[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fZLoIUZgF9zokIHQch_0_WRgd8Ku-mzmmm25q4X9fLVw":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":48,"crawl_stats":37,"alternatives":55,"analysis":166,"fingerprints":224},"wp-original-media-path","WP Original Media Path","2.4.2","RVOLA","https:\u002F\u002Fprofiles.wordpress.org\u002Frvola\u002F","\u003Cp>WordPress has changed the media page, removing the two fields to define the location and the sub-field of media.\u003Cbr \u002F>\nThere exists a constant wp-config.php, but it does not include sub-domains.\u003Cbr \u002F>\nOnce activated, the plugin will add two values ​​in the database, you modify later.\u003Cbr \u002F>\nThe plugin is not retroactive for images already uploaded.\u003Cbr \u002F>\nFollow the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-original-media-path\u002Finstallation\" rel=\"ugc\">installation instructions\u003C\u002Fa> to migrate your old images.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>This extension is not compatible with WordPress multisite.\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Thank you to try to find the solution by yourself or on the forum.\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>The author of the plugin is no after-sales service.\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Most of the issues have already been addressed.\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Frvola\u002Fwp-original-media-path\" rel=\"nofollow ugc\">\u003Cstrong>GitHub\u003C\u002Fstrong>\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.paypal.me\u002Frvola\" rel=\"nofollow ugc\">\u003Cstrong>Donate\u003C\u002Fstrong>\u003C\u002Fa>\u003C\u002Fp>\n","Change the location for the uploads folder for WordPress",6000,138079,98,38,"2025-12-01T14:59:00.000Z","6.9.4","3.5","7.0",[20,21,22,23],"media","path","subdomain","upload","https:\u002F\u002Fgithub.com\u002Frvola\u002Fwp-original-media-path","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-original-media-path.zip",100,1,0,"2023-04-19 00:00:00","2026-03-15T15:16:48.613Z",[32],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":39,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":29,"updated_date":44,"references":45,"days_to_patch":47},"CVE-2023-23674","wp-original-media-path-authenticated-administrator-stored-cross-site-scripting-via-plugin-settings","WP Original Media Path \u003C= 2.4.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via plugin settings","The WP Original Media Path plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin settings in versions up to, and including, 2.4.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only impacts multi-site installations and installations where unfiltered_html has been disabled.",null,"\u003C=2.4.0","2.4.1","medium",4.4,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-01-22 19:56:02",[46],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F277eb517-c949-41e9-becf-af056fd32f35?source=api-prod",279,{"slug":49,"display_name":7,"profile_url":8,"plugin_count":50,"total_installs":51,"avg_security_score":52,"avg_patch_time_days":47,"trust_score":53,"computed_at":54},"rvola",3,7010,95,76,"2026-04-04T13:59:53.453Z",[56,76,99,123,143],{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":66,"num_ratings":67,"last_updated":68,"tested_up_to":69,"requires_at_least":17,"requires_php":70,"tags":71,"homepage":73,"download_link":74,"security_score":75,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"upload-url-path-enabler","Upload Url and Path Enabler","1.0.4","Grégory Viguier","https:\u002F\u002Fprofiles.wordpress.org\u002Fgreglone\u002F","\u003Cp>WordPress 3.5 removes the setting fields to change the media upload path and url. This plugin enables them again. Note that as long as your fields are not empty, you can disable this plugin.\u003C\u002Fp>\n","Get the media upload path and url setting fields back in WP 3.5+.",2000,40869,86,12,"2016-04-03T20:58:00.000Z","4.5.33","",[20,21,23,72],"url","https:\u002F\u002Fwww.screenfeed.fr\u002Fplugin-wp\u002Fupload-url-path-enabler\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fupload-url-path-enabler.zip",85,{"slug":77,"name":78,"version":79,"author":80,"author_profile":81,"description":82,"short_description":83,"active_installs":84,"downloaded":85,"rating":13,"num_ratings":13,"last_updated":86,"tested_up_to":16,"requires_at_least":87,"requires_php":18,"tags":88,"homepage":94,"download_link":95,"security_score":96,"vuln_count":97,"unpatched_count":28,"last_vuln_date":98,"fetched_at":30},"wp-maximum-upload-file-size","EasyMedia – Increase Media Upload File Size | Role-Based Upload Limit | Increase Execution Time","3.0.4","CodePopular","https:\u002F\u002Fprofiles.wordpress.org\u002Fcodepopular\u002F","\u003Ch3>\u003Cstrong>Increases the upload file size limit to any value with one click\u003C\u002Fstrong>\u003C\u002Fh3>\n\u003Cp>The \u003Cstrong>EasyMedia\u003C\u002Fstrong> plugin automatically detects your WordPress and server upload limits, displaying them in a simple dashboard. Instantly increase your upload size and easily upload large files like backups, videos, or ZIP archives directly to your WordPress media library — even if your hosting restricts upload limits.\u003C\u002Fp>\n\u003Ch3>If you ever searched for:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>“Increase WordPress upload limit plugin”\u003C\u002Fli>\n\u003Cli>“Best plugin to upload large files”\u003C\u002Fli>\n\u003Cli>“Set upload quota for users or roles”\u003C\u002Fli>\n\u003Cli>“Restrict file types for authors”\u003C\u002Fli>\n\u003Cli>“Show upload logs in WordPress”\u003C\u002Fli>\n\u003Cli>“Media manager plugin with file stats”\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>✅ Then \u003Cstrong>EasyMedia\u003C\u002Fstrong> is the solution you need.\u003C\u002Fp>\n\u003Ch3>🧩 \u003Cstrong>Core Features (Free Version)\u003C\u002Fstrong>\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>🔼 Increase Upload File Size Limit\u003C\u002Fstrong>\u003Cbr \u002F>\nRaise your WordPress upload limit to any value without editing code or php.ini files. Upload big videos, ZIPs, and backups seamlessly.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>⏱️ Increase Maximum Execution Time\u003C\u002Fstrong>\u003Cbr \u002F>\nAvoid “Maximum Execution Time Exceeded” errors. Increase execution time to handle large file uploads smoothly.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>👥 Role-Based Upload Limits\u003C\u002Fstrong>\u003Cbr \u002F>\nSet custom upload size limits for different WordPress roles (Administrator, Editor, Author, etc.) to prevent storage overuse.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>💾 Memory Limit Set\u003C\u002Fstrong>\u003Cbr \u002F>\nLarge file uploads often fail due to low PHP memory limits. You can easily increase the memory limit from the plugin setting page.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>💽 System Status Dashboard\u003C\u002Fstrong>\u003Cbr \u002F>\nView your current PHP upload limit, max execution time, memory limit, and other important settings at a glance.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>🧰 Simple, Clean UI\u003C\u002Fstrong>\u003Cbr \u002F>\nAccess settings easily from your WP \u003Cstrong>Dashboard \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Media \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> EasyMedia\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Ch3>\u003Cstrong>Where to find the Option to Increase Upload Limit.\u003C\u002Fstrong>\u003C\u002Fh3>\n\u003Cp>After installing and activating the plugin, go to your dashboard and navigate to \u003Cstrong>Media > EasyMedia\u003C\u002Fstrong>. From there, you can easily adjust your upload limits and execution time settings.\u003C\u002Fp>\n\u003Ch3>\u003Cstrong>Increase Maximum Execution Time.\u003C\u002Fstrong>\u003C\u002Fh3>\n\u003Cp>Sometimes WordPress users can’t upload new files due to extended execution time limits. With this plugin, you can increase the execution time to avoid these issues. Simply set the execution time in the input field according to your needs.\u003C\u002Fp>\n\u003Ch3>\u003Cstrong>Plugin Renamed: MaxUploader is now EasyMedia\u003C\u002Fstrong>\u003C\u002Fh3>\n\u003Cp>We’ve rebranded MaxUploader to EasyMedia for a better, more user-friendly experience.\u003Cbr \u002F>\nDon’t worry — all your existing settings will remain intact. The plugin continues to provide the same core functionality, including increasing upload file size limits and execution time, with an improved interface and additional features.\u003C\u002Fp>\n\u003Cp>If you previously used MaxUploader, you can safely update to EasyMedia — it’s the same plugin, just with a new name and enhanced design.\u003C\u002Fp>\n\u003Ch3>💬 \u003Cstrong>Why EasyMedia?