[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fCwxu9m8xFVaVkIxMqABerIzvYWOUlmKNYbrIXUlIE1I":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":46,"crawl_stats":37,"alternatives":53,"analysis":150,"fingerprints":269},"wp-thumb","WPThumb","0.10","Joe Hoyle","https:\u002F\u002Fprofiles.wordpress.org\u002Fjoehoyle\u002F","\u003Cp>WP Thumb is a simple plugin that seamlessly integrates with the WordPress image functions. You can specify height, width and crop values, and an image will be generated, which is then cached for future use.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Automatic images resizing, cropping and caching.\u003C\u002Fli>\n\u003Cli>Ideal for when you want to change the dimensions of default image sizes.\u003C\u002Fli>\n\u003Cli>Can extend using filters to make use of any of the phpThumb Library functions by manipulating the image object.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Contribution guidelines\u003C\u002Fh3>\n\u003Cp>see https:\u002F\u002Fgithub.com\u002Fhumanmade\u002FWPThumb\u002Fblob\u002Fmaster\u002FCONTRIBUTING.md\u003C\u002Fp>\n","An on-demand image generation replacement for WordPress' image resizing.",900,37432,100,3,"2014-04-01T18:03:00.000Z","3.7.41","3.5","",[20,21,22,23,24],"crop","image","phpthumb","resize","thumbnail","https:\u002F\u002Fgithub.com\u002Fhumanmade\u002FWPThumb","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-thumb.0.10.zip",63,1,"2025-06-19 00:00:00","2026-03-15T15:16:48.613Z",[32],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":37,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":29,"updated_date":43,"references":44,"days_to_patch":37},"CVE-2025-49983","wpthumb-authenticated-contributor-server-side-request-forgery","WPThumb \u003C= 0.10 - Authenticated (Contributor+) Server-Side Request Forgery","The WPThumb plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 0.10. This makes it possible for authenticated attackers, with Contributor-level access and above, to make web requests to arbitrary locations originating from the web application which can be used to query and modify information from internal services.",null,"\u003C=0.10","medium",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Server-Side Request Forgery (SSRF)","2025-06-25 19:28:54",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fe499408c-c4c5-465c-b883-50d449d684e0?source=api-prod",{"slug":47,"display_name":7,"profile_url":8,"plugin_count":48,"total_installs":49,"avg_security_score":50,"avg_patch_time_days":51,"trust_score":50,"computed_at":52},"joehoyle",4,9920,81,30,"2026-04-04T14:11:31.274Z",[54,75,89,110,132],{"slug":55,"name":56,"version":57,"author":58,"author_profile":59,"description":60,"short_description":61,"active_installs":62,"downloaded":63,"rating":13,"num_ratings":28,"last_updated":64,"tested_up_to":65,"requires_at_least":66,"requires_php":18,"tags":67,"homepage":71,"download_link":72,"security_score":73,"vuln_count":74,"unpatched_count":74,"last_vuln_date":37,"fetched_at":30},"autothumb","AutoThumb","0.6.1","maff","https:\u002F\u002Fprofiles.wordpress.org\u002Fmaff\u002F","\u003Cp>The plugin is actually just a port of a plugin\u002Fsnippet I wrote for \u003Ca href=\"http:\u002F\u002Fwww.modxcms.com\" rel=\"nofollow ugc\">MODx\u003C\u002Fa> a while ago (\u003Ca href=\"http:\u002F\u002Fmodxcms.com\u002FphpThumb-Package-1522.html\" rel=\"nofollow ugc\">see here\u003C\u002Fa>). It scans your content’s source code for \u003Cimg> tags with width and height attributes and passes them to \u003Ca href=\"http:\u002F\u002Fphpthumb.sourceforge.net\u002F\" rel=\"nofollow ugc\">phpThumb\u003C\u002Fa>, a great PHP image editing library, which handles the resizing and editing of the image. Additionally, by passing parameters to phpThumb using a query string, it’s possible to edit the image in several ways (take a look at \u003Ca href=\"http:\u002F\u002Fphpthumb.sourceforge.net\u002Fdemo\u002Fdemo\u002FphpThumb.demo.demo.php\" rel=\"nofollow ugc\">phpThumb’s demos\u003C\u002Fa>).