[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$ffcObxdL3xiVyEFJwaXTsHkxlNYO66Ywa6VkwwOw9lGk":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":11,"unpatched_count":11,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":36,"analysis":136,"fingerprints":197},"wp-quick-update-featured-image","WP Quick Update Featured Image","1.0","CMITEXPERTS SOFTECH LLP","https:\u002F\u002Fprofiles.wordpress.org\u002Fcmitexperts\u002F","\u003Cp>This plugin is used to add and update a post featured image from posts lisitng page in admin panel.\u003C\u002Fp>\n","Adds ability to make available payment method according IP address.",0,917,100,2,"2018-12-10T06:35:00.000Z","4.9.29","4.0","5.2.4",[20,21,22,23],"featured-image","posts","update-featured-image","update-featured-image-from-listing-page-in-admin-panel","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-quick-update-featured-image\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-quick-update-featured-image.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"cmitexperts",1,30,84,"2026-04-05T02:31:43.774Z",[37,62,82,102,120],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":58,"download_link":59,"security_score":60,"vuln_count":32,"unpatched_count":11,"last_vuln_date":61,"fetched_at":28},"ultimate-posts-widget","Ultimate Posts Widget","2.3.2","cl272","https:\u002F\u002Fprofiles.wordpress.org\u002Fcl272\u002F","\u003Cp>\u003Cstrong>Try it out on your free dummy site: Click here => \u003Ca href=\"https:\u002F\u002Fdemo.tastewp.com\u002Fultimate-posts-widget\" rel=\"nofollow ugc\">https:\u002F\u002Ftastewp.com\u002Fplugins\u002Fultimate-posts-widget\u003C\u002Fa>.\u003C\u002Fstrong>\u003Cbr \u002F>\n(this trick works for all plugins in the WP repo – just replace “wordpress” with “tastewp” in the URL)\u003C\u002Fp>\n\u003Cp>UPDATE: Plugin ownership changed for this plugin. We are currently evaluating possible enhancements for it. Stay tuned! If you have any suggestions yourself, please let us know in the Support Forum.\u003C\u002Fp>\n\u003Cp>Note: This is a \u003Cstrong>classic widget\u003C\u002Fstrong> type, in order for it to work on the latest version of WordPress you will need \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fclassic-widgets\u002F\" rel=\"ugc\">Classic Widgets\u003C\u002Fa> plugin installed on your site.\u003C\u002Fp>\n\u003Cp>The ultimate widget for displaying posts, custom post types or sticky posts with an array of options to customize the display.\u003C\u002Fp>\n\u003Cp>Designed for both the average user and developer, Ultimate Posts Widgets aims to provide flexibility and ease of use for displaying any kinds of posts within your widget areas. An array of widget options are available as well as hooks, filters and custom templates for more advanced customization.\u003C\u002Fp>\n\u003Ch4>Options\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Filter by categories\u003C\u002Fli>\n\u003Cli>Filter by current category\u003C\u002Fli>\n\u003Cli>Filter by tags\u003C\u002Fli>\n\u003Cli>Filter by current tag\u003C\u002Fli>\n\u003Cli>Filter by custom post types\u003C\u002Fli>\n\u003Cli>Filter by sticky posts\u003C\u002Fli>\n\u003Cli>Select number of posts to display\u003C\u002Fli>\n\u003Cli>Display title\u003C\u002Fli>\n\u003Cli>Display publish date\u002Ftime with custom format options\u003C\u002Fli>\n\u003Cli>Display post author and link\u003C\u002Fli>\n\u003Cli>Display post comment count\u003C\u002Fli>\n\u003Cli>Display excerpt or full content\u003C\u002Fli>\n\u003Cli>Display read more link with custom label\u003C\u002Fli>\n\u003Cli>Display featured image and at any size\u003C\u002Fli>\n\u003Cli>Display post categories\u003C\u002Fli>\n\u003Cli>Display post tags\u003C\u002Fli>\n\u003Cli>Display custom fields\u003C\u002Fli>\n\u003Cli>Add text or HTML before and after posts list\u003C\u002Fli>\n\u003Cli>Add CSS class to widget\u003C\u002Fli>\n\u003Cli>Add widget title link\u003C\u002Fli>\n\u003Cli>Change excerpt length (in words)\u003C\u002Fli>\n\u003Cli>Order by date, title, number of comments, random or a custom field\u003C\u002Fli>\n\u003Cli>Exclude current post from the list\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Documentation\u003C\u002Fh4>\n\u003Cp>See the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fultimate-posts-widget\u002Ffaq\u002F\" rel=\"ugc\">FAQ tab\u003C\u002Fa> for documentation on custom templates, hooks, common issues, and more.