\u003C\u002Fstrong>\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>🖼️ Upload large files easily (no manual PHP editing)\u003C\u002Fli>\n\u003Cli>👥 Limit upload size by role or user\u003C\u002Fli>\n\u003Cli>🧩 Restrict specific file types\u003C\u002Fli>\n\u003Cli>⚡ Increase execution time in one click\u003C\u002Fli>\n\u003Cli>📊 Monitor uploads and media usage\u003C\u002Fli>\n\u003Cli>💪 Compatible with all hosting providers\u003C\u002Fli>\n\u003Cli>🔒 Improves security and accountability\u003C\u002Fli>\n\u003Cli>🧠 Recommended by developers for smart file management\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>\u003Cstrong>🚀 Upgrade to EasyMedia Pro for Advanced Features\u003C\u002Fstrong>\u003C\u002Fh3>\n\u003Cp>Take your media management to the next level with \u003Ca href=\"http:\u002F\u002Fcodepopular.com\u002Fproduct\u002Feasymedia\" rel=\"nofollow ugc\">EasyMedia Pro\u003C\u002Fa>!\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Pro Features Include:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>📊 Upload Logs & Tracking\u003C\u002Fstrong> – Monitor all file uploads with detailed logging, including user, file name, size, type, and timestamp. With the EasyMedia Pro Upload Logs module, you can see where each attachment is used across your site (posts, pages, or products).\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>👥 Set User Storage Disk Limit\u003C\u002Fstrong> – Set individual upload limits for specific users that override global settings. With this module, you can specially set the disk limit per individual user. This way we can handle over upload issue from the Editor and Author\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>📄 File Type Restriction\u003C\u002Fstrong> – The EasyMedia plugin sets user file type restriction. With this module, you can only allow specific types of files for the user. Sometimes, Editor or Author roles only need specific file types (like images), and ZIP or executable uploads can be disallowed for them. This feature makes that possible.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>🎭 Role-Based Restrictions\u003C\u002Fstrong> – Configure different upload limits based on WordPress user roles (Administrator, Editor, Author, etc.) This module can help to define the upload limit per role which WordPress by default does not come with\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>📁 Media Manager\u003C\u002Fstrong> – Display file sizes directly in media library columns and attachment details. This feature is acting as a File management plugin where you can manager your WordPress site all files and folders.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>📈 Upload Statistics Dashboard\u003C\u002Fstrong> – View comprehensive statistics including top uploads, recent uploads, and overall usage. You can see the graphical interface of your media library and the top uploader list.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>🔍 Advanced Reporting\u003C\u002Fstrong> – Export upload logs and generate detailed reports for analysis\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>⚡ Auto-Install Dependency\u003C\u002Fstrong> – Automatically installs and configures the main plugin if needed\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>🛡️ Better Security\u003C\u002Fstrong> – Track who uploads what and when for improved security and accountability\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>🎯 Priority Support\u003C\u002Fstrong> – Get faster support and regular updates. We focus on one-to-one priority support.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"http:\u002F\u002Fcodepopular.com\u002Fproduct\u002Feasymedia\" rel=\"nofollow ugc\">\u003Cstrong>Get EasyMedia Pro Now \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan>\u003C\u002Fstrong>\u003C\u002Fa> \u003Ca href=\"https:\u002F\u002Fcodepopular.com\u002Fdocs\u002Feasymedia\" rel=\"nofollow ugc\">\u003Cstrong>Get Read Documentation \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan>\u003C\u002Fstrong>\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Recommended Elementor Plugin\u003C\u002Fh4>\n\u003Cblockquote>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Funlimited-theme-addons\u002F\" rel=\"ugc\">Unlimited Theme Addons\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fblockquote>\n","EasyMedia - Increase the maximum upload file size limit to any value. Increase upload limit - upload large files effortlessly.",80000,1218819,"2026-01-25T08:18:00.000Z","4.0",[89,90,91,92,93],"easymedia","increase-file-size-limit","increase-upload-limit","large-file-upload","max-upload-file-size","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-maximum-upload-file-size\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-maximum-upload-file-size.3.0.4.zip",99,2,"2024-11-22 