\u003C\u002Fp>\n\u003Cp>The simplest way to get resized images is to specify width\u002Fheight attibutes in your HTML. AutoThumb will use the given values and remove the attributes from your page’s output. When you take a look at the URLs of the example images found on the plugin home page, you will see that the \u003Cimg>-tag’s src-attribute points to a file called image.php in the plugin’s directory. This file takes the image source and several other parameters and passes them to phpThumb, which will generate and output the final image (of course images will be cached).\u003C\u002Fp>\n\u003Cp>To prevent evil people playing with the query string and letting your server generate tons of different images, the plugin generates a hash which is a combination of the query string and a secret password you set in phpThumb’s config file. So every call with different parameters (even the same image with different sizes) has another unique hash and it’s not possible to generate new images without knowing the secret password.\u003C\u002Fp>\n\u003Cp>See the \u003Ca href=\"http:\u002F\u002Failoo.net\u002Fprojects\u002Fautothumb\u002F\" rel=\"nofollow ugc\">plugin page\u003C\u002Fa> for more details on the plugin.\u003C\u002Fp>\n\u003Cp>All development is done on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fmaff\u002Fwp-autothumb\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>. If you have ideas, enhancements, etc. feel free to fork the project and send a pull request.\u003C\u002Fp>\n\u003Cp>For any issues please use the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fmaff\u002Fwp-autothumb\u002Fissues\" rel=\"nofollow ugc\">Issue Tracker\u003C\u002Fa>.\u003C\u002Fp>\n","The plugin is actually just a port of a plugin\u002Fsnippet I wrote for MODx a while ago (see here). It scans your content's source code for \u003Cimg&g &hellip;",80,14526,"2012-02-06T18:30:00.000Z","3.3.2","2.7",[68,69,22,23,70],"images","library","thumbnails","http:\u002F\u002Failoo.net\u002Fprojects\u002Fautothumb\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fautothumb.0.6.1.zip",85,0,{"slug":76,"name":77,"version":78,"author":79,"author_profile":80,"description":81,"short_description":82,"active_installs":62,"downloaded":83,"rating":74,"num_ratings":74,"last_updated":84,"tested_up_to":85,"requires_at_least":17,"requires_php":18,"tags":86,"homepage":18,"download_link":88,"security_score":73,"vuln_count":74,"unpatched_count":74,"last_vuln_date":37,"fetched_at":30},"crop-and-resize-images","Crop and Resize Images","1.2.4","bo.lipai","https:\u002F\u002Fprofiles.wordpress.org\u002Fbolipai\u002F","\u003Cp>With the help of this plugin you will be able to resize to any dimmension and\u003Cbr \u002F>\ncrop all images from your WordPress library.\u003C\u002Fp>\n\u003Cp>The plugin introduces a visual and very simple to use image editor. The croped\u003Cbr \u002F>\nimage will retain the aspect ratio define by WordPress so no more missing\u003Cbr \u002F>\nimportant parts from your images.\u003C\u002Fp>\n","Crop and Resize Images Plugin allows you to easily modify WordPress uploaded images.",6592,"2015-10-21T23:59:00.000Z","4.3.34",[20,68,87,23,24],"picture","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcrop-and-resize-images.zip",{"slug":90,"name":91,"version":92,"author":93,"author_profile":94,"description":95,"short_description":96,"active_installs":97,"downloaded":98,"rating":99,"num_ratings":100,"last_updated":101,"tested_up_to":102,"requires_at_least":17,"requires_php":18,"tags":103,"homepage":107,"download_link":108,"security_score":13,"vuln_count":28,"unpatched_count":74,"last_vuln_date":109,"fetched_at":30},"manual-image-crop","Manual Image Crop","1.13","Tomasz Sita","https:\u002F\u002Fprofiles.wordpress.org\u002Ftomaszsita\u002F","\u003Cp>Plugin allows you to manually crop all the image sizes registered in your WordPress theme (in particular featured image).