[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fOpzw7JaKgbWrzs97vRUBXk6zN6Y6084Rg4F3L5toAZU":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":36,"analysis":127,"fingerprints":225},"xml-ify-wordpress-multiple-posts","XML-ify WordPress Multiple Posts","1.0","lahrah","https:\u002F\u002Fprofiles.wordpress.org\u002Flahrah\u002F","\u003Cp>After installing and activating the plugin, the XML file is generated simply by visiting your site’s front page. The file generates each time someone visits your site’s front page. This shouldn’t be an issue with server overload, unless you get a LOT of traffic. If you notice slowness due to this plugin, let me know.\u003C\u002Fp>\n\u003Cp>The XML generated will be located in a folder called ‘xmlfiles’ within your wp-content folder. The file will be named multipost.xml.\u003C\u002Fp>\n\u003Ch3>Issues\u003C\u002Fh3>\n\u003Cp>1) None yet.\u003C\u002Fp>\n","This plugin generates an XML file using content from multiple blog posts. You decide how many of the latest posts you want included in the XML file.",10,2904,0,"2011-04-16T20:20:00.000Z","3.1.4","",[18,19,20,21,22],"attachments","export","gallery","photo","xml","http:\u002F\u002Flauragentry.com\u002F2011\u002F04\u002F15\u002Fwordpress-plugin-xml-ify-wordpress-multiple-posts\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fxml-ify-wordpress-multiple-posts.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":32,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},2,20,93,30,89,"2026-04-04T15:05:30.984Z",[37,49,70,91,112],{"slug":38,"name":39,"version":40,"author":7,"author_profile":8,"description":16,"short_description":41,"active_installs":11,"downloaded":42,"rating":13,"num_ratings":13,"last_updated":16,"tested_up_to":15,"requires_at_least":16,"requires_php":16,"tags":43,"homepage":45,"download_link":46,"security_score":47,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":48},"photo-gallery-xml-export","Photo Gallery XML Export","1.3","The plugin generates an XML feed from your Wordpress posts using the excerpt field, permalink and five custom fields of your choosing.",4470,[19,44,20,21,22],"flash","http:\u002F\u002Fwww.lauragentry.com\u002Fwordpress\u002F?p=216","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fphoto-gallery-xml-export.zip",100,"2026-03-15T10:48:56.248Z",{"slug":50,"name":51,"version":52,"author":53,"author_profile":54,"description":55,"short_description":56,"active_installs":57,"downloaded":58,"rating":59,"num_ratings":60,"last_updated":61,"tested_up_to":62,"requires_at_least":63,"requires_php":16,"tags":64,"homepage":68,"download_link":69,"security_score":47,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"lightbox-photoswipe","Lightbox with PhotoSwipe","5.8.3","Arno Welzel","https:\u002F\u002Fprofiles.wordpress.org\u002Fawelzel\u002F","\u003Cp>This plugin integrates PhotoSwipe to WordPress. All linked images in a post or page will be displayed using PhotoSwipe, regardless if they are part of a gallery or single images.\u003C\u002Fp>\n\u003Cp>More about the original version of PhotoSwipe see here: \u003Ca href=\"http:\u002F\u002Fphotoswipe.com\" rel=\"nofollow ugc\">http:\u002F\u002Fphotoswipe.com\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>You can also display EXIF data from supported image types.\u003C\u002Fp>\n\u003Cp>As of version 4.0.0 this plugin requires at least WordPress 5.3 and PHP 7.0. Older PHP version will cause problems. In this case you have to upgrade your PHP version or ask your hoster to do so. Please note that WordPress itself also recommends at least PHP 7.4 – see \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fabout\u002Frequirements\u002F\" rel=\"ugc\">https:\u002F\u002Fwordpress.org\u002Fabout\u002Frequirements\u002F\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Please keep in mind: not the visible thumbnail is relevant, but only the image link. Images should always be linked to the file and not to the attachment page. Since version 5.6.1 there is an option to fix attachment links which can be enabled if needed – however this may slow down your website since then all links on a page will be checked if they are attachment links.