[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fevUlfaVsjwWbS6wLD_Q7MQLcxEtD2-RXn-Gxu8mUfr8":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":11,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":36,"analysis":135,"fingerprints":428},"yctvn-media-offload-cloudflare-r2","Yctvn Media Offload for Cloudflare R2","1.0.2","Kangta","https:\u002F\u002Fprofiles.wordpress.org\u002Fkangta911\u002F","\u003Cp>\u003Cstrong>Yctvn Media Offload for Cloudflare R2\u003C\u002Fstrong> seamlessly integrates your WordPress media library with Cloudflare R2 Storage, providing enterprise-grade CDN delivery at a fraction of the cost of traditional solutions.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>📸 New to Cloudflare R2?\u003C\u002Fstrong> Check out the Screenshots section for a complete visual setup guide with step-by-step instructions!\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Automatic Media Upload\u003C\u002Fstrong>: Automatically upload new media files to R2 storage as they’re added to WordPress\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Bulk Sync\u003C\u002Fstrong>: Migrate existing media library to R2 with one-click bulk sync\u003C\u002Fli>\n\u003Cli>\u003Cstrong>CDN URL Rewriting\u003C\u002Fstrong>: Serve all media from Cloudflare’s global CDN network\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Image Size Support\u003C\u002Fstrong>: Upload and serve all WordPress image sizes including thumbnails\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Responsive Images\u003C\u002Fstrong>: Full support for srcset and responsive images\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Post Content Rewriting\u003C\u002Fstrong>: Automatically rewrite image URLs in post content\u003C\u002Fli>\n\u003Cli>\u003Cstrong>AWS Signature V4\u003C\u002Fstrong>: Secure authentication using industry-standard protocols\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Debug Mode\u003C\u002Fstrong>: Comprehensive logging for troubleshooting\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Why Choose R2 Storage?\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Cost Effective\u003C\u002Fstrong>: No egress fees – pay only for storage\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Global Performance\u003C\u002Fstrong>: Leverage Cloudflare’s worldwide CDN network\u003C\u002Fli>\n\u003Cli>\u003Cstrong>S3 Compatible\u003C\u002Fstrong>: Works with standard S3 APIs\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Reliability\u003C\u002Fstrong>: Enterprise-grade infrastructure with 99.9% uptime SLA\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Requirements\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WordPress 5.0 or higher\u003C\u002Fli>\n\u003Cli>PHP 8.0 or higher (compatible with 8.0, 8.1, 8.2, 8.3, 8.4)\u003C\u002Fli>\n\u003Cli>Cloudflare account with R2 enabled\u003C\u002Fli>\n\u003Cli>R2 API credentials (Access Key ID and Secret Access Key)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Getting Started\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Visual Guide:\u003C\u002Fstrong> See the Screenshots section below for a complete step-by-step visual guide!\u003C\u002Fp>\n\u003Cp>Follow these 3 simple steps to connect your WordPress site to Cloudflare R2:\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Step 1: Create R2 Bucket\u003C\u002Fstrong>\u003Cbr \u002F>\n1. Log in to \u003Ca href=\"https:\u002F\u002Fdash.cloudflare.com\u002F\" rel=\"nofollow ugc\">Cloudflare Dashboard\u003C\u002Fa>\u003Cbr \u002F>\n2. Click on “R2” in the left sidebar\u003Cbr \u002F>\n3. Click “Create bucket”\u003Cbr \u002F>\n4. Enter a unique bucket name (e.g., “my-wordpress-media”)\u003Cbr \u002F>\n5. Choose a location (optional)\u003Cbr \u002F>\n6. Click “Create bucket”\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Step 2: Get Your Credentials\u003C\u002Fstrong>\u003Cbr \u002F>\nYou need 4 pieces of information from Cloudflare:\u003C\u002Fp>\n\u003Cp>\u003Cem>A. Account ID:\u003C\u002Fem>\u003Cbr \u002F>\n– In R2 dashboard, look at the top right corner\u003Cbr \u002F>\n– Copy the “Account ID” (format: 32 alphanumeric characters)\u003C\u002Fp>\n\u003Cp>\u003Cem>B. Access Key ID & Secret Access Key:\u003C\u002Fem>\u003Cbr \u002F>\n1. In R2 dashboard, click “Manage R2 API Tokens”\u003Cbr \u002F>\n2. Click “Create API token”\u003Cbr \u002F>\n3. Give it a name (e.g., “WordPress Media Plugin”)\u003Cbr \u002F>\n4. Under Permissions, select “Object Read & Write”\u003Cbr \u002F>\n5. (Optional) Under “Specify bucket(s)”, you can limit to your specific bucket\u003Cbr \u002F>\n6. Click “Create API token”\u003Cbr \u002F>\n7. \u003Cstrong>IMPORTANT\u003C\u002Fstrong>: Copy and save both:\u003Cbr \u002F>\n   – Access Key ID (shows immediately)\u003Cbr \u002F>\n   – Secret Access Key (shows only once – save it now!)\u003C\u002Fp>\n\u003Cp>\u003Cem>C. Bucket Name:\u003C\u002Fem>\u003Cbr \u002F>\n– The name you created in Step 1 (e.g., “my-wordpress-media”)\u003C\u002Fp>\n\u003Cp>\u003Cem>D. Public URL (CDN URL):\u003C\u002Fem>\u003Cbr \u002F>\n– Go to your R2 bucket \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Settings\u003Cbr \u002F>\n– Under “Public access”, click “Allow Access”\u003Cbr \u002F>\n– Your public URL will be: \u003Ccode>https:\u002F\u002Fpub-[hash].r2.dev\u003C\u002Fcode>\u003Cbr \u002F>\n– OR connect a custom domain under “Custom Domains” (e.g., \u003Ccode>https:\u002F\u002Fcdn.yoursite.com\u003C\u002Fcode>)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Step 3: Configure Plugin\u003C\u002Fstrong>\u003Cbr \u002F>\n1. Install and activate this plugin\u003Cbr \u002F>\n2. Go to Settings \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Yctvn Media Offload\u003Cbr \u002F>\n3. Enter all 4 credentials from Step 2:\u003Cbr \u002F>\n   – Account ID\u003Cbr \u002F>\n   – Access Key ID\u003Cbr \u002F>\n   – Secret Access Key\u003Cbr \u002F>\n   – Bucket Name\u003Cbr \u002F>\n   – Public URL (your R2 public URL or custom domain)\u003Cbr \u002F>\n4. Check “Auto Offload” to automatically upload new media\u003Cbr \u002F>\n5. Check “Enable URL Rewrite” to serve media from R2\u002FCDN\u003Cbr \u002F>\n6. Click “Save Settings”\u003Cbr \u002F>\n7. Use “Bulk Sync” to upload existing media\u003C\u002Fp>\n\u003Ch3>Additional Information\u003C\u002Fh3>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cp>For support, please use the WordPress.org support forum.