[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fKVWIxcTZHZmQ9sm7F4ADHJCKUVpVpnDD7rY4s76TIl4":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":47,"crawl_stats":36,"alternatives":54,"analysis":160,"fingerprints":249},"wp-extra-file-types","WP Extra File Types","0.5.2","davide.airaghi","https:\u002F\u002Fprofiles.wordpress.org\u002Fdavideairaghi\u002F","\u003Cp>This plugin let you add file types to the default list of file extensions\u003Cbr \u002F>\nsupported by the Media Library upload procedure.\u003C\u002Fp>\n","Plugin to let you extend the list of allowed file types supported by the Wordpress Media Library",50000,345656,68,39,"2023-10-28T18:29:00.000Z","6.3.8","4.0","",[20,21,22],"file-type","media-library","upload","http:\u002F\u002Fwww.airaghi.net\u002Fen\u002F2015\u002F01\u002F02\u002Fwordpress-custom-mime-types\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-extra-file-types.0.5.2.zip",84,1,0,"2021-12-27 00:00:00","2026-03-15T15:16:48.613Z",[31],{"id":32,"url_slug":33,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":38,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":28,"updated_date":43,"references":44,"days_to_patch":46},"CVE-2021-24936","wp-extra-file-types-cross-site-request-forgery-to-stored-cross-site-scripting","WP Extra File Types \u003C= 0.5 - Cross-Site Request Forgery to Stored Cross-Site Scripting","The WP Extra File Types WordPress plugin before 0.5.1 does not have CSRF check when saving its settings, nor sanitise and escape some of them, which could allow attackers to make a logged in admin change them and perform Cross-Site Scripting attacks",null,"\u003C=0.5","0.5.1","high",8.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Cross-Site Request Forgery (CSRF)","2024-01-22 19:56:02",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fae397949-12d2-4323-871e-4fd4f14f35c6?source=api-prod",757,{"slug":48,"display_name":7,"profile_url":8,"plugin_count":49,"total_installs":50,"avg_security_score":51,"avg_patch_time_days":46,"trust_score":52,"computed_at":53},"davideairaghi",4,51350,85,69,"2026-04-04T05:25:32.881Z",[55,77,99,119,140],{"slug":56,"name":57,"version":58,"author":59,"author_profile":60,"description":61,"short_description":62,"active_installs":63,"downloaded":64,"rating":65,"num_ratings":66,"last_updated":67,"tested_up_to":68,"requires_at_least":69,"requires_php":70,"tags":71,"homepage":74,"download_link":75,"security_score":76,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"mime-types-plus","Mime Types Plus","2.05","Katsushi Kawamori","https:\u002F\u002Fprofiles.wordpress.org\u002Fkatsushi-kawamori\u002F","\u003Ch4>Edit Mime Type\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Add Mime Type\u003C\u002Fli>\n\u003Cli>Remove Mime Type\u003C\u002Fli>\n\u003Cli>Change File Type\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Edit Users\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Specify uploadable extensions for each user\u003C\u002Fli>\n\u003Cli>Specify non-uploadable extensions for each user\u003C\u002Fli>\n\u003C\u002Ful>\n","Add the mime type that can be used in the media library to each file type.",10000,85682,76,10,"2025-11-25T21:57:00.000Z","6.9.4","4.7","8.0",[20,72,21,73],"filename-extention","mime-types","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmime-types-plus\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmime-types-plus.2.05.zip",100,{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":85,"downloaded":86,"rating":87,"num_ratings":49,"last_updated":88,"tested_up_to":68,"requires_at_least":89,"requires_php":70,"tags":90,"homepage":95,"download_link":96,"security_score":97,"vuln_count":26,"unpatched_count":27,"last_vuln_date":98,"fetched_at":29},"smart-auto-upload-images","Smart Auto Upload Images – Import External Images","1.2.3","Burhan Nasir","https:\u002F\u002Fprofiles.wordpress.org\u002Fburhandodhy\u002F","\u003Cp>Smart Auto Upload Images automatically imports external images from your post content into your WordPress media library. When you save or update a post, the plugin detects any external image URLs, downloads them to your server, and replaces the original URLs with your hosted versions. This improves site performance, ensures image availability, and gives you complete control over your content.