\u003Cbr \u002F>\nSimply click on the “Crop” link next to any image in your media library.\u003Cbr \u002F>\nThe WordPress Media Modal interface will be brought up and you are ready to go.\u003Cbr \u002F>\nWhole cropping process is really intuitive and simple.\u003C\u002Fp>\n\u003Cp>Apart from media library list, the plugin adds links in few more places:\u003Cbr \u002F>\n* Below featured image box (“Crop featured image”)\u003Cbr \u002F>\n* In the media insert modal window (once you select an image)\u003C\u002Fp>\n\u003Ch4>Settings\u003C\u002Fh4>\n\u003Cp>The plugin includes a settings page where you can configure:\u003Cbr \u002F>\n* Image quality settings\u003Cbr \u002F>\n* Visibility of crop options\u003Cbr \u002F>\n* Custom labels for image sizes\u003C\u002Fp>\n\u003Ch4>GitHub Repository\u003C\u002Fh4>\n\u003Cp>https:\u002F\u002Fgithub.com\u002Ftomaszsita\u002Fwp-manual-image-crop\u003C\u002Fp>\n\u003Ch4>Translations\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Czech (AI Generated)\u003C\u002Fli>\n\u003Cli>Dutch (Bernardo Hulsman)\u003C\u002Fli>\n\u003Cli>French (Gabriel Féron)\u003C\u002Fli>\n\u003Cli>German (Bertram Greenhough)\u003C\u002Fli>\n\u003Cli>Hungarian (Roland Kal)\u003C\u002Fli>\n\u003Cli>Italian (Alessandro Curci)\u003C\u002Fli>\n\u003Cli>Japanese (AI Generated)\u003C\u002Fli>\n\u003Cli>Korean (AI Generated)\u003C\u002Fli>\n\u003Cli>Polish (myself)\u003C\u002Fli>\n\u003Cli>Portuguese (Brazil) (AI Generated)\u003C\u002Fli>\n\u003Cli>Russian (Andrey Hohlov)\u003C\u002Fli>\n\u003Cli>Spanish (Andrew Kurtis)\u003C\u002Fli>\n\u003Cli>Swedish (Karl Oskar Mattsson)\u003C\u002Fli>\n\u003Cli>Turkish (AI Generated)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Please contact me if you want to add a translation (or submit a pull request on GitHub)\u003C\u002Fp>\n","Plugin allows you to manually crop all the image sizes registered in your WordPress theme (in particular featured image).",8000,201853,82,56,"2025-08-23T09:55:00.000Z","6.5.8",[20,104,105,106,24],"cropping","featured-image","gallery","https:\u002F\u002Fgithub.com\u002Ftomaszsita\u002Fwp-manual-image-crop","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmanual-image-crop.1.13.zip","2015-08-24 00:00:00",{"slug":111,"name":112,"version":113,"author":114,"author_profile":115,"description":116,"short_description":117,"active_installs":118,"downloaded":119,"rating":120,"num_ratings":121,"last_updated":122,"tested_up_to":123,"requires_at_least":124,"requires_php":18,"tags":125,"homepage":18,"download_link":130,"security_score":13,"vuln_count":28,"unpatched_count":74,"last_vuln_date":131,"fetched_at":30},"acme-fix-images","Acme Fix Images – Regenerate Thumbnails","2.0.4","Acme Themes","https:\u002F\u002Fprofiles.wordpress.org\u002Facmethemes\u002F","\u003Cp>Regenerate Thumbnails – Acme Fix Images is a handy WordPress plugin designed to resolve issues related to image thumbnail sizes. If you’ve recently adjusted image sizes in your Media Settings or encountered display problems due to improper thumbnail sizes, this plugin can help you ensure consistency and proper display of images across your website.\u003C\u002Fp>\n\u003Col>\n\u003Cli>Log in to your WordPress admin panel.\u003C\u002Fli>\n\u003Cli>Navigate to Appearance => Acme Fix Images.\u003C\u002Fli>\n\u003Cli>Select the image sizes and options you wish to fix.\u003C\u002Fli>\n\u003Cli>Click “Fix All Images” to regenerate thumbnails according to your chosen sizes.