\u003C\u002Fp>\n\u003Ch4>Buy Me a Coffee\u003C\u002Fh4>\n\u003Cp>If you find this plugin helpful, consider \u003Ca href=\"https:\u002F\u002Fwww.buymeacoffee.com\u002Fkangta911\" rel=\"nofollow ugc\">buying me a coffee\u003C\u002Fa> ☕\u003C\u002Fp>\n\u003Cp>Your support helps maintain and improve this plugin!\u003C\u002Fp>\n\u003Ch4>Contributing\u003C\u002Fh4>\n\u003Cp>This plugin is open source and welcomes contributions from the community.\u003C\u002Fp>\n\u003Ch4>Privacy\u003C\u002Fh4>\n\u003Cp>This plugin does not collect any personal data. Media files are transferred directly between your WordPress site and your Cloudflare R2 account.\u003C\u002Fp>\n","Automatically offload your WordPress media library to Cloudflare R2 Storage for improved performance and reduced hosting costs.",100,854,3,"2025-10-05T18:39:00.000Z","6.8.5","5.0","8.0",[19,20,21,22,23],"cdn","cloudflare","media","object-storage","storage","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fyctvn-media-offload-cloudflare-r2.1.0.2.zip",0,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":11,"avg_security_score":11,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"kangta911",1,30,94,"2026-04-04T12:27:32.394Z",[37,55,75,98,119],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":26,"downloaded":45,"rating":26,"num_ratings":26,"last_updated":46,"tested_up_to":15,"requires_at_least":47,"requires_php":48,"tags":49,"homepage":24,"download_link":54,"security_score":11,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"articla-media-offload-lite-for-oracle-cloud-infrastructure","Articla media offload lite for oracle cloud infrastructure","1.3.3","articla79","https:\u002F\u002Fprofiles.wordpress.org\u002Farticla79\u002F","\u003Cp>Move your WordPress media to Oracle Cloud Infrastructure (OCI) Object Storage and serve it directly from there—reducing disk usage, speeding up delivery, and keeping your uploads organized.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key features\u003C\u002Fstrong>\u003Cbr \u002F>\n– ✅ Offload new uploads to OCI Object Storage (S3-compatible, path-style).\u003Cbr \u002F>\n– 🔁 Backfill existing media in batches, with progress notice and stop button.\u003Cbr \u002F>\n– 🔐 Supports private and public buckets.\u003Cbr \u002F>\n– 🔗 Rewrites media URLs to load from your bucket (or your CDN in front of it).\u003Cbr \u002F>\n– 🩺 One-click Health Check to validate credentials, bucket, and endpoint.\u003Cbr \u002F>\n– ⚙️ Non-destructive option to keep a local copy of files.\u003Cbr \u002F>\n– 🧩 Works with common media workflows and doesn’t lock you in.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>How it works (quick start)\u003C\u002Fstrong>\u003Cbr \u002F>\n1) Go to \u003Cstrong>Media \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> OCI Offload\u003C\u002Fstrong> and enter your \u003Cstrong>Region, Namespace, Access Key, Secret Key, and Bucket\u003C\u002Fstrong>.\u003Cbr \u002F>\n2) Click \u003Cstrong>Save\u003C\u002Fstrong>, then enable \u003Cstrong>Offload new uploads\u003C\u002Fstrong> (and optionally \u003Cstrong>Keep local copy\u003C\u002Fstrong>).\u003Cbr \u002F>\n3) Use \u003Cstrong>Backfill\u003C\u002Fstrong> to move existing media (optional).\u003Cbr \u002F>\n4) Optionally put a CDN in front of your bucket for global performance.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Who is it for?\u003C\u002Fstrong>\u003Cbr \u002F>\n– Sites that want to save disk space on the web server.\u003Cbr \u002F>\n– Publishers that prefer serving media from OCI directly or behind a CDN.\u003Cbr \u002F>\n– Teams needing simple, reliable S3-compatible offloading with minimal setup.\u003C\u002Fp>\n\u003Ch3>Privacy\u003C\u002Fh3>\n\u003Cp>No telemetry. Only your configured requests to OCI are made.\u003C\u002Fp>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Cp>This plugin connects to \u003Cstrong>Oracle Cloud Infrastructure (OCI) Object Storage\u003C\u002Fstrong> in order to upload and read media files.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>What service is used and why\u003C\u002Fstrong>: Oracle Cloud Object Storage (domains under \u003Ccode>*.oraclecloud.com\u003C\u002Fcode>, for example \u003Ccode>{namespace}.compat.objectstorage.{region}.oraclecloud.com\u003C\u002Fcode>) is used to store (PUT) and retrieve (GET) your media files and to run an optional health check.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>What data is sent and when\u003C\u002Fstrong>:\n\u003Cul>\n\u003Cli>When you enable “Offload new uploads”, each uploaded attachment (file contents, filename\u002Fpath) is sent via HTTPS \u003Ccode>PUT\u003C\u002Fcode> to your configured bucket and namespace.\u003C\u002Fli>\n\u003Cli>The admin \u003Cstrong>Health Check\u003C\u002Fstrong> uploads a small text file and immediately reads it back to verify connectivity.\u003C\u002Fli>\n\u003Cli>Standard request metadata such as your server’s IP and user agent are visible to Oracle as with any HTTPS request.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Authentication\u003C\u002Fstrong>: All requests are signed client-side with AWS Signature V4 using the Access Key ID and Secret Key you provide in the plugin settings. Keys are stored in your WordPress database (options) and are never sent anywhere except as part of the standard signature headers to OCI.