":140,"name":293,"callback":294,"priority":227,"file":274,"line":164},"wp_get_attachment_image_attributes","upt_remove_img_class",{"type":140,"name":296,"callback":297,"priority":11,"file":274,"line":298},"post_thumbnail_html","upt_post_thumbnail_html",135,{"type":140,"name":234,"callback":300,"priority":11,"file":274,"line":301},"upt_single_thumbnail_link_attr",151,[303,307],{"action":304,"nopriv":305,"callback":304,"hasNonce":306,"hasCapCheck":305,"file":217,"line":152},"dismiss_admin_notice",false,true,{"action":308,"nopriv":305,"callback":309,"hasNonce":305,"hasCapCheck":305,"file":262,"line":310},"upt_shortcode_panel","show_shortcode_panel",19,[],[313],{"tag":314,"callback":315,"file":262,"line":193},"upt_slider","execute",[],3,{"dangerousFunctions":319,"sqlUsage":324,"outputEscaping":326,"fileOperations":47,"externalRequests":26,"nonceChecks":47,"capabilityChecks":47,"bundledLibraries":420},[320],{"fn":321,"file":187,"line":322,"context":323},"unserialize",281,"$child_array = unserialize($child_array);",{"prepared":26,"raw":26,"locations":325},[],{"escaped":327,"rawEcho":87,"locations":328},39,[329,332,333,334,335,337,339,341,343,345,347,349,351,353,354,355,357,359,362,364,366,368,370,372,374,376,378,380,382,385,386,387,389,391,392,394,396,398,400,401,402,404,405,407,409,411,412,414,416,418],{"file":330,"line":260,"context":331},"baseadmin\\admin-page.php","raw output",{"file":330,"line":208,"context":331},{"file":330,"line":327,"context":331},{"file":177,"line":33,"context":331},{"file":177,"line":336,"context":331},86,{"file":177,"line":338,"context":331},164,{"file":177,"line":340,"context":331},181,{"file":177,"line":342,"context":331},182,{"file":177,"line":344,"context":331},183,{"file":177,"line":346,"context":331},186,{"file":177,"line":348,"context":331},187,{"file":177,"line":350,"context":331},188,{"file":177,"line":352,"context":331},191,{"file":177,"line":352,"context":331},{"file":177,"line":352,"context":331},{"file":177,"line":356,"context":331},200,{"file":177,"line":358,"context":331},210,{"file":360,"line":361,"context":331},"common\\classes\\class.option_table.php",136,{"file":360,"line":363,"context":331},138,{"file":360,"line":365,"context":331},140,{"file":360,"line":367,"context":331},142,{"file":360,"line":369,"context":331},144,{"file":187,"line":371,"context":331},232,{"file":187,"line":373,"context":331},479,{"file":187,"line":375,"context":331},488,{"file":187,"line":377,"context":331},492,{"file":187,"line":379,"context":331},494,{"file":187,"line":381,"context":331},503,{"file":383,"line":384,"context":331},"common\\template-admin.php",8,{"file":383,"line":175,"context":331},{"file":383,"line":263,"context":331},{"file":383,"line":388,"context":331},28,{"file":383,"line":390,"context":331},35,{"file":383,"line":224,"context":331},{"file":203,"line":393,"context":331},297,{"file":207,"line":395,"context":331},110,{"file":207,"line":397,"context":331},123,{"file":399,"line":193,"context":331},"inc\\welcome-content.php",{"file":399,"line":267,"context":331},{"file":399,"line":32,"context":331},{"file":254,"line":403,"context":331},198,{"file":254,"line":403,"context":331},{"file":254,"line":406,"context":331},207,{"file":408,"line":267,"context":331},"template-tags.php",{"file":408,"line":410,"context":331},31,{"file":408,"line":208,"context":331},{"file":408,"line":413,"context":331},52,{"file":415,"line":260,"context":331},"template-thumbnail-slider.php",{"file":415,"line":417,"context":331},38,{"file":274,"line":419,"context":331},94,[421,424],{"name":422,"version":27,"knownCves":423},"Select2",[],{"name":425,"version":426,"knownCves":427},"jQuery","1.10.2",[],[429,447,481,497],{"entryPoint":430,"graph":431,"unsanitizedCount":26,"severity":446},"\u003Cclass.meta_box> (common\\classes\\class.meta_box.php:0)",{"nodes":432,"edges":444},[433,438],{"id":434,"type":435,"label":436,"file":177,"line":437},"n0","source","$_POST",299,{"id":439,"type":440,"label":441,"file":177,"line":442,"wp_function":443},"n1","sink","call_user_func() [RCE]",314,"call_user_func",[445],{"from":434,"to":439,"sanitized":306},"low",{"entryPoint":448,"graph":449,"unsanitizedCount":14,"severity":480},"save_admin (admin\\class.admin_page.php:10)",{"nodes":450,"edges":475},[451,454,458,462,466,468,472],{"id":434,"type":435,"label":436,"file":452,"line":453},"admin\\class.admin_page.php",22,{"id":439,"type":440,"label":455,"file":452,"line":456,"wp_function":457},"update_option() [Settings Manipulation]",24,"update_option",{"id":459,"type":435,"label":460,"file":452,"line":461},"n2","$_GET['page']",25,{"id":463,"type":440,"label":464,"file":452,"line":461,"wp_function":465},"n3","header() [Header Injection]","header",{"id":467,"type":435,"label":436,"file":452,"line":453},"n4",{"id":469,"type":470,"label":471,"file":452,"line":453},"n5","transform","→ sanitize_saving()",{"id":473,"type":440,"label":441,"file":151,"line":474,"wp_function":443},"n6",170,[476,477,478,479],{"from":434,"to":439,"sanitized":306},{"from":459,"to":463,"sanitized":306},{"from":467,"to":469,"sanitized":305},{"from":469,"to":473,"sanitized":305},"high",{"entryPoint":482,"graph":483,"unsanitizedCount":14,"severity":480},"\u003Cclass.admin_page> (admin\\class.admin_page.php:0)",{"nodes":484,"edges":492},[485,486,487,488,489,490,491],{"id":434,"type":435,"label":436,"file":452,"line":453},{"id":439,"type":440,"label":455,"file":452,"line":456,"wp_function":457},{"id":459,"type":435,"label":460,"file":452,"line":461},{"id":463,"type":440,"label":464,"file":452,"line":461,"wp_function":465},{"id":467,"type":435,"label":436,"file":452,"line":453},{"id":469,"type":470,"label":471,"file":452,"line":453},{"id":473,"type":440,"label":441,"file":151,"line":474,"wp_function":443},[493,494,495,496],{"from":434,"to":439,"sanitized":306},{"from":459,"to":463,"sanitized":306},{"from":467,"to":469,"sanitized":305},{"from":469,"to":473,"sanitized":305},{"entryPoint":498,"graph":499,"unsanitizedCount":14,"severity":480},"update_options (common\\classes\\class.meta_box.php:281)",{"nodes":500,"edges":503},[501,502],{"id":434,"type":435,"label":436,"file":177,"line":437},{"id":439,"type":440,"label":441,"file":177,"line":442,"wp_function":443},[504],{"from":434,"to":439,"sanitized":305},{"summary":506,"deductions":507},"The plugin \"ultimate-post-thumbnails\" v2.1 exhibits a mixed security posture. On the positive side, it has no known historical vulnerabilities and utilizes prepared statements for all SQL queries, indicating good practices in database interaction. The presence of nonce and capability checks for most entry points also suggests an awareness of common WordPress security measures.\n\nHowever, the static analysis reveals significant concerns. The plugin has an unprotected AJAX handler, representing a direct attack surface that could be exploited if not properly secured. The taint analysis identifies three high-severity flows with unsanitized paths, which are particularly alarming as they suggest potential for attackers to manipulate data leading to vulnerabilities like arbitrary file read\u002Fwrite or cross-site scripting (XSS) if combined with other weaknesses. The use of the `unserialize` function is also a known risk, especially if the serialized data originates from an untrusted source or can be manipulated.\n\nGiven the lack of historical vulnerabilities, it's difficult to definitively assess the plugin's long-term security track record. However, the current analysis highlights immediate risks that need addressing. The presence of high-severity taint flows and an unprotected AJAX endpoint are critical issues that outweigh the good practices observed. Therefore, while the plugin demonstrates some secure coding habits, the identified risks necessitate caution and remediation.",[508,511,514,516,518],{"reason":509,"points":510},"Unprotected AJAX handler",7,{"reason":512,"points":513},"3 High severity unsanitized taint flows",15,{"reason":515,"points":510},"Dangerous unserialize function used",{"reason":517,"points":240},"44% of outputs improperly escaped",{"reason":519,"points":317},"Bundled outdated jQuery v1.10.2","2026-03-17T01:01:28.013Z",{"wat":522,"direct":541},{"assetPaths":523,"generatorPatterns":531,"scriptPaths":532,"versionParams":533},[524,525,526,527,528,529,530],"\u002Fwp-content\u002Fplugins\u002Fultimate-post-thumbnails\u002Fcss\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Fultimate-post-thumbnails\u002Fcss\u002Ffront.css","\u002Fwp-content\u002Fplugins\u002Fultimate-post-thumbnails\u002Fjs\u002Fadmin.js","\u002Fwp-content\u002Fplugins\u002Fultimate-post-thumbnails\u002Fjs\u002Fadmin.add-featured-image.js","\u002Fwp-content\u002Fplugins\u002Fultimate-post-thumbnails\u002Fjs\u002Ffront.js","\u002Fwp-content\u002Fplugins\u002Fultimate-post-thumbnails\u002Fjs\u002Fimagesloaded.pkgd.min.js","\u002Fwp-content\u002Fplugins\u002Fultimate-post-thumbnails\u002Fjs\u002Fjquery.flexslider.manualDirectionControls.js",[],[526,527,528,529,530],[534,535,536,537,538,539,540],"ultimate-post-thumbnails\u002Fcss\u002Fadmin.css?ver=","ultimate-post-thumbnails\u002Fcss\u002Ffront.css?ver=","ultimate-post-thumbnails\u002Fjs\u002Fadmin.js?ver=","ultimate-post-thumbnails\u002Fjs\u002Fadmin.add-featured-image.js?ver=","ultimate-post-thumbnails\u002Fjs\u002Ffront.js?ver=","ultimate-post-thumbnails\u002Fjs\u002Fimagesloaded.pkgd.min.js?ver=","ultimate-post-thumbnails\u002Fjs\u002Fjquery.flexslider.manualDirectionControls.js?ver=",{"cssClasses":542,"htmlComments":545,"htmlAttributes":546,"restEndpoints":548,"jsGlobals":549,"shortcodeOutput":551},[543,544],"upt-image","upt-link-single",[],[547],"data-dismissible=\"upt-notice-clear-cache\"",[],[550],"window.UPT_VERSION",[]]