WP-Safety

AI Auto Post & Image Generator Security & Risk Analysis

wordpress.org/plugins/ai-auto-post-image-generator

Automate your WordPress content creation with AI-powered text and image generation. Support for OpenAI, Google Gemini, Pollinations, and Leonardo.AI.

100 active installs v1.4.1 PHP 7.4+ WP 5.0+ Updated Apr 6, 2026
aiautomationgeneratorimage-generationscheduler
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is AI Auto Post & Image Generator Safe to Use in 2026?

Generally Safe

Score 100/100

AI Auto Post & Image Generator has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The "ai-auto-post-image-generator" v1.3.0 plugin exhibits a generally strong security posture, with robust use of nonces and capability checks across its entry points. The static analysis reveals excellent output escaping practices, with 97% of outputs properly sanitized, and a significant proportion of SQL queries utilizing prepared statements. The absence of known CVEs and a clean vulnerability history further contribute to this positive assessment, suggesting a well-maintained and security-conscious codebase.

However, the taint analysis highlights a significant concern: 5 out of 6 analyzed flows involve unsanitized paths, with all 5 categorized as high severity. This indicates a potential for path traversal or file inclusion vulnerabilities, despite the overall low number of file operations and external HTTP requests. While the attack surface appears protected by authentication, the unsanitized path flows are a critical area that requires immediate attention. The plugin demonstrates good security hygiene in most areas, but these specific taint flow issues represent a notable weakness.

In conclusion, the plugin is largely secure with good implementation of WordPress security best practices. The excellent output escaping, comprehensive nonce and capability checks, and lack of historical vulnerabilities are commendable. The primary weakness lies in the high-severity taint analysis results concerning unsanitized paths, which could lead to serious security compromises if exploited. Addressing these specific taint flows is paramount to solidify the plugin's security.

Key Concerns

  • High severity taint flows with unsanitized paths
  • Unsanitized paths found in taint analysis (5/6 flows)
  • SQL queries not using prepared statements (41%)
Vulnerabilities
None known

AI Auto Post & Image Generator Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

AI Auto Post & Image Generator Release Timeline

v1.4.1Current
v1.4.0
v1.3.0
v1.2.0
v1.1.1
v1.1.0
v1.0
v1.0.0
Code Analysis
Analyzed Mar 16, 2026

AI Auto Post & Image Generator Code Analysis

Dangerous Functions
0
Raw SQL Queries
15
22 prepared
Unescaped Output
7
269 escaped
Nonce Checks
18
Capability Checks
14
File Operations
1
External Requests
2
Bundled Libraries
0

SQL Query Safety

59% prepared37 total queries

Output Escaping

97% escaped276 total outputs
Data Flows · Security
5 unsanitized

Data Flow Analysis

6 flows5 with unsanitized paths
get_log_details (includes\class-admin-settings.php:891)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

AI Auto Post & Image Generator Attack Surface

Entry Points14
Unprotected0

AJAX Handlers 13

authwp_ajax_aiapg_save_settingsincludes\class-admin-settings.php:29
authwp_ajax_aiapg_export_settingsincludes\class-admin-settings.php:30
authwp_ajax_aiapg_import_settingsincludes\class-admin-settings.php:31
authwp_ajax_aiapg_save_scheduleincludes\class-admin-settings.php:34
authwp_ajax_aiapg_get_scheduleincludes\class-admin-settings.php:35
authwp_ajax_aiapg_delete_scheduleincludes\class-admin-settings.php:36
authwp_ajax_aiapg_run_scheduleincludes\class-admin-settings.php:37
authwp_ajax_aiapg_toggle_scheduleincludes\class-admin-settings.php:38
authwp_ajax_aiapg_test_api_keyincludes\class-admin-settings.php:39
authwp_ajax_aiapg_clear_schedule_lockincludes\class-admin-settings.php:40
authwp_ajax_aiapg_get_log_detailsincludes\class-admin-settings.php:43
authwp_ajax_aiapg_delete_scheduleincludes\class-schedule-manager.php:28
authwp_ajax_aiapg_toggle_scheduleincludes\class-schedule-manager.php:29

Shortcodes 1

[aiapg_image] ai-auto-post-generator.php:134
WordPress Hooks 4
actioninitai-auto-post-generator.php:104
actionadmin_menuincludes\class-admin-settings.php:27
actionadmin_enqueue_scriptsincludes\class-admin-settings.php:28
actionaiapg_schedule_runincludes\class-scheduler.php:27
Maintenance & Trust

AI Auto Post & Image Generator Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedApr 6, 2026
PHP min version7.4
Downloads2K

Community Trust

Rating100/100
Number of ratings3
Active installs100
Alternatives

AI Auto Post & Image Generator Alternatives

auto-post.io

auto-post.io

auto-post-io

A
100

Connect auto-post.io to WordPress for seamless content automation.

200 No CVEs
AI Workflow Automation

AI Workflow Automation

ai-workflow-automation-lite

B
78

Transform your WordPress site with AI-powered automation for content, customer support, data analysis, research, and business processes.

100 1 unpatched
Socialwire Article Generator

Socialwire Article Generator

socialwire-press-release-article-generator

A
100

AI-powered WordPress plugin that automatically generates articles from press releases to streamline media operations.

100 No CVEs
AI Content Writer & Auto Post Generator for WordPress by RapidTextAI

AI Content Writer & Auto Post Generator for WordPress by RapidTextAI

ai-text-block

A
100

Generate AI-powered articles using GPT-4, GPT-5, Claude, DeepSeek & Grok with automatic images for WordPress.

70 No CVEs
AI Thumbnails Maker – auto featured image & force regenerate thumbnails

AI Thumbnails Maker – auto featured image & force regenerate thumbnails

ai-thumbnails-maker

A
100

Revolutionary auto featured image generator with AI. Effortlessly create thumbnails, force regenerate thumbnails, and automate image workflows.

70 No CVEs
Developer Profile

AI Auto Post & Image Generator Developer Profile

minas1500

1 plugin · 100 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect AI Auto Post & Image Generator

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/ai-auto-post-image-generator/assets/css/admin-style.css/wp-content/plugins/ai-auto-post-image-generator/assets/js/admin-script.js
Script Paths
/wp-content/plugins/ai-auto-post-image-generator/assets/js/admin-script.js
Version Parameters
ai-auto-post-image-generator/assets/css/admin-style.css?ver=ai-auto-post-image-generator/assets/js/admin-script.js?ver=

HTML / DOM Fingerprints

CSS Classes
aiapg-image-placeholder
Shortcode Output
<div class="aiapg-image-placeholder" style="background: #f0f0f0; border: 2px dashed #ccc; padding: 20px; text-align: center; margin: 10px 0;"> <strong>AI Image Placeholder</strong><br> <em>Prompt: %s</em><br> <small>This will be replaced with a generated image when the post is published.</small> </div>
FAQ

Frequently Asked Questions about AI Auto Post & Image Generator