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy and terms\u003C\u002Fstrong>: See Oracle’s \u003Ca href=\"https:\u002F\u002Fwww.oracle.com\u002Flegal\u002Fterms.html\" rel=\"nofollow ugc\">Terms of Use\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwww.oracle.com\u002Flegal\u002Fprivacy\u002F\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Opt-out\u003C\u002Fstrong>: Disable “Offload new uploads” or deactivate the plugin. The plugin does not contact any external service when offloading is disabled., keep description exactly same\u003C\u002Fli>\n\u003C\u002Ful>\n","Offload your Media Library to Oracle Cloud (OCI) via S3. Supports private and public buckets.",295,"2025-09-19T20:05:00.000Z","6.0","7.0",[50,22,51,52,53],"cdn-media","oci","oracle-cloud","s3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Farticla-media-offload-lite-for-oracle-cloud-infrastructure.zip",{"slug":56,"name":57,"version":58,"author":59,"author_profile":60,"description":61,"short_description":62,"active_installs":63,"downloaded":64,"rating":34,"num_ratings":65,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":69,"tags":70,"homepage":73,"download_link":74,"security_score":11,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"advanced-media-offloader","Advanced Media Offloader","4.4.1","Masoud Golchin","https:\u002F\u002Fprofiles.wordpress.org\u002Fmasoudin\u002F","\u003Cp>\u003Cstrong>Advanced Media Offloader\u003C\u002Fstrong> helps you optimize your WordPress media handling by automatically uploading your media files to S3-compatible cloud storage services.\u003C\u002Fp>\n\u003Cp>Struggling with server space limitations? Want to improve your site’s performance by serving media through a CDN? This plugin handles the technical work of migrating your media to the cloud, rewriting URLs, and maintaining compatibility with your existing content.\u003C\u002Fp>\n\u003Ch4>Key Benefits\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Reduce server storage requirements and costs\u003C\u002Fli>\n\u003Cli>Decrease server load when serving media files\u003C\u002Fli>\n\u003Cli>Improve global site loading speeds when combined with CDN services\u003C\u002Fli>\n\u003Cli>Maintain full compatibility with WordPress media functions\u003C\u002Fli>\n\u003Cli>No need to modify existing content – URLs are automatically rewritten\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Supported Cloud Providers\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Amazon S3\u003C\u002Fstrong> – The industry standard object storage service\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Cloudflare R2\u003C\u002Fstrong> – S3-compatible storage with zero egress fees\u003C\u002Fli>\n\u003Cli>\u003Cstrong>DigitalOcean Spaces\u003C\u002Fstrong> – Simple object storage from DigitalOcean\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Backblaze B2\u003C\u002Fstrong> – Affordable S3-compatible storage with predictable pricing\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Wasabi\u003C\u002Fstrong> – Hot cloud storage with predictable pricing\u003C\u002Fli>\n\u003Cli>\u003Cstrong>MinIO\u003C\u002Fstrong> – Any S3-compatible storage (MinIO, OVHcloud Object Storage, Scaleway, Linode, Vultr, IBM COS, and more)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Not sure which provider to choose? Check our \u003Ca href=\"https:\u002F\u002Fwpfitter.com\u002Fblog\u002Fbest-cloud-storage-for-wordpress-media-pricing-comparison\u002F?utm_source=wp-plugin&utm_medium=readme&utm_campaign=advanced-media-offloader&utm_content=pricing-comparison\" rel=\"nofollow ugc\">cloud storage pricing comparison\u003C\u002Fa> for real-world cost breakdowns.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Automatic Offloading\u003C\u002Fstrong> – New media uploads are automatically sent to your cloud storage\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Smart Policies\u003C\u002Fstrong> – Create advanced rules to control exactly which files are offloaded and when, giving you granular control over your storage. (\u003Ca href=\"https:\u002F\u002Fwpfitter.com\u002Fblog\u002Fimplementing-smart-retention-policies-with-advanced-media-offloader\u002F?utm_source=wp-plugin&utm_medium=readme&utm_campaign=advanced-media-offloader&utm_content=smart-policies\" rel=\"nofollow ugc\">Learn more\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Bulk Migration & WP CLI\u003C\u002Fstrong> – Easily move existing media to the cloud with powerful command-line support for bulk operations and automation (\u003Ca href=\"https:\u002F\u002Fwpfitter.com\u002Fblog\u002Fadvmo-bulk-offload-with-wp-cli?utm_source=wp-plugin&utm_medium=readme&utm_campaign=advanced-media-offloader&utm_content=bulk-offload-cli\" rel=\"nofollow ugc\">Learn more\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Thumbnail Regeneration Compatibility\u003C\u002Fstrong> – Compatible with WP-CLI \u003Ccode>wp media regenerate\u003C\u002Fcode> command and the Regenerate Thumbnails plugin. Regenerated thumbnails automatically offload to cloud storage. Note: Not compatible with Full Cloud Migration retention policy.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Smart URL Rewriting\u003C\u002Fstrong> – All media URLs are automatically rewritten to serve from cloud storage\u003C\u002Fli>\n\u003Cli>\u003Cstrong>File Versioning\u003C\u002Fstrong> – Add unique timestamps to media paths to prevent caching issues\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Flexible Retention\u003C\u002Fstrong> – Choose to keep local copies or remove them after successful offloading\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Mirror Deletion\u003C\u002Fstrong> – Optionally remove files from cloud storage when deleted from WordPress\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Paths\u003C\u002Fstrong> – Configure custom path prefixes in your cloud storage\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Image Optimizer Compatibility\u003C\u002Fstrong> – Works with \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwebp-uploads\u002F\" rel=\"ugc\">Modern Image Formats\u003C\u002Fa> (recommended), Imagify, and EWWW Image Optimizer. Optimized WebP and AVIF files are automatically offloaded alongside originals. (\u003Ca href=\"https:\u002F\u002Fwpfitter.com\u002Fblog\u002Fewww-imagify-support-added-to-advanced-media-offloader\u002F?utm_source=wp-plugin&utm_medium=readme&utm_campaign=advanced-media-offloader&utm_content=image-optimizer-compatibility\" rel=\"nofollow