\u003C\u002Fp>\n\u003Ch3>Why Auto Upload Images to Your Media Library?\u003C\u002Fh3>\n\u003Cp>When you copy content from external sources or use remote images, you risk broken images when the original source removes them. Hosting images on your own server provides several benefits:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Better SEO performance\u003C\u002Fstrong> – Search engines favor self-hosted images\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Faster page load times\u003C\u002Fstrong> – Eliminates external HTTP requests\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Full content control\u003C\u002Fstrong> – Images remain available even if sources go offline\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>How Auto Upload Images Works\u003C\u002Fh3>\n\u003Cp>The plugin runs automatically whenever you save or update a post. Here’s the process:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Scans post content for external image URLs (any image not hosted on your domain)\u003C\u002Fli>\n\u003Cli>Downloads each external image to a temporary location\u003C\u002Fli>\n\u003Cli>Validates image file integrity and format\u003C\u002Fli>\n\u003Cli>Uploads valid images to your WordPress media library\u003C\u002Fli>\n\u003Cli>Replaces original external URLs with new local URLs\u003C\u002Fli>\n\u003Cli>Attaches imported images to your post in the media library\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>No manual intervention required. Just write your content and let the plugin handle the rest.\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Ch3>Automatic External Image Detection\u003C\u002Fh3>\n\u003Cp>The plugin automatically identifies external images in your post content when you save. It distinguishes between local images (already hosted on your site) and external images that need importing.\u003C\u002Fp>\n\u003Ch3>Smart URL Replacement\u003C\u002Fh3>\n\u003Cp>After importing images, the plugin intelligently replaces all instances of the external URL with your new local URL. This works with images in:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Post content (Classic Editor and Gutenberg blocks)\u003C\u002Fli>\n\u003Cli>Image galleries\u003C\u002Fli>\n\u003Cli>Featured images\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Media Library Integration\u003C\u002Fh3>\n\u003Cp>All imported images are added to your WordPress media library with proper metadata. You can:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Edit images using WordPress image editor\u003C\u002Fli>\n\u003Cli>View which post each image is attached to\u003C\u002Fli>\n\u003Cli>Set custom alt text during import\u003C\u002Fli>\n\u003Cli>Apply your site’s image optimization settings\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Flexible Domain Exclusions\u003C\u002Fh3>\n\u003Cp>Exclude specific domains from auto-import. Useful for:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>CDN-hosted images you want to keep external\u003C\u002Fli>\n\u003Cli>Partner websites where you have permission to hotlink\u003C\u002Fli>\n\u003Cli>Your own secondary domains\u003C\u002Fli>\n\u003Cli>Social media embeds you want to keep as external\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Custom Post Type Control\u003C\u002Fh3>\n\u003Cp>Choose which post types trigger auto-upload. Enable for:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Posts and pages (default)\u003C\u002Fli>\n\u003Cli>WooCommerce products\u003C\u002Fli>\n\u003Cli>Custom portfolio post types\u003C\u002Fli>\n\u003Cli>Documentation posts\u003C\u002Fli>\n\u003Cli>Or disable for specific types you want to skip\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Advanced File Naming Patterns\u003C\u002Fh3>\n\u003Cp>Set custom file naming patterns for imported images using dynamic tags:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>%filename%\u003C\u002Fcode> – Original filename\u003C\u002Fli>\n\u003Cli>\u003Ccode>%post_title%\u003C\u002Fcode> – Current post