17:05:12",{"slug":100,"name":101,"version":102,"author":103,"author_profile":104,"description":105,"short_description":106,"active_installs":107,"downloaded":108,"rating":109,"num_ratings":110,"last_updated":111,"tested_up_to":112,"requires_at_least":113,"requires_php":18,"tags":114,"homepage":119,"download_link":120,"security_score":121,"vuln_count":27,"unpatched_count":28,"last_vuln_date":122,"fetched_at":30},"add-from-server","Add From Server","3.4.5","Dion Hulse","https:\u002F\u002Fprofiles.wordpress.org\u002Fdd32\u002F","\u003Cp>This plugin offers limited support. Please do not expect new features or too many bugfixes. Features may be removed at any time.\u003C\u002Fp>\n\u003Cp>Add From Server is designed to help ease the pain of bad web hosts, allowing you to upload files via FTP or SSH and later import them into WordPress.\u003C\u002Fp>\n\u003Cp>This plugin is NOT designed to..\u003Cbr \u002F>\n * Be used as a replacement for the file uploader\u003Cbr \u002F>\n * Be used for migration of websites\u003Cbr \u002F>\n * Re-import your files after moving webhosting\u003Cbr \u002F>\n * Batch import media\u003C\u002Fp>\n\u003Cp>This plugins IS designed to..\u003Cbr \u002F>\n * Import files which are larger than your hosting allows to be uploaded.\u003Cbr \u002F>\n * Import files which are too large for your internet connections upload speed.\u003C\u002Fp>\n\u003Cp>WordPress does a better job of file uploads than this plugin, so please consider your needs before you use it.\u003C\u002Fp>\n\u003Cp>You may also want to look at using WP-CLI for media import purposes:\u003Cbr \u002F>\nhttps:\u002F\u002Fdeveloper.wordpress.org\u002Fcli\u002Fcommands\u002Fmedia\u002Fimport\u002F\u003C\u002Fp>\n","Add From Server is designed to help ease the pain of bad web hosts, allowing you to upload files via FTP or SSH and later import them into WordPress.",70000,1319395,92,239,"2020-12-11T07:32:00.000Z","5.5.18","5.4",[115,116,20,117,118],"admin","import","post","uploads","https:\u002F\u002Fdd32.id.au\u002Fwordpress-plugins\u002Fadd-from-server\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadd-from-server.3.4.5.zip",84,"2016-08-08 00:00:00",{"slug":124,"name":125,"version":126,"author":127,"author_profile":128,"description":129,"short_description":130,"active_installs":131,"downloaded":132,"rating":133,"num_ratings":134,"last_updated":135,"tested_up_to":136,"requires_at_least":87,"requires_php":70,"tags":137,"homepage":140,"download_link":141,"security_score":121,"vuln_count":27,"unpatched_count":28,"last_vuln_date":142,"fetched_at":30},"wp-extra-file-types","WP Extra File Types","0.5.2","davide.airaghi","https:\u002F\u002Fprofiles.wordpress.org\u002Fdavideairaghi\u002F","\u003Cp>This plugin let you add file types to the default list of file extensions\u003Cbr \u002F>\nsupported by the Media Library upload procedure.\u003C\u002Fp>\n","Plugin to let you extend the list of allowed file types supported by the Wordpress Media Library",50000,345656,68,39,"2023-10-28T18:29:00.000Z","6.3.8",[138,139,23],"file-type","media-library","http:\u002F\u002Fwww.airaghi.net\u002Fen\u002F2015\u002F01\u002F02\u002Fwordpress-custom-mime-types\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-extra-file-types.0.5.2.zip","2021-12-27 00:00:00",{"slug":144,"name":145,"version":146,"author":147,"author_profile":148,"description":149,"short_description":150,"active_installs":151,"downloaded":152,"rating":26,"num_ratings":153,"last_updated":154,"tested_up_to":16,"requires_at_least":155,"requires_php":156,"tags":157,"homepage":162,"download_link":163,"security_score":164,"vuln_count":50,"unpatched_count":28,"last_vuln_date":165,"fetched_at":30},"easy-svg","Easy SVG Support","4.1","Benjamin Zekavica","https:\u002F\u002Fprofiles.wordpress.org\u002Fbenjamin_zekavica\u002F","\u003Ch4>Direct Upload SVG Files into WordPress\u003C\u002Fh4>\n\u003Cp>EASY SVG Support is a Plugin which allows you to upload SVG Files into your Media library. This plugin was created for persons, who don’t need much options for SVG.\u003C\u002Fp>\n\u003Ch4>Features of the plugin include:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Uploading SVG Support for WordPress\u003C\u002Fli>\n\u003Cli>Easy installation\u003C\u002Fli>\n\u003Cli>Display SVG Files in the Media Libary\u003C\u002Fli>\n\u003Cli>SVG Sanitize Files direcly \u003C\u002Fli>\n\u003Cli>SVG Sanitize – Custom Hooks for Tags and Attributes\u003C\u002Fli>\n\u003Cli>Updated for the new WordPress Gutenberg Editor\u003C\u002Fli>\n\u003Cli>Support for PHP 8.2\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Documentation & Support\u003C\u002Fh4>\n\u003Cp>Got a problem or need help with Easy SVG Support? Than you can write me an e-mail:\u003C\u002Fp>\n\u003Cp>info@benjamin-zekavica.de or you can ask your question in the forums section.