\u003C\u002Fli>\n\u003C\u002Fol>\n","Fix image sizes after you have changed image sizes from Media Settings. Ensure your images display consistently across your website.",4000,97589,50,2,"2025-04-18T07:45:00.000Z","6.8.5","5.0",[126,127,128,129],"featured-images","image-crop","post-thumbnails","regenerate-thumbnails","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Facme-fix-images.2.0.4.zip","2023-11-15 00:00:00",{"slug":133,"name":134,"version":135,"author":136,"author_profile":137,"description":138,"short_description":139,"active_installs":118,"downloaded":140,"rating":141,"num_ratings":142,"last_updated":143,"tested_up_to":144,"requires_at_least":145,"requires_php":18,"tags":146,"homepage":18,"download_link":148,"security_score":149,"vuln_count":74,"unpatched_count":74,"last_vuln_date":37,"fetched_at":30},"wp-smartcrop","WP SmartCrop","2.0.10","Bytes.co","https:\u002F\u002Fprofiles.wordpress.org\u002Fburlingtonbytes\u002F","\u003Cp>WP SmartCrop allows you to set the ‘focal point’ of any image, right from the media library, then crops your images to match your css rules \u003Cem>(no more squished aspect ratios)\u003C\u002Fem>, keeping that focal point, not only in view, but as near as possible to a ‘rule of thirds’ position in the image.  The results are powerful, composed photos at any screen size, with any constraints.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Visually select your images’ focal points with an intuitive click-based interface\u003C\u002Fli>\n\u003Cli>Quickly enable or disable smart-cropping on a per-image basis.\u003C\u002Fli>\n\u003Cli>Easily target only the images you want to style, with the \u003Cem>img.wpsmartcrop-image\u003C\u002Fem> selector\u003C\u002Fli>\n\u003Cli>Automatic image preloader, so your users never see partially loaded images again\u003C\u002Fli>\n\u003Cli>Semantic HTML5\u002FCSS3 for modern browsers, with automatic fallback to non-semantic HTML4\u002FCSS2 for older browsers.\u003C\u002Fli>\n\u003Cli>Lightweight and fast processing of images, even inside post content\u003C\u002Fli>\n\u003Cli>Fully compatible with common caching and optimization plugins and solutions, such as W3 Total Cache, Wordfence, WPEngine’s EverCache, Better WordPress Minify, and Google’s PageSpeed Module.\u003C\u002Fli>\n\u003Cli>Lets you take full advantage of the new responsive srcset features added in WordPress 4.4, to make the most of your images.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>NEW!\u003C\u002Fstrong> Legacy support for existing cropped thumb sizes allows you to see improvements, right out of the box, without changing your CSS!\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Compatibility\u003C\u002Fh3>\n\u003Cp>WP SmartCrop has been fully tested in the following browsers:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Safari\u003C\u002Fli>\n\u003Cli>Chrome\u003C\u002Fli>\n\u003Cli>Firefox\u003C\u002Fli>\n\u003Cli>Microsoft Edge\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This is by no means an exhaustive list of supported devices; it just represents our primary target platforms.\u003C\u002Fp>\n\u003Ch4>Please Rate\u002FReview and Enjoy\u003C\u002Fh4>\n\u003Cp>Your Ratings and Reviews help us to direct our development, and help other users know what to expect.\u003C\u002Fp>\n","WP SmartCrop will crop your images on-the-fly to match your CSS, keeping the main focal point in view.",123657,74,9,"2024-09-13T15:19:00.000Z","6.4.8","3.5.0",[147,20,104,21,23],"aspect-ratio","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-smartcrop.zip",92,{"attackSurface":151,"codeSignals":221,"taintFlows":254,"riskAssessment":255,"analyzedAt":268},{"hooks":152,"ajaxHandlers":213,"restRoutes":214,"shortcodes":215,"cronEvents":220,"entryPointCount":28,"unprotectedCount":74},[153,160,165,169,174,180,184,188,192,197,201,204,207,210],{"type":154,"name":155,"callback":156,"priority":157,"file":158,"line":159},"filter","wpthumb_image_post","wpthumb_background_fill",10,"wpthumb.background-fill.php",141,{"type":154,"name":161,"callback":162,"priority":157,"file":163,"line":164},"attachment_fields_to_edit","wpthumb_media_form_crop_position","wpthumb.crop-from-position.php",11,{"type":154,"name":166,"callback":167,"priority":157,"file":163,"line":168},"attachment_fields_to_save","wpthumb_media_form_crop_position_save",12,{"type":170,"name":171,"callback":172,"file":163,"line":173},"action","init","wpthumb_add_crop_from_position_admin_hooks",15,{"type":154,"name":175,"callback":176,"priority":177,"file":178,"line":179