[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$ftjXN6APEZ0WJWe0XGLNhphdnpoP1S-tGjTuwTGBykp4":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":21,"download_link":22,"security_score":23,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":34,"analysis":35,"fingerprints":74},"woo-quick-assign-sku-images","Quick Assign SKU Images for WooCommerce","1.1.6","extremeidea","https:\u002F\u002Fprofiles.wordpress.org\u002Fextremeidea\u002F","\u003Cp>Looking for a tool to add image bunch for your WooCommerce products? Do not waste your time assigning them one by one. Try Quick Assign Products Images by SKU Plugin – it will help you easy and accurately assign images  to your products by product SKU.\u003C\u002Fp>\n\u003Ch3>Uninstallation\u003C\u002Fh3>\n\u003Cp>To uninstall the plugin:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Log in to control panel as administrator.\u003C\u002Fli>\n\u003Cli>Go to Plugins > Installed plugins > Woo Quick Assign SKU Images.\u003C\u002Fli>\n\u003Cli>Deactivate the plugin.\u003C\u002Fli>\n\u003Cli>Delete the plugin.\u003C\u002Fli>\n\u003C\u002Fol>\n","Looking for a tool to add image bunch for your WooCommerce products? Do not waste your time assigning them one by one. Try Quick Assign Products Image …",40,2133,100,1,"2021-06-14T08:10:00.000Z","5.6.17","4.8","7.1",[20],"add-product-images-in-bulk","http:\u002F\u002Fwww.extreme-idea.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwoo-quick-assign-sku-images.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":13,"avg_security_score":30,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},5,82,30,81,"2026-04-05T14:48:45.357Z",[],{"attackSurface":36,"codeSignals":52,"taintFlows":66,"riskAssessment":67,"analyzedAt":73},{"hooks":37,"ajaxHandlers":48,"restRoutes":49,"shortcodes":50,"cronEvents":51,"entryPointCount":24,"unprotectedCount":24},[38,44],{"type":39,"name":40,"callback":41,"file":42,"line":43},"action","plugins_loaded","init","woo-quick-assign-sku-images.php",33,{"type":39,"name":45,"callback":46,"file":42,"line":47},"admin_menu","adminSettings",63,[],[],[],[],{"dangerousFunctions":53,"sqlUsage":54,"outputEscaping":56,"fileOperations":24,"externalRequests":24,"nonceChecks":24,"capabilityChecks":14,"bundledLibraries":65},[],{"prepared":24,"raw":24,"locations":55},[],{"escaped":24,"rawEcho":57,"locations":58},2,[59,63],{"file":60,"line":61,"context":62},"classes\\View\\AdminPage.php",77,"raw output",{"file":60,"line":64,"context":62},256,[],[],{"summary":68,"deductions":69},"The plugin \"woo-quick-assign-sku-images\" v1.1.6 exhibits a generally positive security posture based on the provided static analysis. It demonstrates strong practices by avoiding dangerous functions, using prepared statements for all SQL queries, and having no known vulnerabilities in its history. The absence of AJAX handlers, REST API routes, shortcodes, cron events, file operations, and external HTTP requests significantly limits its attack surface, which is a major strength.\n\nHowever, a critical concern arises from the output escaping analysis. With two total outputs and 0% properly escaped, this indicates a high risk of Cross-Site Scripting (XSS) vulnerabilities. Any user-supplied data or data that is displayed to the user without proper sanitization and escaping could be manipulated to execute malicious JavaScript. This oversight is significant, even with a limited attack surface, as XSS can lead to session hijacking, defacement, or redirection to malicious sites.\n\nIn conclusion, while the plugin benefits from a small attack surface and good SQL practices, the complete lack of output escaping presents a substantial security risk. This weakness could be exploited to compromise user sessions or inject malicious content. The absence of any reported vulnerabilities in the past is a positive sign, but it does not mitigate the immediate risk posed by the unescaped output.",[70],{"reason":71,"points":72},"0% output escaping",15,"2026-03-16T22:08:58.860Z",{"wat":75,"direct":80},{"assetPaths":76,"generatorPatterns":77,"scriptPaths":78,"versionParams":79},[],[],[],[],{"cssClasses":81,"htmlComments":82,"htmlAttributes":83,"restEndpoints":84,"jsGlobals":85,"shortcodeOutput":86},[],[],[],[],[],[]]