\u003C\u002Fp>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cp>For help please ask in the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fultimate-posts-widget\u002F\" rel=\"ugc\">Support Forum\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Enjoy this plugin? \u003Ca href=\"https:\u002F\u002Fsellcodes.com\u002F5U4SICyc\" rel=\"nofollow ugc\">Send a tip to support development\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>This plugin is part of the Inisev product family – \u003Ca href=\"https:\u002F\u002Finisev.com\" rel=\"nofollow ugc\">check out our other products\u003C\u002Fa>.\u003C\u002Fp>\n","The ultimate widget for displaying posts, custom post types or sticky posts with an array of options.",10000,492332,90,55,"2024-07-17T01:21:00.000Z","6.6.5","3.5","",[54,20,55,56,57],"custom-post-types","recent-posts","sticky-posts","widget","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fultimate-posts-widget\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fultimate-posts-widget.2.3.2.zip",92,"2024-02-13 00:00:00",{"slug":63,"name":64,"version":65,"author":66,"author_profile":67,"description":68,"short_description":69,"active_installs":70,"downloaded":71,"rating":13,"num_ratings":32,"last_updated":72,"tested_up_to":73,"requires_at_least":74,"requires_php":52,"tags":75,"homepage":80,"download_link":81,"security_score":60,"vuln_count":11,"unpatched_count":11,"last_vuln_date":27,"fetched_at":28},"add-featuredimage-to-all-posts","Featured image to All-Posts","1.8.5","yuya2since","https:\u002F\u002Fprofiles.wordpress.org\u002Fyuya2since\u002F","\u003Cp>Add thumbnails of featured image\u002Feyechatch image to a column of admin dashbord All Posts page. \u002F 管理画面のダッシュボード\u002F投稿一覧のカラムに、アイキャッチ画像のサムネイルを追加表示する。\u003C\u002Fp>\n","Add thumbnails of featured image to a column of admin All Posts page. No complecated settings.",400,5815,"2024-07-01T09:27:00.000Z","6.5.8","3.0.1",[76,77,78,79,20],"admin","all-posts","%e3%82%a2%e3%82%a4%e3%82%ad%e3%83%a3%e3%83%83%e3%83%81%e7%94%bb%e5%83%8f","%e7%ae%a1%e7%90%86%e7%94%bb%e9%9d%a2","http:\u002F\u002Fyellow-goose.com\u002F?p=1839","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadd-featuredimage-to-all-posts.zip",{"slug":83,"name":84,"version":6,"author":85,"author_profile":86,"description":87,"short_description":88,"active_installs":89,"downloaded":90,"rating":91,"num_ratings":92,"last_updated":93,"tested_up_to":94,"requires_at_least":95,"requires_php":52,"tags":96,"homepage":100,"download_link":101,"security_score":26,"vuln_count":11,"unpatched_count":11,"last_vuln_date":27,"fetched_at":28},"automatic-featured-image-posts","Automatic Featured Image Posts","Jeremy Felt","https:\u002F\u002Fprofiles.wordpress.org\u002Fjeremyfelt\u002F","\u003Cp>Automatic Featured Image Posts creates a new post with a Featured Image every time an image is uploaded. Through the plugin settings page, you can set the image to publish and assign itself to one of your other existing custom post types and\u002For post formats.\u003C\u002Fp>\n\u003Cp>The imagined use case is to make managing a large number of photos through WordPress a little more interesting and a little more fun.\u003C\u002Fp>\n\u003Cp>After uploading 10, 100, or 1000 pictures from an event or vacation, you and other users can go through and spend the majority of your time adding content, tags, and titles to your photographs rather than going through a monotonous process creating new posts over and over again.\u003C\u002Fp>\n\u003Cp>Settings are available for:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Default Post Status (draft, pending, published, private)\u003C\u002Fli>\n\u003Cli>Default Post Type\n\u003Cul>\n\u003Cli>Default is the WordPress post.\u003C\u002Fli>\n\u003Cli>Can choose any custom post type registered in your WordPress installation.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Default Post Format\n\u003Cul>\n\u003Cli>Default is ‘standard’, which equates to none.