},"image_downsize","wpthumb_post_image",99,"wpthumb.php",658,{"type":154,"name":181,"callback":182,"file":178,"line":183},"wp_delete_file","wpthumb_delete_cache_for_file",677,{"type":170,"name":185,"callback":186,"file":178,"line":187},"admin_notices","wpthumb_errors",730,{"type":154,"name":189,"callback":190,"file":178,"line":191},"wp_image_editors","wpthumb_add_image_editors",741,{"type":154,"name":193,"callback":194,"priority":157,"file":195,"line":196},"wpthumb_post_image_args","wpthumb_watermark_add_args_to_post_image","wpthumb.watermark.php",79,{"type":154,"name":198,"callback":199,"priority":157,"file":195,"line":200},"wpthumb_image_pre","wpthumb_watermark_pre",101,{"type":154,"name":155,"callback":202,"priority":157,"file":195,"line":203},"wpthumb_watermark_post",117,{"type":154,"name":161,"callback":205,"priority":157,"file":195,"line":206},"wpthumb_media_form_watermark_position",209,{"type":154,"name":166,"callback":208,"priority":157,"file":195,"line":209},"wpthumb_media_form_watermark_save",210,{"type":170,"name":171,"callback":211,"file":195,"line":212},"wpthumb_add_watermarking_admin_hooks",213,[],[],[216],{"tag":217,"callback":218,"file":219,"line":164},"wpthumb","wpthumb_img_shortcode","wpthumb.shortcodes.php",[],{"dangerousFunctions":222,"sqlUsage":223,"outputEscaping":225,"fileOperations":121,"externalRequests":74,"nonceChecks":74,"capabilityChecks":74,"bundledLibraries":253},[],{"prepared":74,"raw":74,"locations":224},[],{"escaped":164,"rawEcho":226,"locations":227},13,[228,231,233,235,237,239,240,242,244,246,248,250,251],{"file":178,"line":229,"context":230},727,"raw output",{"file":195,"line":232,"context":230},150,{"file":195,"line":234,"context":230},153,{"file":195,"line":236,"context":230},160,{"file":195,"line":238,"context":230},162,{"file":195,"line":238,"context":230},{"file":195,"line":241,"context":230},169,{"file":195,"line":243,"context":230},170,{"file":195,"line":245,"context":230},171,{"file":195,"line":247,"context":230},172,{"file":195,"line":249,"context":230},177,{"file":195,"line":249,"context":230},{"file":195,"line":252,"context":230},183,[],[],{"summary":256,"deductions":257},"The wp-thumb v0.10 plugin exhibits a mixed security posture.  While the static analysis shows no dangerous functions, all SQL queries using prepared statements, and a limited attack surface primarily through one shortcode, significant concerns arise from output escaping and the vulnerability history.  The fact that 54% of outputs are not properly escaped presents a risk of Cross-Site Scripting (XSS) vulnerabilities, especially if user-supplied data is involved in these outputs. Furthermore, the presence of one unpatched medium severity CVE, specifically SSRF, dating from 2025, is a critical red flag. This indicates a known weakness that has not been addressed, leaving sites vulnerable to potentially serious attacks if an exploit becomes available. While the plugin has strengths in its handling of database queries and a small attack surface, the unaddressed CVE and poor output sanitization are significant weaknesses that elevate its risk profile.",[258,260,263,266],{"reason":259,"points":173},"Unpatched medium CVE",{"reason":261,"points":262},"High percentage of unescaped output",7,{"reason":264,"points":265},"Missing capability checks",5,{"reason":267,"points":265},"Missing nonce checks","2026-03-16T19:13:28.751Z",{"wat":270,"direct":279},{"assetPaths":271,"generatorPatterns":276,"scriptPaths":277,"versionParams":278},[272,273,274,275],"\u002Fwp-content\u002Fplugins\u002Fwp-thumb\u002Fwpthumb.watermark.php","\u002Fwp-content\u002Fplugins\u002Fwp-thumb\u002Fwpthumb.background-fill.php","\u002Fwp-content\u002Fplugins\u002Fwp-thumb\u002Fwpthumb.crop-from-position.php","\u002Fwp-content\u002Fplugins\u002Fwp-thumb\u002Fwpthumb.shortcodes.php",[],[],[],{"cssClasses":280,"htmlComments":281,"htmlAttributes":282,"restEndpoints":283,"jsGlobals":284,"shortcodeOutput":285},[],[],[],[],[],[286],"[wpthumb]"]