Does Alt Text Go have any unpatched vulnerabilities?

No. All known vulnerabilities in Alt Text Go have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Alt Text Go compatible with WordPress 6.7.5?

According to WordPress.org data, Alt Text Go 1.0.1 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is Alt Text Go compatible with PHP 7.4+?

Alt Text Go requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Alt Text Go updated?

Alt Text Go was last updated on Jan 23, 2025. Frequent updates are generally a positive security signal.

What is Alt Text Go's security score?

Alt Text Go has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Alt Text Go Security & Risk Analysis

wordpress.org/plugins/alt-text-go

Automatically generate alt text for your images. Optimized for SEO.

0 active installs v1.0.1 PHP 7.4+ WP 5.3+ Updated Jan 23, 2025

accessibilityalt-tagalternative-textimage-alt-textseo

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Alt Text Go Safe to Use in 2026?

Generally Safe

Score 92/100

Alt Text Go has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The "alt-text-go" plugin v1.0.1 exhibits a mixed security posture. On the positive side, it demonstrates strong adherence to secure coding practices regarding SQL queries and output escaping, with 100% of SQL queries using prepared statements and all output being properly escaped. The absence of known CVEs and a clean vulnerability history are also reassuring signs. However, the plugin has a significant security concern: it exposes an unprotected AJAX handler. This represents a direct entry point into the application that lacks any authentication or authorization checks, making it a prime target for attackers. While taint analysis did not reveal critical or high severity issues, the presence of unsanitized paths in flows warrants caution, especially in conjunction with the unprotected entry point.

The plugin's security strengths lie in its careful handling of data interactions and output. The lack of historical vulnerabilities suggests a development team that is either diligent or fortunate, but the presence of an unprotected AJAX handler points to a potential oversight that could be exploited. The overall risk is elevated due to this single, but critical, lack of security on an exposed entry point. While not all potential attack vectors are present, this unprotected handler significantly weakens the plugin's security.

Key Concerns

Unprotected AJAX handler
Flows with unsanitized paths

Vulnerabilities

None known

Alt Text Go Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Alt Text Go Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

9 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped9 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

generate_alt_text_single (includes\class-altgoo-image-editor.php:19)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

Alt Text Go Attack Surface

Entry Points1

Unprotected1

AJAX Handlers 1

authwp_ajax_altgoo_generate_alt_text_singleincludes\class-altgoo.php:182

WordPress Hooks 7

actionplugins_loadedincludes\class-altgoo.php:152

actionadmin_enqueue_scriptsincludes\class-altgoo.php:171

actionadmin_enqueue_scriptsincludes\class-altgoo.php:172

actionadmin_menuincludes\class-altgoo.php:175

actionadmin_initincludes\class-altgoo.php:176

filterpre_update_option_altgoo_api_keyincludes\class-altgoo.php:178

actionenqueue_block_editor_assetsincludes\class-altgoo.php:181

Maintenance & Trust

Alt Text Go Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedJan 23, 2025

PHP min version7.4

Downloads687

Community Trust

Rating100/100

Number of ratings1

Active installs0

Alternatives

Alt Text Go Alternatives

Ozi Image Alt Tag Fixer — Smart Image SEO & Alt Text Optimizer

ozi-image-alt-tag-fixer

100

Automatically detect and fix missing image ALT text to improve accessibility, image SEO, and search visibility.

10 No CVEs

Alt Text AI – Automatically generate image alt text for SEO and accessibility

alttext-ai

Automatically sets the descriptive alt text of your images. Boosts your SEO and accessibility.

20K 4 CVEs

Auto Alt Text

auto-alt-text

This plugin allows you to automatically generate an Alt Text for images uploaded into the media library via AI.

3K 1 CVE

Fix Alt Text

fix-alt-text

100

Manage alt text site-wide easily with Fix Alt Text. You can also force users to use alt text when adding images in Gutenberg and Classic editors.

1K No CVEs

Alt Text Tools

alt-text-tools

100

Find and fix missing Alt Text quickly and easily! Export a CSV of all images (and their Alt Text) that are actually used in your content.

800 No CVEs

Developer Profile

Alt Text Go Developer Profile

AltTextGo

1 plugin · 0 total installs

trust score

Avg Security Score

92/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Alt Text Go

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/alt-text-go/admin/css/ALTGOO-admin.css/wp-content/plugins/alt-text-go/admin/js/ALTGOO-admin.js/wp-content/plugins/alt-text-go/admin/js/imageBlock.min.js

Version Parameters

ALTGOO-admin.css?ver=ALTGOO-admin.js?ver=

HTML / DOM Fingerprints

JS Globals

altgoo

FAQ