\u003C\u002Fli>\n\u003Cli>Other options are provided if registered by your theme\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Filters are available for:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>afip_new_post_title\u003C\u002Fcode> = Allow other functions or themes to change the post title before creation.\u003C\u002Fli>\n\u003Cli>\u003Ccode>afip_new_post_category\u003C\u002Fcode> = Allow other functions or themes to change the post categories before creation.\u003C\u002Fli>\n\u003Cli>\u003Ccode>afip_new_post_content\u003C\u002Fcode> = Allow other functions or themes to change the post content before creation.\u003C\u002Fli>\n\u003Cli>\u003Ccode>afip_new_post_date\u003C\u002Fcode> = Allow other functions or themes to change the post date before creation.\u003C\u002Fli>\n\u003Cli>\u003Ccode>afip_post_parent_continue\u003C\u002Fcode> = Allow creation of a new post when an image is inserted in an existing post.\u003C\u002Fli>\n\u003Cli>\u003Ccode>afip_continue_new_post\u003C\u002Fcode> = Allow other functions or themes to skip creation of a post.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Actions are available for:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>afip_pre_create_post\u003C\u002Fcode> = Runs immediately before each post is created for an image.\u003C\u002Fli>\n\u003Cli>\u003Ccode>afip_created_post\u003C\u002Fcode> = Runs after each image load is processed.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Feel free to \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fjeremyfelt\u002FAutomatic-Featured-Image-Posts\" rel=\"nofollow ugc\">fork, submit issues, and\u002For contribute on GitHub\u003C\u002Fa>\u003C\u002Fp>\n","Automatic Featured Image Posts creates a new post with a Featured Image every time an image is uploaded.",300,55211,96,12,"2013-11-02T06:11:00.000Z","3.7.41","3.2.1",[20,97,98,99,21],"media","photo","pictures","http:\u002F\u002Fjeremyfelt.com\u002Fwordpress\u002Fplugins\u002Fautomatic-featured-image-posts\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fautomatic-featured-image-posts.1.0.zip",{"slug":103,"name":104,"version":105,"author":106,"author_profile":107,"description":108,"short_description":109,"active_installs":110,"downloaded":111,"rating":13,"num_ratings":112,"last_updated":113,"tested_up_to":114,"requires_at_least":52,"requires_php":52,"tags":115,"homepage":52,"download_link":119,"security_score":26,"vuln_count":11,"unpatched_count":11,"last_vuln_date":27,"fetched_at":28},"featured-image-column-display","Featured Image Column Display","2.0","Sawai S.","https:\u002F\u002Fprofiles.wordpress.org\u002Fssdheerawat\u002F","\u003Cp>It is a simple plugin to add a column for “Featured Image” in post type listing display.\u003C\u002Fp>\n","A plugin that adds the \"Featured Image\" column in admin posts and pages list.",40,2069,4,"2019-07-17T09:14:00.000Z","5.2.24",[116,20,117,118,21],"developer-tools","image","pages","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffeatured-image-column-display.zip",{"slug":121,"name":122,"version":123,"author":124,"author_profile":125,"description":126,"short_description":127,"active_installs":110,"downloaded":128,"rating":13,"num_ratings":14,"last_updated":129,"tested_up_to":130,"requires_at_least":74,"requires_php":52,"tags":131,"homepage":52,"download_link":135,"security_score":26,"vuln_count":11,"unpatched_count":11,"last_vuln_date":27,"fetched_at":28},"raw-latest-posts-widget","Latest Posts Widget","1.1","ravidhu","https:\u002F\u002Fprofiles.wordpress.org\u002Fravidhu\u002F","\u003Cp>List the lastest posts from a category or from all categories:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The excerpt of each post can be displayed.\u003C\u002Fli>\n\u003Cli>The date of each post can be displayed.\u003C\u002Fli>\n\u003Cli>The number of posts that you want to display can be fixed.\u003C\u002Fli>\n\u003Cli>The categories of the post can be displayed (if one category is selected, the selected one is not displayed).\u003C\u002Fli>\n\u003Cli>The featured image can be display or, if it is not set, the first image of the post is selected.