title\u003C\u002Fli>\n\u003Cli>\u003Ccode>%post_id%\u003C\u002Fcode> – Post ID\u003C\u002Fli>\n\u003Cli>\u003Ccode>%image_title%\u003C\u002Fcode> – Image title attribute\u003C\u002Fli>\n\u003Cli>\u003Ccode>%date%\u003C\u002Fcode> – Current date\u003C\u002Fli>\n\u003Cli>\u003Ccode>%time%\u003C\u002Fcode> – Current timestamp\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Example: \u003Ccode>%post_title%-%filename%\u003C\u002Fcode> becomes \u003Ccode>my-blog-post-example-image.jpg\u003C\u002Fcode>\u003C\u002Fp>\n\u003Ch3>Custom Alt Text Patterns\u003C\u002Fh3>\n\u003Cp>Define alt text patterns for better SEO:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>%post_title%\u003C\u002Fcode> – Use post title in alt text\u003C\u002Fli>\n\u003Cli>\u003Ccode>%filename%\u003C\u002Fcode> – Use filename as alt text\u003C\u002Fli>\n\u003Cli>Custom text – Set consistent alt text across imports\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Image Size Constraints\u003C\u002Fh3>\n\u003Cp>Set maximum width and height for imported images to:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Control storage usage\u003C\u002Fli>\n\u003Cli>Maintain consistent image sizes\u003C\u002Fli>\n\u003Cli>Automatically resize oversized images\u003C\u002Fli>\n\u003Cli>Prevent huge images from slowing your site\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Featured Image from URL\u003C\u002Fh3>\n\u003Cp>Set a post’s featured image using an external URL. The plugin will:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Download the image from the URL\u003C\u002Fli>\n\u003Cli>Import it to your media library\u003C\u002Fli>\n\u003Cli>Set it as the post’s featured image\u003C\u002Fli>\n\u003Cli>Work via REST API or post editor\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>How to Import External Images from Posts\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Install and activate Auto Upload Images\u003C\u002Fli>\n\u003Cli>Go to Settings \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Auto Upload Images\u003C\u002Fli>\n\u003Cli>Configure your preferences (or use defaults)\u003C\u002Fli>\n\u003Cli>Create or edit any post with external images\u003C\u002Fli>\n\u003Cli>Click Save or Update – images import automatically\u003C\u002Fli>\n\u003Cli>Check your Media Library to see imported images\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>How to Exclude Specific Domains\u003C\u002Fh3>\n\u003Cp>If you want to prevent images from certain domains from being imported:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Go to Settings \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Auto Upload Images\u003C\u002Fli>\n\u003Cli>Find the “Excluded Domains” section\u003C\u002Fli>\n\u003Cli>Enter domains one per line (e.g., cdn.example.com)\u003C\u002Fli>\n\u003Cli>Save settings\u003C\u002Fli>\n\u003Cli>Images from excluded domains will be left as external URLs\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>How to Set Custom File Names for Imported Images\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Navigate to Settings \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Auto Upload Images\u003C\u002Fli>\n\u003Cli>Find “File Name Pattern” setting\u003C\u002Fli>\n\u003Cli>Enter your pattern using available tags:\n\u003Cul>\n\u003Cli>Example: \u003Ccode>%post_title%-%filename%\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Example: \u003Ccode>imported-%date%-%filename%\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Save settings\u003C\u002Fli>\n\u003Cli>New imports will use your naming pattern\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>This helps organize your media library and improves SEO with descriptive file names.\u003C\u002Fp>\n\u003Ch3>How to Set Featured Image via URL\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Using the Post Editor:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>Edit your post\u003C\u002Fli>\n\u003Cli>Find the Featured Image section in the sidebar\u003C\u002Fli>\n\u003Cli>Enter the external image URL in the “Set from URL” field\u003C\u002Fli>\n\u003Cli>The image imports automatically and sets as featured image\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Integration with Page Builders\u003C\u002Fh3>\n\u003Cp>Auto Upload Images works with popular page builders:\u003C\u002Fp>\n\u003Ch3>Gutenberg Block Editor\u003C\u002Fh3>\n\u003Cp>All images in Gutenberg blocks are automatically detected and imported when you save the post.