ugc\">Learn more\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Developer-Friendly\u003C\u002Fstrong> – Extensive action and filter hooks for extending functionality (\u003Ca href=\"https:\u002F\u002Fwpfitter.com\u002Fdocuments\u002Fadvanced-media-offloader\u002Fdevelopment-hooks\u002F?utm_source=wp-plugin&utm_medium=readme&utm_campaign=advanced-media-offloader&utm_content=developer-hooks\" rel=\"nofollow ugc\">View Documentation\u003C\u002Fa>)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Developer Documentation\u003C\u002Fh4>\n\u003Cp>For developers looking to extend or customize the plugin behavior, we provide comprehensive documentation for all available hooks:\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwpfitter.com\u002Fdocuments\u002Fadvanced-media-offloader\u002Fdevelopment-hooks\u002F?utm_source=wp-plugin&utm_medium=readme&utm_campaign=advanced-media-offloader&utm_content=developer-hooks\" rel=\"nofollow ugc\">View Developer Hooks Documentation \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan>\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Quick example – skip offloading files larger than 5MB:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>add_filter('advmo_should_offload_attachment', function($should_offload, $attachment_id) {\n    $file = get_attached_file($attachment_id);\n    if ($file && filesize($file) > 5 * 1024 * 1024) {\n        return false;\n    }\n    return $should_offload;\n}, 10, 2);\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Configuration\u003C\u002Fh3>\n\u003Cp>For security, cloud provider credentials are stored in your \u003Ccode>wp-config.php\u003C\u002Fcode> file rather than the database.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong> Domain and endpoint URLs will automatically be prefixed with \u003Ccode>https:\u002F\u002F\u003C\u002Fcode> if you don’t include it, but we recommend always including the full URL for clarity.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fdevelopers.cloudflare.com\u002Fr2\u002F\" rel=\"nofollow ugc\">Cloudflare R2\u003C\u002Fa> Configuration\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>    define('ADVMO_CLOUDFLARE_R2_KEY', 'your-access-key');\n    define('ADVMO_CLOUDFLARE_R2_SECRET', 'your-secret-key');\n    define('ADVMO_CLOUDFLARE_R2_BUCKET', 'your-bucket-name');\n    define('ADVMO_CLOUDFLARE_R2_DOMAIN', 'your-domain-url');\n    define('ADVMO_CLOUDFLARE_R2_ENDPOINT', 'your-endpoint-url');\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.digitalocean.com\u002Fproducts\u002Fspaces\" rel=\"nofollow ugc\">DigitalOcean Spaces\u003C\u002Fa> Configuration\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>    define('ADVMO_DOS_KEY', 'your-access-key');\n    define('ADVMO_DOS_SECRET', 'your-secret-key');\n    define('ADVMO_DOS_BUCKET', 'your-bucket-name');\n    define('ADVMO_DOS_DOMAIN', 'your-domain-url');\n    define('ADVMO_DOS_ENDPOINT', 'your-endpoint-url');\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fmin.io\u002Fdocs\u002Fminio\u002Flinux\u002Fadministration\u002Fidentity-access-management\u002Fminio-user-management.html\" rel=\"nofollow ugc\">MinIO\u003C\u002Fa> Configuration\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Use this for any storage that supports the S3 API via a custom endpoint (e.g., MinIO, OVHcloud Object Storage, Scaleway, Linode, Vultr, IBM COS). Select this if your provider isn’t listed separately.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>    define('ADVMO_MINIO_KEY', 'your-access-key');\n    define('ADVMO_MINIO_SECRET', 'your-secret-key');\n    define('ADVMO_MINIO_BUCKET', 'your-bucket-name');\n    define('ADVMO_MINIO_DOMAIN', 'your-domain-url');\n    define('ADVMO_MINIO_ENDPOINT', 'your-endpoint-url');\n    define('ADVMO_MINIO_PATH_STYLE_ENDPOINT', false); \u002F\u002F Optional. Set to true if your MinIO server requires path-style URLs (most self-hosted MinIO setups). Default is false.\n    define('ADVMO_MINIO_REGION', 'your-bucket-region'); \u002F\u002F Optional. Set your MinIO bucket region if needed. Default is 'us-east-1'.\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Faws.amazon.com\u002Fs3\u002F\" rel=\"nofollow ugc\">Amazon S3\u003C\u002Fa> Configuration\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>    define('ADVMO_AWS_KEY', 'your-access-key');\n    define('ADVMO_AWS_SECRET', 'your-secret-key');\n    define('ADVMO_AWS_BUCKET', 'your-bucket-name');\n    define('ADVMO_AWS_REGION', 'your-bucket-region');\n    define('ADVMO_AWS_DOMAIN', 'your-domain-url');\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.backblaze.com\u002Fapidocs\u002Fintroduction-to-the-s3-compatible-api\" rel=\"nofollow ugc\">Backblaze B2\u003C\u002Fa> Configuration\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>    define('ADVMO_BACKBLAZE_B2_KEY', 'your-application-key-id');\n    define('ADVMO_BACKBLAZE_B2_SECRET', 'your-application-key');\n    define('ADVMO_BACKBLAZE_B2_BUCKET', 'your-bucket-name');\n    define('ADVMO_BACKBLAZE_B2_REGION', 'your-bucket-region');\n    define('ADVMO_BACKBLAZE_B2_DOMAIN', 'your-domain-url');\n    define('ADVMO_BACKBLAZE_B2_ENDPOINT', 'your-endpoint-url');\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fdocs.wasabi.com\u002Fdocs\u002Fcreating-a-new-access-key\" rel=\"nofollow ugc\">Wasabi\u003C\u002Fa> Configuration\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>    define('ADVMO_WASABI_KEY', 'your-access-key');\n    define('ADVMO_WASABI_SECRET', 'your-secret-key');\n    define('ADVMO_WASABI_BUCKET', 'your-bucket-name');\n    define('ADVMO_WASABI_REGION', 'your-bucket-region');\n    define('ADVMO_WASABI_DOMAIN', 'your-domain-url');\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Using the S3 PHP SDK\u003C\u002Fh3>\n\u003Cp>The Advanced Media Offloader utilizes the AWS SDK for PHP to interact with S3-compatible cloud storage. This powerful SDK provides an easy-to-use API for managing your cloud storage operations, including file uploads, downloads, and more. The SDK is maintained by Amazon Web Services, ensuring high compatibility and performance with S3 services.