\u003C\u002Fli>\n\u003Cli>The image can be displayed before or after the title.\u003C\u002Fli>\n\u003C\u002Ful>\n","List the lastest posts from a category.",3139,"2014-10-13T18:35:00.000Z","4.0.38",[132,133,20,134,57],"categories","category","list-posts","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fraw-latest-posts-widget.1.1.zip",{"attackSurface":137,"codeSignals":167,"taintFlows":185,"riskAssessment":186,"analyzedAt":196},{"hooks":138,"ajaxHandlers":154,"restRoutes":164,"shortcodes":165,"cronEvents":166,"entryPointCount":14,"unprotectedCount":14},[139,144,149],{"type":140,"name":141,"callback":142,"file":143,"line":91},"action","admin_enqueue_scripts","cmit_load_wp_media_files","wp-quick-update-featured-image.php",{"type":145,"name":146,"callback":147,"file":143,"line":148},"filter","manage_posts_columns","cmit_featured_image_columns_head",97,{"type":140,"name":150,"callback":151,"priority":152,"file":143,"line":153},"manage_posts_custom_column","cmit_featured_image_content",10,98,[155,160],{"action":156,"nopriv":157,"callback":158,"hasNonce":157,"hasCapCheck":157,"file":143,"line":159},"update_featured_img",false,"cmit_update_featured_img",63,{"action":161,"nopriv":157,"callback":162,"hasNonce":157,"hasCapCheck":157,"file":143,"line":163},"remove_featured_img","cmit_remove_featured_img",83,[],[],[],{"dangerousFunctions":168,"sqlUsage":169,"outputEscaping":171,"fileOperations":11,"externalRequests":11,"nonceChecks":11,"capabilityChecks":11,"bundledLibraries":184},[],{"prepared":11,"raw":11,"locations":170},[],{"escaped":11,"rawEcho":172,"locations":173},5,[174,177,179,181,182],{"file":143,"line":175,"context":176},32,"raw output",{"file":143,"line":178,"context":176},34,{"file":143,"line":180,"context":176},35,{"file":143,"line":110,"context":176},{"file":143,"line":183,"context":176},41,[],[],{"summary":187,"deductions":188},"The wp-quick-update-featured-image plugin version 1.0 presents a significant security risk due to its unprotected AJAX handlers and a complete lack of output escaping. The static analysis reveals two entry points, both of which are AJAX handlers, and critically, neither performs any authentication or capability checks. This means any unauthenticated user could potentially trigger these handlers, leading to unauthorized actions or information disclosure.\n\nFurthermore, the absence of any output escaping on the five identified output points is a major concern. This opens the door to Cross-Site Scripting (XSS) vulnerabilities, where malicious scripts could be injected and executed in the context of other users' browsers, including administrators. While the plugin has no recorded vulnerability history, this often indicates a lack of scrutiny or a relatively small user base rather than inherent security. The absence of dangerous functions and the use of prepared statements for SQL queries are positive signs, but they are overshadowed by the critical flaws in AJAX endpoint security and output sanitization.",[189,191,194],{"reason":190,"points":152},"AJAX handlers without auth checks",{"reason":192,"points":193},"Output escaping not used",8,{"reason":195,"points":193},"AJAX handlers without capability checks","2026-03-17T06:58:35.897Z",{"wat":198,"direct":207},{"assetPaths":199,"generatorPatterns":201,"scriptPaths":202,"versionParams":204},[200],"\u002Fwp-content\u002Fplugins\u002Fwp-quick-update-featured-image\u002Fimages\u002Fno-image.png",[],[203],"\u002Fwp-content\u002Fplugins\u002Fwp-quick-update-featured-image\u002Fjs\u002Ffeatured_image.js",[205,206],"wp-quick-update-featured-image\u002Fcss\u002Ffeatured_image.css?ver=","wp-quick-update-featured-image\u002Fjs\u002Ffeatured_image.js?ver=",{"cssClasses":208,"htmlComments":217,"htmlAttributes":218,"restEndpoints":220,"jsGlobals":223,"shortcodeOutput":224},[209,210,211,212,117,213,214,215,216],"cmit_featured_image","featured-img-container","feat_container_","img-","contorls-featured-action","open-editor","feat-actions","removeImage",[],[219],"data-postID",[221,222],"\u002Fwp-admin\u002Fadmin-ajax.php?action=update_featured_img","\u002Fwp-admin\u002Fadmin-ajax.php?action=remove_featured_img",[],[]]