\u003C\u002Fp>\n\u003Ch3>Classic Editor\u003C\u002Fh3>\n\u003Cp>External images in Classic Editor content are imported on post save.\u003C\u002Fp>\n\u003Ch3>WooCommerce\u003C\u002Fh3>\n\u003Cp>Enable auto-import for Product post type to automatically import external product images.\u003C\u002Fp>\n\u003Ch3>Custom Post Types\u003C\u002Fh3>\n\u003Cp>Configure any custom post type to trigger auto-import functionality.\u003C\u002Fp>\n\u003Cp>Just ensure Auto Upload Images is active when running imports.\u003C\u002Fp>\n\u003Ch3>Performance and Storage Considerations\u003C\u002Fh3>\n\u003Ch3>Server Storage\u003C\u002Fh3>\n\u003Cp>Imported images consume server storage. Monitor your hosting plan’s disk space if importing large quantities of images.\u003C\u002Fp>\n\u003Ch3>Import Speed\u003C\u002Fh3>\n\u003Cp>Import time depends on:\u003Cbr \u002F>\n* Image file sizes\u003Cbr \u002F>\n* Your server’s download speed\u003Cbr \u002F>\n* Number of images per post\u003Cbr \u002F>\n* Configured maximum dimensions\u003C\u002Fp>\n\u003Ch3>Optimization Tips\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Set maximum width\u002Fheight to reduce storage\u003C\u002Fli>\n\u003Cli>Use an image optimization plugin after import\u003C\u002Fli>\n\u003Cli>Exclude domains hosting very large images\u003C\u002Fli>\n\u003Cli>Test with small batches before bulk imports\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Developer Features\u003C\u002Fh3>\n\u003Ch3>Filter: smart_aui_validate_image_url\u003C\u002Fh3>\n\u003Cp>Programmatically control which image URLs get imported.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>`\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>add_filter( ‘smart_aui_validate_image_url’, function( $is_valid, $url ) {\u003Cbr \u002F>\n    \u002F\u002F Skip images from specific paths\u003Cbr \u002F>\n    if ( strpos( $url, ‘\u002Fcdn\u002Favatars\u002F’ ) !== false ) {\u003Cbr \u002F>\n        return false;\u003Cbr \u002F>\n    }\u003Cbr \u002F>\n    return $is_valid;\u003Cbr \u002F>\n}, 10, 2 );\u003Cbr \u002F>\n    `\u003C\u002Fp>\n\u003Ch3>Additional Hooks\u003C\u002Fh3>\n\u003Cp>Check plugin documentation for additional filters and actions to customize behavior.\u003C\u002Fp>\n\u003Ch3>Troubleshooting\u003C\u002Fh3>\n\u003Ch3>Images Not Importing\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Problem:\u003C\u002Fstrong> External images remain unchanged after saving post\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Solutions:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Check if domain is in excluded domains list\u003Cbr \u002F>\n* Verify your server can make external HTTP requests\u003Cbr \u002F>\n* Check WordPress debug log for errors\u003Cbr \u002F>\n* Ensure PHP has necessary image processing libraries\u003Cbr \u002F>\n* Verify write permissions on uploads directory\u003C\u002Fp>\n\u003Ch3>Import Errors in Debug Log\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Problem:\u003C\u002Fstrong> Seeing errors in wp-content\u002Fdebug.log\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Solutions:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Check image URL is publicly accessible\u003Cbr \u002F>\n* Verify image format is supported (JPG, PNG, GIF, WebP)\u003Cbr \u002F>\n* Ensure external server allows download\u002Fhotlinking\u003Cbr \u002F>\n* Check SSL certificate validity if using HTTPS images\u003C\u002Fp>\n\u003Ch3>Images Upload but URLs Not Replaced\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Problem:\u003C\u002Fstrong> Images added to media library but old URLs remain\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Solutions:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Clear any caching plugins\u003Cbr \u002F>\n* Check post content in Text\u002FHTML mode\u003Cbr \u002F>\n* Verify images aren’t in excluded domain