\u003C\u002Fp>\n\u003Cp>For more information about the AWS SDK for PHP, visit:\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Faws.amazon.com\u002Fsdk-for-php\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Faws.amazon.com\u002Fsdk-for-php\u002F\u003C\u002Fa>\u003C\u002Fp>\n","Save server space & speed up your site by automatically offloading media to Amazon S3, Cloudflare R2 & more.",3000,35528,42,"2026-03-11T11:11:00.000Z","6.9.4","5.6","8.1",[20,71,72,53,23],"media-library","offload","https:\u002F\u002Fwpfitter.com\u002Fplugins\u002Fadvanced-media-offloader\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadvanced-media-offloader.4.4.1.zip",{"slug":76,"name":77,"version":78,"author":79,"author_profile":80,"description":81,"short_description":82,"active_installs":83,"downloaded":84,"rating":85,"num_ratings":86,"last_updated":87,"tested_up_to":15,"requires_at_least":88,"requires_php":17,"tags":89,"homepage":94,"download_link":95,"security_score":96,"vuln_count":32,"unpatched_count":26,"last_vuln_date":97,"fetched_at":28},"windows-azure-storage","Microsoft Azure Storage for WordPress","4.5.2","10up","https:\u002F\u002Fprofiles.wordpress.org\u002F10up\u002F","\u003Cp>This WordPress plugin allows you to use Microsoft Azure Storage Service to host your media and uploads for your WordPress powered website. Microsoft Azure Storage is an effective way to infinitely scale storage of your site and leverage Azure’s global infrastructure.\u003C\u002Fp>\n\u003Cp>For more details on Microsoft Azure Storage, please visit the \u003Ca href=\"https:\u002F\u002Fazure.microsoft.com\u002Fen-us\u002Fservices\u002Fstorage\u002F\" rel=\"nofollow ugc\">Microsoft Azure website\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>For more details on configuring a Microsoft Azure Storage account and on using the plugin with the Block Editor or Classic Editor, please visit the \u003Ca href=\"https:\u002F\u002Fgithub.com\u002F10up\u002Fwindows-azure-storage\u002Fblob\u002Fdevelop\u002FUserGuide.md\" rel=\"nofollow ugc\">user guide\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Known Issues\u003C\u002Fh3>\n\u003Ch4>Storage Account Versions\u003C\u002Fh4>\n\u003Cp>Storage accounts can be created via CLI, classic Azure portal, or the new Azure portal,\u003Cbr \u002F>\nwith varying results.\u003C\u002Fp>\n\u003Cp>If a Storage account is created with the new Azure portal, authentication will fail,\u003Cbr \u002F>\nresulting in the inability to view\u002Fadd containers or files. Creating a Storage account\u003Cbr \u002F>\nwith the Azure CLI should allow the plugin to work with new Storage accounts.\u003C\u002Fp>\n\u003Ch4>Responsive Images in WordPress 4.4\u003C\u002Fh4>\n\u003Cp>Images uploaded to the Azure Storage service will not automatically receive responsive versions.\u003Cbr \u002F>\nImages added through the WordPress Media Loader \u003Cem>should\u003C\u002Fem> get automatically converted to responsive\u003Cbr \u002F>\nimages when inserted into a post or page.\u003Cbr \u002F>\nWe are investigating options for full support of responsive images in the plugin.\u003C\u002Fp>\n","Use the Microsoft Azure Storage service to host your website's media files.",2000,122722,78,14,"2025-10-28T23:39:00.000Z","6.6",[90,19,91,92,93],"blob-storage","media-files","microsoft-azure-storage","upload","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwindows-azure-storage\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwindows-azure-storage.4.5.2.zip",99,"2025-10-23 20:09:38",{"slug":99,"name":100,"version":101,"author":102,"author_profile":103,"description":104,"short_description":105,"active_installs":106,"downloaded":107,"rating":108,"num_ratings":109,"last_updated":110,"tested_up_to":67,"requires_at_least":111,"requires_php":112,"tags":113,"homepage":116,"download_link":117,"security_score":96,"vuln_count":32,"unpatched_count":26,"last_vuln_date":118,"fetched_at":28},"upcasted-s3-offload","Upcasted S3 Offload – AWS S3, DigitalOcean Spaces, Backblaze, MinIO Storage Integration","3.1.0","upcasted","https:\u002F\u002Fprofiles.wordpress.org\u002Fupcasted\u002F","\u003Cp>Upcasted S3 Offload seamlessly integrates your WordPress Media Library with AWS S3 and other S3-compatible storage providers including DigitalOcean Spaces, Linode Object Storage, MinIO, Wasabi, Backblaze, Vultr Object Storage, DreamObjects, and more.\u003C\u002Fp>\n\u003Cp>This powerful plugin optimizes your website’s performance by efficiently managing media files in cloud storage, reducing server load, and improving loading times. It automatically moves your media files to S3 storage and handles URL rewriting, ensuring a smooth user experience.\u003C\u002Fp>\n\u003Ch4>Why Choose Upcasted S3 Offload?\u003C\u002Fh4>\n\u003Ch4>⚡ Performance Benefits\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Significantly reduce server load through offloaded media storage\u003C\u002Fli>\n\u003Cli>Optimize website performance with cloud-based delivery\u003C\u002Fli>\n\u003Cli>Boost SEO rankings with faster page load times\u003C\u002Fli>\n\u003Cli>Enhance user experience with optimized content delivery\u003C\u002Fli>\n\u003Cli>Improve global reach with distributed storage locations\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>💰 Cost Savings\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Reduce hosting costs by offloading media storage\u003C\u002Fli>\n\u003Cli>Lower bandwidth usage on your main server\u003C\u002Fli>\n\u003Cli>Eliminate storage space concerns\u003C\u002Fli>\n\u003Cli>Avoid expensive hosting upgrades\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>🔒 Security & Reliability\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Bank-grade encryption for credentials\u003C\u002Fli>\n\u003Cli>Automatic file redundancy and backup\u003C\u002Fli>\n\u003Cli>Enterprise-level security protocols\u003C\u002Fli>\n\u003Cli>Protected file transfer system\u003C\u002Fli>\n\u003Cli>Leverages S3 providers’ robust infrastructure\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>🚀 Free Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Unlimited file migrations\u003C\u002Fli>\n\u003Cli>WordPress Multisite support\u003C\u002Fli>\n\u003Cli>One-click quick setup wizard\u003C\u002Fli>\n\u003Cli>One-click bucket creation\u003C\u002Fli>\n\u003Cli>Multi-provider compatibility (AWS S3, DigitalOcean, etc.)