\u003C\u002Fp>\n","Integration of PhotoSwipe (http:\u002F\u002Fphotoswipe.com) for WordPress.",20000,937902,98,113,"2026-02-26T16:27:00.000Z","6.9.4","5.3",[18,20,65,66,67],"images","lightbox","photoswipe","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Flightbox-photoswipe\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flightbox-photoswipe.5.8.3.zip",{"slug":71,"name":72,"version":73,"author":74,"author_profile":75,"description":76,"short_description":77,"active_installs":78,"downloaded":79,"rating":80,"num_ratings":81,"last_updated":82,"tested_up_to":83,"requires_at_least":84,"requires_php":16,"tags":85,"homepage":87,"download_link":88,"security_score":89,"vuln_count":30,"unpatched_count":30,"last_vuln_date":90,"fetched_at":27},"import-external-attachments","Import external attachments","1.5.12","ryanpcmcquen","https:\u002F\u002Fprofiles.wordpress.org\u002Fryanpcmcquen\u002F","\u003Cp>Makes local copies of all the linked images and pdfs in a post, adding them as gallery attachments.\u003C\u002Fp>\n\u003Cp>Source & support:\u003C\u002Fp>\n\u003Cp>https:\u002F\u002Fgithub.com\u002Fryanpcmcquen\u002Fimport-external-attachments\u003C\u002Fp>\n\u003Ch4>Credits\u003C\u002Fh4>\n\u003Cp>This plugin is based on the work done in the “Import External Images” plugin by MartyThornley.\u003C\u002Fp>\n\u003Cp>https:\u002F\u002Fgithub.com\u002FMartyThornley\u003C\u002Fp>\n\u003Cp>HTTPS support added by IvanDoomer:\u003Cbr \u002F>\nhttps:\u002F\u002Fgithub.com\u002FIvanDoomer\u003C\u002Fp>\n\u003Cp>PDF support added by bengreeley:\u003Cbr \u002F>\nhttps:\u002F\u002Fgithub.com\u002Fbengreeley\u003C\u002Fp>\n\u003Cp>Most of the JavaScript was rewritten from the original plugin, to reduce the\u003Cbr \u002F>\nnumber of global variables.\u003C\u002Fp>\n","Makes local copies of all the linked images and pdfs in a post, adding them as gallery attachments.",2000,24175,86,26,"2017-02-24T14:39:00.000Z","4.4.34","3.2",[18,20,65,21,86],"photobloggers","https:\u002F\u002Fgithub.com\u002Fryanpcmcquen\u002Fimport-external-attachments","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fimport-external-attachments.zip",41,"2025-12-14 00:00:00",{"slug":92,"name":93,"version":94,"author":95,"author_profile":96,"description":97,"short_description":98,"active_installs":99,"downloaded":100,"rating":101,"num_ratings":102,"last_updated":103,"tested_up_to":104,"requires_at_least":105,"requires_php":16,"tags":106,"homepage":110,"download_link":111,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"import-to-photo-gallery-from-nextgen-gallery","Import to Photo Gallery from NextGen gallery","1.0.5","10Web","https:\u002F\u002Fprofiles.wordpress.org\u002F10web\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fweb-dorado.com\u002Fwordpress-plugins-bundle.html\" rel=\"nofollow ugc\">Special Offer for all Premium Plugins\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Import to Photo Gallery from NextGen gallery is an easy setup addon for importing photos and related data from NextGen Gallery plugin to Photo Gallery.\u003C\u002Fp>\n\u003Cp>Plugin allows importing not only NextGen galleries and albums but also related data. This include photo tags and comments. This means that you can import individual or specific album from NextGen or choose to import all albums and galleries.\u003C\u002Fp>\n\u003Cp>The imported data gets switched from NextGen structure to Photo Gallery, so the galleries and albums can be further modified and changed based on Photo Gallery options.\u003C\u002Fp>\n","Import to Photo Gallery from NextGen gallery  is an easy setup addon for importing photos and related data from NextGen Gallery to Photo Gallery.",500,39069,70,4,"2018-10-25T12:20:00.000Z","4.9.29","3.4",[19,20,107,108,109],"import","nextgen-gallery","photo-gallery","http:\u002F\u002Fweb-dorado.com\u002Fproducts\u002Fwordpress-photo-gallery-plugin.html","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fimport-to-photo-gallery-from-nextgen-gallery.1.0.5.zip",{"slug":113,"name":114,"version":115,"author":116,"author_profile":117,"description":118,"short_description":119,"active_installs":11,"downloaded":120,"rating":13,"num_ratings":13,"last_updated":121,"tested_up_to":122,"requires_at_least":123,"requires_php":16,"tags":124,"homepage":16,"download_link":126,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"gallery-plugin-xmlrpc-interface","Gallery Plugin XMLRPC Interface","0.3","Peidong Hu","https:\u002F\u002Fprofiles.wordpress.org\u002Fzhouyibhic\u002F","\u003Cp>Basically this plugin creates XMLRPC interfaces for Gallery Plugin.\u003Cbr \u002F>\n Thanks for the author of Extended API, Michael Grosser,  since this plugin has reused the design.\u003Cbr \u002F>\n NOTE: API functions (xmlrpc revoke functions) are all prefixed with ‘i_gllrxmlrpc’.