list\u003Cbr \u002F>\n* Review file naming pattern doesn’t cause conflicts\u003C\u002Fp>\n\u003Ch3>Duplicate Images in Media Library\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Problem:\u003C\u002Fstrong> Same image imported multiple times\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Solutions:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Plugin should detect and reuse existing images (v1.2.0+)\u003Cbr \u002F>\n* Check if images have different URLs but same file\u003Cbr \u002F>\n* Clear media library of duplicates and re-save post\u003C\u002Fp>\n\u003Ch3>Featured Image Not Setting from URL\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Problem:\u003C\u002Fstrong> Featured image URL not importing\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Solutions:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Verify URL is publicly accessible\u003Cbr \u002F>\n* Check image format is supported\u003Cbr \u002F>\n* Ensure PHP memory limit is sufficient\u003Cbr \u002F>\n* Review error logs for specific error messages\u003C\u002Fp>\n\u003Ch3>Maximum Width\u002FHeight Not Applied\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Problem:\u003C\u002Fstrong> Images exceed configured dimensions\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Solutions:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Ensure GD or ImageMagick is installed on server\u003Cbr \u002F>\n* Check PHP memory limit allows image processing\u003Cbr \u002F>\n* Verify dimensions are set in plugin settings\u003Cbr \u002F>\n* Test with smaller images first\u003C\u002Fp>\n","Import external images automatically on save. Adds to media library and updates URLs. No manual downloads. Works with any post type.",2000,9668,80,"2026-01-31T07:43:00.000Z","6.2",[91,92,93,21,94],"auto-upload","external-images","import-images","seo","https:\u002F\u002Fburhandodhy.me","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsmart-auto-upload-images.1.2.3.zip",97,"2025-11-07 00:00:00",{"slug":100,"name":101,"version":102,"author":103,"author_profile":104,"description":105,"short_description":106,"active_installs":107,"downloaded":108,"rating":13,"num_ratings":109,"last_updated":110,"tested_up_to":111,"requires_at_least":112,"requires_php":18,"tags":113,"homepage":18,"download_link":118,"security_score":76,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"overwrite-uploads","Overwrite Uploads","1.2.2","Ian Dunn","https:\u002F\u002Fprofiles.wordpress.org\u002Fiandunn\u002F","\u003Cp>By default WordPress doesn’t overwrite an existing file if you upload a new one with the same name and directory. Instead, it appends a number to the end of the filename in order to make it unique, \u003Cem>e.g., \u003Ccode>filename.jpg\u003C\u002Fcode> becomes \u003Ccode>filename1.jpg\u003C\u002Fcode>\u003C\u002Fem>.\u003C\u002Fp>\n\u003Cp>That isn’t always the desired behavior, so this plugin makes it so that any files uploaded will automatically overwrite existing files \u003Cstrong>in the same folder\u003C\u002Fstrong>, rather than creating a second file with a unique name. It will not overwrite files in other folders.\u003C\u002Fp>\n\u003Cp>After activating the plugin, you won’t need to do anything else, it’ll start working automatically. If you run into problems, please check the FAQ and existing support forum posts before opening a new support request.\u003C\u002Fp>\n","Overwrites files with the same name and folder when uploading, instead of storing multiple copies with unique filenames.",1000,57352,8,"2025-08-04T16:18:00.000Z","6.8.5","2.9",[114,21,115,116,117],"files","overwrite","unique","uploads","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Foverwrite-uploads.1.2.2.zip",{"slug":120,"name":121,"version":122,"author":123,"author_profile":124,"description":125,"short_description":126,"active_installs":127,"downloaded":128,"rating":129,"num_ratings":130,"last_updated":131,"tested_up_to":132,"requires_at_least":17,"requires_php":18,"tags":133,"homepage":138,"download_link":139,"security_score":51,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"physical-custom-upload-folder","Physical Custom Upload Folder for Real