\u003C\u002Fli>\n\u003Cli>Custom endpoint configuration\u003C\u002Fli>\n\u003Cli>Flexible region selection\u003C\u002Fli>\n\u003Cli>Advanced file management\u003C\u002Fli>\n\u003Cli>Smart file type filtering\u003C\u002Fli>\n\u003Cli>Secure credential management\u003C\u002Fli>\n\u003Cli>High-performance uploads\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>💎 PRO Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Priority email support\u003C\u002Fli>\n\u003Cli>Automatic premium updates\u003C\u002Fli>\n\u003Cli>Custom batch size control\u003C\u002Fli>\n\u003Cli>Advanced file type filtering\u003C\u002Fli>\n\u003Cli>Background file migration\u003C\u002Fli>\n\u003Cli>CDN integration support\u003C\u002Fli>\n\u003Cli>Large file support (up to 5TB)\u003C\u002Fli>\n\u003Cli>Bulk migration tools\u003C\u002Fli>\n\u003Cli>Unified migration progress with elapsed time, ETA, remaining items, and finished notice\u003C\u002Fli>\n\u003Cli>Failed Items diagnostics panel with pagination, full error viewer, and single\u002Fbulk retry actions\u003C\u002Fli>\n\u003Cli>Progressive single-item retry with granular tasks and mini progress bar\u003C\u002Fli>\n\u003Cli>Migration Locks diagnostics with the ability to force unlock stuck runs\u003C\u002Fli>\n\u003Cli>Retry safety: max attempts and permanent failure handling (permanent badge; excluded from auto runs)\u003C\u002Fli>\n\u003C\u002Ful>\n","Easily migrate and manage WordPress Media Library files to AWS S3 or S3-compatible storage providers. Boost performance and reduce hosting costs.",200,11827,68,10,"2025-12-15T15:13:00.000Z","4.9","7.4",[114,115,71,22,53],"aws-s3","digitalocean-spaces","https:\u002F\u002Fupcasted.com\u002Fupcasted-s3-offload","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fupcasted-s3-offload.3.1.0.zip","2025-02-03 00:00:00",{"slug":120,"name":121,"version":101,"author":122,"author_profile":123,"description":124,"short_description":125,"active_installs":126,"downloaded":127,"rating":26,"num_ratings":26,"last_updated":128,"tested_up_to":15,"requires_at_least":16,"requires_php":112,"tags":129,"homepage":24,"download_link":133,"security_score":96,"vuln_count":32,"unpatched_count":26,"last_vuln_date":134,"fetched_at":28},"filestack-upload","Filestack WP Upload","filestack","https:\u002F\u002Fprofiles.wordpress.org\u002Ffilestack\u002F","\u003Cp>With Filestack WordPress Upload, you or your users can upload files directly from local and cloud drives including Facebook, Instagram, Google Drive, Google Image Search, Google Photos, Dropbox, Box image URL, Webcam, Video Camera, and URL screenshots.\u003C\u002Fp>\n\u003Cp>Simply put the shortcode [Filestack] to call the file uploader and set the location where the uploaded file should appear.\u003C\u002Fp>\n\u003Cp>You can display the files and media assets immediately on your post or page. The integrated Filestack CDN optimizes for page load time to ensure high performance.\u003C\u002Fp>\n\u003Cp>You or your users can crop or edit the image or file within the file uploader, or you can use file transformations to crop, resize, compress, tag, filter, border, or more file transformations to programmatically optimize the images and media assets.\u003C\u002Fp>\n\u003Cp>You can store assets conveniently with Filestack or in your own cloud storage location, including Amazon S3, Microsoft Azure, Dropbox, Rackspace and Google Cloud Storage.\u003C\u002Fp>\n\u003Ch3>Filestack WordPress Upload Features:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Upload integrations with Facebook, Instagram, Google Drive, Google Image Search, Google Photos, Dropbox, Box image URL, Webcam, Video Camera, and URL screenshots\u003C\u002Fli>\n\u003Cli>Multi-file upload support\u003C\u002Fli>\n\u003Cli>Large file upload up to 200MB (configurable)\u003C\u002Fli>\n\u003Cli>In-app image transformations: crop, circle crop, and rotate\u003C\u002Fli>\n\u003Cli>Asynchronous uploads\u003C\u002Fli>\n\u003Cli>Integrated CDN for fast delivery\u003C\u002Fli>\n\u003Cli>Cloud storage integrations with Amazon S3, Microsoft Azure, Dropbox, Rackspace, and Google Cloud Storage\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Links\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.filestack.com\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.filestack.com\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwww.filestack.com\u002Fdocs\u002Fjavascript-api\u002Fpick-v3\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.filestack.com\u002Fdocs\u002Fjavascript-api\u002Fpick-v3\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fdev.filestack.com\u002Fsignup\u002Ffree\u002F\" rel=\"nofollow ugc\">Free API Key\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Languages\u003C\u002Fh3>\n\u003Col>\n\u003Cli>English: ‘en’\u003C\u002Fli>\n\u003Cli>Chinese: ‘zh’\u003C\u002Fli>\n\u003Cli>Danish: ‘da’\u003C\u002Fli>\n\u003Cli>Dutch: ‘nl’\u003C\u002Fli>\n\u003Cli>French: ‘fr’\u003C\u002Fli>\n\u003Cli>German: ‘de’\u003C\u002Fli>\n\u003Cli>Hebrew: ‘he’\u003C\u002Fli>\n\u003Cli>Italian: ‘it’\u003C\u002Fli>\n\u003Cli>Japanese: ‘ja’\u003C\u002Fli>\n\u003Cli>Polish: ‘pl’\u003C\u002Fli>\n\u003Cli>Portuguese: ‘pt’\u003C\u002Fli>\n\u003Cli>Russian: ‘ru’\u003C\u002Fli>\n\u003Cli>Spanish: ‘es’\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Questions\u003C\u002Fh3>\n\u003Cp>You can contact Support at support@filestack.com and send general questions to hello@filestack.com. We love hearing from you!