\u003C\u002Fp>\n","This plugin creates functions for Gallery Plugin which can be XMLRPC invoked remotely.",2321,"2013-01-10T15:04:00.000Z","3.3.2","3.3",[20,21,125],"xmlrpc","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgallery-plugin-xmlrpc-interface.zip",{"attackSurface":128,"codeSignals":148,"taintFlows":212,"riskAssessment":213,"analyzedAt":224},{"hooks":129,"ajaxHandlers":144,"restRoutes":145,"shortcodes":146,"cronEvents":147,"entryPointCount":13,"unprotectedCount":13},[130,136,140],{"type":131,"name":132,"callback":133,"file":134,"line":135},"action","get_footer","exportMPpostxml","multi-post-xml-feed.php",156,{"type":131,"name":137,"callback":138,"file":134,"line":139},"admin_menu","multi_post_xml_menu",242,{"type":131,"name":141,"callback":142,"file":134,"line":143},"admin_init","register_multi_post_xml_settings",243,[],[],[],[],{"dangerousFunctions":149,"sqlUsage":150,"outputEscaping":152,"fileOperations":210,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":211},[],{"prepared":13,"raw":13,"locations":151},[],{"escaped":13,"rawEcho":153,"locations":154},28,[155,159,161,163,164,166,168,170,172,174,176,178,180,182,184,186,188,190,191,193,195,197,199,201,203,205,206,208],{"file":156,"line":157,"context":158},"multi-post-xml-feed-options.php",37,"raw output",{"file":156,"line":160,"context":158},52,{"file":156,"line":162,"context":158},66,{"file":156,"line":47,"context":158},{"file":156,"line":165,"context":158},101,{"file":156,"line":167,"context":158},107,{"file":156,"line":169,"context":158},108,{"file":156,"line":171,"context":158},114,{"file":156,"line":173,"context":158},115,{"file":156,"line":175,"context":158},119,{"file":156,"line":177,"context":158},120,{"file":156,"line":179,"context":158},124,{"file":156,"line":181,"context":158},125,{"file":156,"line":183,"context":158},139,{"file":156,"line":185,"context":158},145,{"file":134,"line":187,"context":158},42,{"file":134,"line":189,"context":158},45,{"file":134,"line":160,"context":158},{"file":134,"line":192,"context":158},55,{"file":134,"line":194,"context":158},62,{"file":134,"line":196,"context":158},65,{"file":134,"line":198,"context":158},91,{"file":134,"line":200,"context":158},92,{"file":134,"line":202,"context":158},112,{"file":134,"line":204,"context":158},118,{"file":134,"line":179,"context":158},{"file":134,"line":207,"context":158},130,{"file":134,"line":209,"context":158},136,3,[],[],{"summary":214,"deductions":215},"The \"xml-ify-wordpress-multiple-posts\" v1.0 plugin exhibits a mixed security posture. On the positive side, there are no identified CVEs in its history, and the static analysis shows a complete absence of dangerous functions, raw SQL queries, and external HTTP requests.  Crucially, all SQL queries are properly prepared, and there are no reported taint flows indicating potential injection vulnerabilities.\n\nHowever, significant concerns arise from the complete lack of output escaping. With 28 outputs identified and 0% properly escaped, this presents a high risk of Cross-Site Scripting (XSS) vulnerabilities. Any data displayed by the plugin that originates from user input or external sources could be manipulated to execute arbitrary JavaScript in the user's browser. Furthermore, the absence of any capability checks, nonce checks, or authentication checks on any of the plugin's entry points (even though the static analysis reports zero entry points) suggests a potential lack of robust authorization and security measures should any new entry points be introduced or discovered.\n\nThe vulnerability history being completely clean is a good sign, suggesting the developers have either been cautious or have not yet encountered significant security flaws. However, this doesn't negate the critical issue of unescaped output found in the current analysis. The plugin's strengths lie in its clean SQL and lack of dangerous functions, but the severe deficiency in output escaping is a major weakness that requires immediate attention.",[216,219,222],{"reason":217,"points":218},"No output escaping",16,{"reason":220,"points":221},"No capability checks",5,{"reason":223,"points":221},"No nonce checks","2026-03-17T01:34:03.990Z",{"wat":226,"direct":231},{"assetPaths":227,"generatorPatterns":228,"scriptPaths":229,"versionParams":230},[],[],[],[],{"cssClasses":232,"htmlComments":233,"htmlAttributes":234,"restEndpoints":238,"jsGlobals":239,"shortcodeOutput":240},[],[],[235,236,237],"attachment imageURL","attachment thumbURL","attachment",[],[],[241,242,243,244],"\u003Cmultipostxml>","\u003Csinglepost>","\u003C\u002Fsinglepost>","\u003C\u002Fmultipostxml>"]