\u003C\u002Fp>\n","This Plugin allows you to upload SVG Files into your Media library.",40000,348069,7,"2025-11-14T19:51:00.000Z","6.0","8.0",[144,158,159,160,161],"svg","svg-media","svg-support","upload-svg","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Feasy-svg\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feasy-svg.4.1.zip",96,"2026-02-18 15:01:37",{"attackSurface":167,"codeSignals":207,"taintFlows":214,"riskAssessment":215,"analyzedAt":223},{"hooks":168,"ajaxHandlers":203,"restRoutes":204,"shortcodes":205,"cronEvents":206,"entryPointCount":28,"unprotectedCount":28},[169,176,181,185,189,193,196,199],{"type":170,"name":171,"callback":172,"priority":173,"file":174,"line":175},"action","init","loadLanguages",10,"wp_original_media_path.php",45,{"type":177,"name":178,"callback":179,"priority":173,"file":174,"line":180},"filter","plugin_row_meta","pluginRowMeta",48,{"type":170,"name":182,"callback":183,"priority":173,"file":174,"line":184},"admin_enqueue_scripts","assets",50,{"type":170,"name":186,"callback":187,"priority":173,"file":174,"line":188},"admin_menu","addMenu",52,{"type":170,"name":190,"callback":191,"priority":173,"file":174,"line":192},"admin_init","registerSections",53,{"type":170,"name":190,"callback":194,"priority":173,"file":174,"line":195},"registerFields",54,{"type":170,"name":190,"callback":197,"priority":173,"file":174,"line":198},"addFields",55,{"type":170,"name":200,"callback":201,"priority":173,"file":174,"line":202},"plugins_loaded","load",340,[],[],[],[],{"dangerousFunctions":208,"sqlUsage":209,"outputEscaping":211,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":213},[],{"prepared":28,"raw":28,"locations":210},[],{"escaped":97,"rawEcho":28,"locations":212},[],[],[],{"summary":216,"deductions":217},"The wp-original-media-path plugin v2.4.2 presents a generally positive security posture based on the static analysis. The absence of AJAX handlers, REST API routes, shortcodes, and cron events significantly limits the plugin's attack surface. Furthermore, the code demonstrates good security practices with 100% of SQL queries using prepared statements and all identified outputs being properly escaped. The lack of file operations, external HTTP requests, and absence of critical taint flows are also strong indicators of a secure codebase in these areas.\n\nHowever, a significant concern arises from the plugin's vulnerability history. The presence of one known CVE, even if currently patched and of medium severity, indicates that the plugin has had exploitable vulnerabilities in the past. The common vulnerability type being Cross-site Scripting also suggests that input validation and output sanitization, while appearing to be handled correctly in the current static analysis, may have been areas of weakness in previous versions. The fact that a vulnerability was discovered as recently as April 2023 warrants caution. While the current version appears to have addressed past issues, the history itself introduces a degree of risk that should not be overlooked.\n\nIn conclusion, while the static analysis of v2.4.2 shows a robustly coded plugin with minimal direct security flaws, the historical context of known vulnerabilities, particularly XSS, tempers this positive assessment. Users should remain vigilant and ensure they are always running the latest version of the plugin, as past issues could potentially re-emerge or new ones could be introduced.",[218,220],{"reason":219,"points":173},"Past vulnerability of medium severity",{"reason":221,"points":222},"Common vulnerability type: XSS",5,"2026-03-16T18:02:48.634Z",{"wat":225,"direct":234},{"assetPaths":226,"generatorPatterns":229,"scriptPaths":230,"versionParams":231},[227,228],"\u002Fwp-content\u002Fplugins\u002Fwp-original-media-path\u002Fassets\u002Fwp-original-media-path.css","\u002Fwp-content\u002Fplugins\u002Fwp-original-media-path\u002Fassets\u002Fwp-original-media-path.js",[],[228],[232,233],"wp-original-media-path.css?ver=","wp-original-media-path.js?ver=",{"cssClasses":235,"htmlComments":236,"htmlAttributes":237,"restEndpoints":238,"jsGlobals":239,"shortcodeOutput":240},[],[],[],[],[],[]]