\u003C\u002Fp>\n","Upload files directly to the cloud with support for multiple sources including local, Facebook, Dropbox, Google Drive, and more.",70,5143,"2025-11-11T09:06:00.000Z",[19,130,131,122,132],"cloud-storage","file-upload","media-upload","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffilestack-upload.3.1.0.zip","2024-12-13 15:59:52",{"attackSurface":136,"codeSignals":278,"taintFlows":320,"riskAssessment":419,"analyzedAt":427},{"hooks":137,"ajaxHandlers":235,"restRoutes":271,"shortcodes":272,"cronEvents":273,"entryPointCount":276,"unprotectedCount":277},[138,144,148,152,157,161,165,170,175,179,183,187,191,195,199,203,207,211,215,219,223,227,229,231],{"type":139,"name":140,"callback":141,"file":142,"line":143},"action","admin_menu","add_admin_menu","includes\\class-yctvn-admin.php",63,{"type":139,"name":145,"callback":146,"file":142,"line":147},"admin_init","init_settings",64,{"type":139,"name":149,"callback":150,"file":142,"line":151},"admin_enqueue_scripts","enqueue_admin_scripts",65,{"type":153,"name":154,"callback":155,"file":142,"line":156},"filter","bulk_actions-upload","add_bulk_actions",74,{"type":153,"name":158,"callback":159,"priority":109,"file":142,"line":160},"handle_bulk_actions-upload","handle_bulk_actions",75,{"type":139,"name":162,"callback":163,"file":142,"line":164},"admin_notices","bulk_action_notices",76,{"type":153,"name":166,"callback":167,"priority":109,"file":168,"line":169},"media_row_actions","add_fix_action","includes\\class-yctvn-fix-thumbnails.php",44,{"type":153,"name":171,"callback":172,"priority":109,"file":173,"line":174},"wp_get_attachment_url","rewrite_attachment_url","includes\\class-yctvn-url-rewriter.php",54,{"type":153,"name":176,"callback":177,"priority":109,"file":173,"line":178},"wp_calculate_image_srcset","rewrite_srcset",55,{"type":153,"name":180,"callback":181,"priority":109,"file":173,"line":182},"wp_get_attachment_image_src","rewrite_image_src",56,{"type":153,"name":184,"callback":185,"priority":109,"file":173,"line":186},"wp_get_attachment_image_attributes","rewrite_image_attributes",57,{"type":153,"name":188,"callback":189,"priority":109,"file":173,"line":190},"the_content","rewrite_content_images",58,{"type":153,"name":192,"callback":193,"priority":109,"file":173,"line":194},"wp_prepare_attachment_for_js","fix_media_library_thumbnails",61,{"type":153,"name":180,"callback":196,"priority":197,"file":173,"line":198},"fix_missing_thumbnail_src",999,62,{"type":139,"name":200,"callback":200,"file":201,"line":202},"init","yctvn-media-offload.php",69,{"type":153,"name":204,"callback":205,"priority":197,"file":201,"line":206},"wp_generate_attachment_metadata","auto_offload_with_metadata",147,{"type":153,"name":208,"callback":209,"priority":197,"file":201,"line":210},"wp_update_attachment_metadata","auto_offload_on_update",148,{"type":139,"name":212,"callback":213,"file":201,"line":214},"delete_attachment","delete_from_r2",152,{"type":139,"name":216,"callback":217,"file":201,"line":218},"yctvn_media_offload_settings_updated","reload_settings",155,{"type":139,"name":220,"callback":221,"file":201,"line":222},"yctvn_media_offload_auto_sync_cron","run_auto_sync",161,{"type":153,"name":224,"callback":225,"file":201,"line":226},"cron_schedules","add_cron_intervals",293,{"type":153,"name":204,"callback":205,"priority":197,"file":201,"line":228},399,{"type":153,"name":208,"callback":209,"priority":197,"file":201,"line":230},400,{"type":139,"name":232,"callback":233,"file":201,"line":234},"plugins_loaded","yctvn_media_offload_init",479,[236,242,246,249,252,255,259,263,267],{"action":237,"nopriv":238,"callback":239,"hasNonce":240,"hasCapCheck":240,"file":142,"line":241},"yctvn_media_offload_save_settings",false,"ajax_save_settings",true,66,{"action":243,"nopriv":238,"callback":244,"hasNonce":240,"hasCapCheck":238,"file":142,"line":245},"yctvn_media_offload_test_connection","ajax_test_connection",67,{"action":247,"nopriv":238,"callback":248,"hasNonce":240,"hasCapCheck":240,"file":142,"line":108},"yctvn_media_offload_run_auto_sync","ajax_run_auto_sync",{"action":250,"nopriv":238,"callback":251,"hasNonce":240,"hasCapCheck":240,"file":142,"line":202},"yctvn_media_offload_fix_all_thumbnails","ajax_fix_all_thumbnails",{"action":253,"nopriv":238,"callback":254,"hasNonce":238,"hasCapCheck":238,"file":142,"line":126},"yctvn_media_offload_bulk_sync_batch","ajax_bulk_sync_batch",{"action":256,"nopriv":238,"callback":257,"hasNonce":238,"hasCapCheck":238,"file":142,"line":258},"yctvn_media_offload_get_sync_count","ajax_get_sync_count",71,{"action":260,"nopriv":238,"callback":261,"hasNonce":240,"hasCapCheck":238,"file":262,"line":198},"yctvn_media_offload_bulk_sync","ajax_bulk_sync","includes\\class-yctvn-bulk-sync.php",{"action":264,"nopriv":238,"callback":265,"hasNonce":240,"hasCapCheck":238,"file":168,"line":266},"yctvn_media_offload_fix_single_thumbnail","ajax_fix_single",40,{"action":268,"nopriv":238,"callback":269,"hasNonce":240,"hasCapCheck":240,"file":168,"line":270},"yctvn_media_offload_fix_batch_thumbnails","ajax_fix_batch",41,[],[],[274],{"hook":220,"callback":220,"file":201,"line":275},307,9,2,{"dangerousFunctions":279,"sqlUsage":280,"outputEscaping":298,"fileOperations":281,"externalRequests":13,"nonceChecks":317,"capabilityChecks":318,"bundledLibraries":319},[],{"prepared":86,"raw":281,"locations":282},7,[283,285,287,290,292,294,296],{"file":142,"line":230,"context":284},"$wpdb->get_results() with variable interpolation",{"file":142,"line":286,"context":284},448,{"file":262,"line":288,"context":289},73,"$wpdb->get_var() with variable interpolation",{"file":262,"line":291,"context":289},85,{"file":168,"line":293,"context":289},199,{"file":168,"line":295,"context":284},211,{"file":201,"line":297,"context":284},428,{"escaped":160,"rawEcho":281,"locations":299},[300,303,306,308,310,313,315],{"file":142,"line":301,"context":302},244,"raw output",{"file":304,"line":305,"context":302},"views\\admin-settings.php",193,{"file":304,"line":307,"context":302},207,{"file":304,"line":309,"context":302},219,{"file":311,"line":312,"context":302},"views\\bulk-sync.php",20,{"file":311,"line":314,"context":302},24,{"file":311,"line":316,"context":302},28,11,5,[],[321,346,358,371,379,404],{"entryPoint":322,"graph":323,"unsanitizedCount":26,"severity":345},"render_settings_page (includes\\class-yctvn-admin.php:204)",{"nodes":324,"edges":342},[325,330,336,340],{"id":326,"type":327,"label":328,"file":142,"line":329},"n0","source","$_POST (x2)",228,{"id":331,"type":332,"label":333,"file":142,"line":334,"wp_function":335},"n1","sink","update_option() [Settings Manipulation]",229,"update_option",{"id":337,"type":327,"label":338,"file":142,"line":339},"n2","$_POST['yctvn_media_offload_auto_sync_interval']",238,{"id":341,"type":332,"label":333,"file":142,"line":339,"wp_function":335},"n3",[343,344],{"from":326,"to":331,"sanitized":240},{"from":337,"to":341,"sanitized":240},"low",{"entryPoint":347,"graph":348,"unsanitizedCount":26,"severity":345},"\u003Cclass-yctvn-admin> (includes\\class-yctvn-admin.php:0)",{"nodes":349,"edges":355},[350,352,353,354],{"id":326,"type":327,"label":351,"file":142,"line":329},"$_POST (x4)",{"id":331,"type":332,"label":333,"file":142,"line":334,"wp_function":335},{"id":337,"type":327,"label":338,"file":142,"line":339},{"id":341,"type":332,"label":333,"file":142,"line":339,"wp_function":335},[356,357],{"from":326,"to":331,"sanitized":240},{"from":337,"to":341,"sanitized":240},{"entryPoint":359,"graph":360,"unsanitizedCount":26,"severity":345},"ajax_fix_batch (includes\\class-yctvn-fix-thumbnails.php:140)",{"nodes":361,"edges":369},[362,365],{"id":326,"type":327,"label":363,"file":168,"line":364},"$_POST",149,{"id":331,"type":332,"label":366,"file":168,"line":367,"wp_function":368},"get_results() [SQLi]",154,"get_results",[370],{"from":326,"to":331,"sanitized":240},{"entryPoint":372,"graph":373,"unsanitizedCount":26,"severity":345},"\u003Cclass-yctvn-fix-thumbnails> (includes\\class-yctvn-fix-thumbnails.php:0)",{"nodes":374,"edges":377},[375,376],{"id":326,"type":327,"label":363,"file":168,"line":364},{"id":331,"type":332,"label":366,"file":168,"line":367,"wp_function":368},[378],{"from":326,"to":331,"sanitized":240},{"entryPoint":380,"graph":381,"unsanitizedCount":277,"severity":403},"ajax_bulk_sync (includes\\class-yctvn-bulk-sync.php:143)",{"nodes":382,"edges":398},[383,385,388,390,392,395],{"id":326,"type":327,"label":363,"file":262,"line":384},172,{"id":331,"type":386,"label":387,"file":262,"line":384},"transform","→ get_partially_synced_attachments()",{"id":337,"type":332,"label":366,"file":262,"line":389,"wp_function":368},137,{"id":341,"type":327,"label":363,"file":262,"line":391},175,{"id":393,"type":386,"label":394,"file":262,"line":391},"n4","→ get_unsynced_attachments()",{"id":396,"type":332,"label":366,"file":262,"line":397,"wp_function":368},"n5",114,[399,400,401,402],{"from":326,"to":331,"sanitized":238},{"from":331,"to":337,"sanitized":238},{"from":341,"to":393,"sanitized":238},{"from":393,"to":396,"sanitized":238},"high",{"entryPoint":405,"graph":406,"unsanitizedCount":277,"severity":403},"\u003Cclass-yctvn-bulk-sync> (includes\\class-yctvn-bulk-sync.php:0)",{"nodes":407,"edges":414},[408,409,410,411,412,413],{"id":326,"type":327,"label":363,"file":262,"line":384},{"id":331,"type":386,"label":387,"file":262,"line":384},{"id":337,"type":332,"label":366,"file":262,"line":389,"wp_function":368},{"id":341,"type":327,"label":363,"file":262,"line":391},{"id":393,"type":386,"label":394,"file":262,"line":391},{"id":396,"type":332,"label":366,"file":262,"line":397,"wp_function":368},[415,416,417,418],{"from":326,"to":331,"sanitized":238},{"from":331,"to":337,"sanitized":238},{"from":341,"to":393,"sanitized":238},{"from":393,"to":396,"sanitized":238},{"summary":420,"deductions":421},"The \"yctvn-media-offload-cloudflare-r2\" plugin v1.0.2 exhibits a generally positive security posture, with a strong emphasis on secure coding practices. The high percentage of prepared SQL statements and properly escaped outputs indicate a developer familiar with common web security vulnerabilities. The plugin also demonstrates good practice with a substantial number of nonce and capability checks.  However, there are notable areas of concern that elevate its risk profile.  The presence of two AJAX handlers without any authentication checks creates a significant attack vector. Furthermore, the taint analysis reveals two flows with unsanitized paths, one of which is categorized as high severity. These unsanitized paths could potentially lead to injection vulnerabilities if not properly handled. The plugin's lack of any recorded historical vulnerabilities is a positive indicator, suggesting a generally secure development history, but it does not negate the immediate risks identified in the current code analysis.  In conclusion, while the plugin has strengths in its implementation of secure coding standards, the unprotected AJAX endpoints and high-severity taint flows present critical security risks that require immediate attention.",[422,424],{"reason":423,"points":109},"AJAX handlers without authentication",{"reason":425,"points":426},"Taint flows with unsanitized paths (high severity)",12,"2026-03-16T20:52:07.268Z",{"wat":429,"direct":440},{"assetPaths":430,"generatorPatterns":434,"scriptPaths":435,"versionParams":436},[431,432,433],"\u002Fwp-content\u002Fplugins\u002Fyctvn-media-offload-cloudflare-r2\u002Fassets\u002Fcss\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Fyctvn-media-offload-cloudflare-r2\u002Fassets\u002Fjs\u002Fadmin.js","\u002Fwp-content\u002Fplugins\u002Fyctvn-media-offload-cloudflare-r2\u002Fassets\u002Fjs\u002Fsettings.js",[],[432,433],[437,438,439],"yctvn-media-offload-cloudflare-r2\u002Fassets\u002Fcss\u002Fadmin.css?ver=","yctvn-media-offload-cloudflare-r2\u002Fassets\u002Fjs\u002Fadmin.js?ver=","yctvn-media-offload-cloudflare-r2\u002Fassets\u002Fjs\u002Fsettings.js?ver=",{"cssClasses":441,"htmlComments":444,"htmlAttributes":447,"restEndpoints":450,"jsGlobals":452,"shortcodeOutput":454},[442,443],"yctvn-media-offload-admin-notice","yctvn-media-offload-settings",[445,446],"\u003C!-- Media Offload Admin Notice -->","\u003C!-- Yctvn Media Offload Settings Form -->",[448,449],"data-setting-name","data-setting-value",[451],"\u002Fwp-json\u002Fyctvn-media-offload\u002Fv1\u002Fsettings",[453],"yctvnMediaOffloadSettings",[]]