Media Library","1.0.5","Matthias Günter","https:\u002F\u002Fprofiles.wordpress.org\u002Fmguenter\u002F","\u003Cp>Upload files in your media library to a custom folder structure on your file system created with \u003Ca href=\"https:\u002F\u002Fdevowl.io\u002Fwordpress-real-media-library\u002F\" rel=\"nofollow ugc\">Real Media Library\u003C\u002Fa> folders. With this plugin you can determine where your uploads should be stored. This can also have some \u003Cstrong>SEO benefits for your website\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>For example, if you have created a folder named \u003Ccode>Products\u002F\u003C\u002Fcode> in your media library (using Real Media Library), your uploads will be stored in \u003Ccode>wp-content\u002Fuploads\u002FProducts\u002F\u003C\u002Fcode> instead of, for example, \u003Ccode>wp-content\u002Fuploads\u002F2020\u002F03\u002F\u003C\u002Fcode>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>This plugin doesn’t care about the following:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Redirection when renaming files (if you or another website is already using an uploaded image, the URL becomes invalid without redirection to the new location)\u003C\u002Fli>\n\u003Cli>Drag and drop files to another folder in the Real Media Library (the URL of the image does not change)\u003C\u002Fli>\n\u003Cli>The import of a Real Media Library folder structure is ignored and the files are not saved in a custom upload folder\u003C\u002Fli>\n\u003Cli>Limit of 255 characters for the path of a folder structure plus file name\u003C\u002Fli>\n\u003Cli>No support for WordPress multi-sites\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>If you want a full-featured solution for a custom folder structure on your file system with Real Media Library, you should look at the \u003Ca href=\"https:\u002F\u002Fdevowl.io\u002Fgo\u002Fcodecanyon\u002Freal-physical-media?source=physical-custom-upload-folder-wordpress-org\" rel=\"nofollow ugc\">Real Physical Media\u003C\u002Fa> add-on.\u003C\u002Fstrong> It has solved all of the above mentioned limitations, is performant and stable.\u003C\u002Fp>\n\u003Cp>\u003Cem>This plugin is a free micro add-on for Real Media Library with limited support.\u003C\u002Fem>\u003C\u002Fp>\n","Upload files in your media library to a custom folder structure on your file system created with Real Media Library folders.",900,15119,82,7,"2020-03-27T08:30:00.000Z","5.4.19",[134,135,136,22,137],"media-library-folder","real-media-library","real-physical-media","upload-folder","https:\u002F\u002Fdevowl.io\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fphysical-custom-upload-folder.zip",{"slug":141,"name":142,"version":143,"author":144,"author_profile":145,"description":146,"short_description":147,"active_installs":148,"downloaded":149,"rating":76,"num_ratings":150,"last_updated":151,"tested_up_to":152,"requires_at_least":153,"requires_php":18,"tags":154,"homepage":158,"download_link":159,"security_score":51,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"wpartisan-filename-sanitizer","WPArtisan Filename Sanitizer","0.0.6","OzTheGreat","https:\u002F\u002Fprofiles.wordpress.org\u002Fozthegreat\u002F","\u003Cp>Improves upon the default WordPress filename sanitizer to remove all non-latin special characters and accents for all new uploads, media and attachments.\u003C\u002Fp>\n","Sanitize media filenames to remove non-latin special characters and accents",400,3600,3,"2017-11-07T12:57:00.000Z","4.8.28","4.4",[155,156,157,21,22],"accents","filenames","media","https:\u002F\u002Fwpartisan.me\u002Fplugins\u002Fwpa-filename-sanitizer","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpartisan-filename-sanitizer.0.0.6.zip",{"attackSurface":161,"codeSignals":193,"taintFlows":212,"riskAssessment":240,"analyzedAt":248},{"hooks":162,"ajaxHandlers":189,"restRoutes":190,"shortcodes":191,"cronEvents":192,"entryPointCount":27,"unprotectedCount":27},[163,169,172,176,181,185],{"type":164,"name":165,"callback":166,"file":167,"line":168},"action","admin_init","settings","wp-extra-file-types.php",126,{"type":164,"name":170,"callback":170,"file":167,"line":171},"init