Does Alt Text Tools have any unpatched vulnerabilities?

No. All known vulnerabilities in Alt Text Tools have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Alt Text Tools compatible with WordPress 6.8.5?

According to WordPress.org data, Alt Text Tools 0.3.0 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

How often is Alt Text Tools updated?

Alt Text Tools was last updated on Jul 17, 2025. Frequent updates are generally a positive security signal.

What is Alt Text Tools's security score?

Alt Text Tools has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Alt Text Tools Security & Risk Analysis

wordpress.org/plugins/alt-text-tools

Find and fix missing Alt Text quickly and easily! Export a CSV of all images (and their Alt Text) that are actually used in your content.

800 active installs v0.3.0 PHP + WP + Updated Jul 17, 2025

accessibilityalt-tagsalt-textalternative-textfix-alt-text

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Alt Text Tools Safe to Use in 2026?

Generally Safe

Score 100/100

Alt Text Tools has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8mo ago

Risk Assessment

The alt-text-tools plugin v0.3.0 exhibits a generally strong security posture based on the provided static analysis and vulnerability history. The plugin effectively utilizes nonces and capability checks for its single AJAX handler, and there are no identified REST API routes, shortcodes, or cron events that could increase the attack surface. Furthermore, all SQL queries are prepared, and there are no dangerous functions, file operations, or external HTTP requests detected. The lack of any recorded vulnerabilities, including past CVEs, is a significant positive indicator.

However, a notable concern is the complete lack of output escaping for the one identified output. This presents a potential risk for cross-site scripting (XSS) vulnerabilities if any user-supplied data is reflected directly in the output without proper sanitization. While the taint analysis shows no specific issues, this absence of escaping is a general weakness that could be exploited by cleverly crafted input. The limited attack surface and strong authentication mechanisms are commendable, but the unescaped output represents a significant flaw that needs immediate attention.

Key Concerns

Output escaping is not implemented

Vulnerabilities

None known

Alt Text Tools Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Alt Text Tools Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped1 total outputs

Attack Surface

Alt Text Tools Attack Surface

Entry Points1

Unprotected0

AJAX Handlers 1

authwp_ajax_getCsvalt-text-tools.php:47

WordPress Hooks 2

actionadmin_menualt-text-tools.php:46

actionplugins_loadedalt-text-tools.php:226

Maintenance & Trust

Alt Text Tools Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedJul 17, 2025

PHP min version

Downloads12K

Community Trust

Rating100/100

Number of ratings10

Active installs800

Alternatives

Alt Text Tools Alternatives

Alt Text AI – Automatically generate image alt text for SEO and accessibility

alttext-ai

Automatically sets the descriptive alt text of your images. Boosts your SEO and accessibility.

20K 4 CVEs

Alt Text Magic – Generate descriptive alt text (alt attribute, alt tag) for accessibility and SEO optimization

alttextmagic

Automatically generate descriptive alternative text for images upon upload in your media library. Make your website more fully accessible.

200 No CVEs

Ozi Image Alt Tag Fixer — Smart Image SEO & Alt Text Optimizer

ozi-image-alt-tag-fixer

100

Automatically detect and fix missing image ALT text to improve accessibility, image SEO, and search visibility.

10 No CVEs

Alt Text Go

alt-text-go

Automatically generate alt text for your images. Optimized for SEO.

0 No CVEs

Auto Image Attributes From Filename With Bulk Updater (Add Alt Text, Image Title For Image SEO)

auto-image-attributes-from-filename-with-bulk-updater

100

Automatically add Image Alt Text, Title, Caption and Description from Filename. Bulk update existing images. Great for Image SEO and Accessibility.

100K No CVEs

Developer Profile

Alt Text Tools Developer Profile

NerdPress

4 plugins · 191K total installs

trust score

Avg Security Score

98/100

Avg Patch Time

328 days

View full developer profile

Detection Fingerprints

How We Detect Alt Text Tools

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/alt-text-tools/js/np_alt_tools.js

Script Paths

/wp-content/plugins/alt-text-tools/js/np_alt_tools.js

Version Parameters

alt-text-tools/js/np_alt_tools.js?ver=

HTML / DOM Fingerprints

CSS Classes

npatt-csv-action

Data Attributes

id="npatt-csv-action"

JS Globals

np_alt_tools

FAQ