",487,{"type":164,"name":173,"callback":174,"file":167,"line":175},"admin_menu","admin",489,{"type":177,"name":178,"callback":179,"file":167,"line":180},"filter","upload_mimes","mime",490,{"type":177,"name":182,"callback":183,"priority":66,"file":167,"line":184},"wp_check_filetype_and_ext","mime2",492,{"type":177,"name":186,"callback":187,"file":167,"line":188},"gform_disallowed_file_extensions","gf_hack",494,[],[],[],[],{"dangerousFunctions":194,"sqlUsage":199,"outputEscaping":201,"fileOperations":26,"externalRequests":27,"nonceChecks":26,"capabilityChecks":26,"bundledLibraries":211},[195],{"fn":196,"file":167,"line":197,"context":198},"unserialize",37,"$this->types_list = @unserialize($wpeft_list);",{"prepared":27,"raw":27,"locations":200},[],{"escaped":202,"rawEcho":150,"locations":203},47,[204,207,209],{"file":167,"line":205,"context":206},265,"raw output",{"file":167,"line":208,"context":206},266,{"file":167,"line":210,"context":206},303,[],[213,232],{"entryPoint":214,"graph":215,"unsanitizedCount":27,"severity":231},"admin_page (wp-extra-file-types.php:135)",{"nodes":216,"edges":228},[217,222],{"id":218,"type":219,"label":220,"file":167,"line":221},"n0","source","$_POST (x2)",174,{"id":223,"type":224,"label":225,"file":167,"line":226,"wp_function":227},"n1","sink","echo() [XSS]",305,"echo",[229],{"from":218,"to":223,"sanitized":230},true,"low",{"entryPoint":233,"graph":234,"unsanitizedCount":27,"severity":231},"\u003Cwp-extra-file-types> (wp-extra-file-types.php:0)",{"nodes":235,"edges":238},[236,237],{"id":218,"type":219,"label":220,"file":167,"line":221},{"id":223,"type":224,"label":225,"file":167,"line":226,"wp_function":227},[239],{"from":218,"to":223,"sanitized":230},{"summary":241,"deductions":242},"The 'wp-extra-file-types' plugin v0.5.2 exhibits a generally good security posture, with no critical or high severity taint flows identified and a high percentage of properly escaped output. The absence of a large attack surface, including unprotected AJAX handlers, REST API routes, shortcodes, and cron events, is a significant strength. Furthermore, all SQL queries are protected by prepared statements and nonce and capability checks are present, indicating adherence to some fundamental security practices.\n\nHowever, the presence of the 'unserialize' dangerous function is a notable concern. While no specific vulnerabilities arising from its use are immediately evident in the static analysis or taint flows, 'unserialize' is inherently risky if not handled with extreme caution and strict input validation. The plugin's vulnerability history, particularly a past high severity CSRF vulnerability, suggests a potential for security oversights. Although the known CVE is patched, this historical context warrants vigilance and suggests that the plugin may have had weaknesses in the past that could resurface if not carefully maintained.\n\nIn conclusion, 'wp-extra-file-types' v0.5.2 appears to be reasonably secure for a plugin of its size and complexity, with strengths in its limited attack surface and data handling practices. The primary weakness lies in the use of 'unserialize' and the historical context of a high severity vulnerability. Continued monitoring and secure coding practices are recommended, especially concerning the handling of serialized data.",[243,246],{"reason":244,"points":245},"Use of dangerous function 'unserialize'",15,{"reason":247,"points":66},"Past high severity vulnerability (CSRF)","2026-03-16T17:19:10.025Z",{"wat":250,"direct":257},{"assetPaths":251,"generatorPatterns":254,"scriptPaths":255,"versionParams":256},[252,253],"\u002Fwp-content\u002Fplugins\u002Fwp-extra-file-types\u002Flanguages.php","\u002Fwp-content\u002Fplugins\u002Fwp-extra-file-types\u002Fmime-list.txt",[],[],[],{"cssClasses":258,"htmlComments":261,"htmlAttributes":263,"restEndpoints":271,"jsGlobals":272,"shortcodeOutput":274},[259,260],"in_wp","not_in_wp",[262],"\u003C!-- WP Extra File Types | settings -->",[264,265,266,267,268,269,270],"name=\"ext[]\"","name=\"custom_d[]\"","name=\"custom_e[]\"","name=\"custom_m[]\"","name=\"no_strict\"","name=\"no_wp\"","name=\"gf_hack\"",[],[273],"wpeft_form",[]]