WP-Safety

AI Alt Text Generator for Images – AltTextLab Security & Risk Analysis

wordpress.org/plugins/alttextlab

Automatically generate alt text for your images with AI, improve SEO and accessibility automatically.

70 active installs v1.3.1 PHP 7.0+ WP 4.7+ Updated Apr 6, 2026
accessibilityaialt-textalt-text-generatorimage-alt-text
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is AI Alt Text Generator for Images – AltTextLab Safe to Use in 2026?

Generally Safe

Score 100/100

AI Alt Text Generator for Images – AltTextLab has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The AltTextLab plugin, version 1.1.12, exhibits a mixed security posture. On the positive side, it demonstrates strong practices in SQL query handling and output escaping, with 98% of SQL queries using prepared statements and 99% of outputs being properly escaped. The absence of known CVEs and historical vulnerabilities is also a good indicator of past security diligence. However, a significant concern arises from the plugin's attack surface. All 11 identified AJAX handlers lack authentication checks, presenting a substantial risk if any of these handlers can be manipulated by unauthenticated users. Furthermore, the presence of 'unserialize' function usage, although not flagged as a critical taint flow, warrants careful review as it can be a vector for deserialization vulnerabilities if data is not properly sanitized before being unserialized.

While the taint analysis did not reveal critical or high-severity issues, the single flow with an unsanitized path suggests a potential for issues that might not have been fully captured or are present in a less severe form. The high number of unprotected AJAX entry points is the most immediate and critical security concern. Coupled with the use of a potentially dangerous function like 'unserialize', this plugin, despite its good record on SQL and output escaping, carries a notable risk due to exposed functionality. A thorough audit of the unprotected AJAX endpoints is highly recommended to ensure they do not expose sensitive operations or data to unauthorized access.

Key Concerns

  • 11 AJAX handlers without auth checks
  • 4 dangerous functions (unserialize)
  • 1 flow with unsanitized paths
Vulnerabilities
None known

AI Alt Text Generator for Images – AltTextLab Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

AI Alt Text Generator for Images – AltTextLab Release Timeline

v1.3.1Current
v1.3.0
v1.2.2
v1.2.1
v1.2.0
v1.1.12
v1.1.11
v1.1.10
v1.1.9
v1.1.8
v1.1.7
v1.1.6
v1.1.5
v1.1.4
v1.1.3
v1.1.2
v1.1.1
v1.1.0
v1.0.0
Code Analysis
Analyzed Mar 16, 2026

AI Alt Text Generator for Images – AltTextLab Code Analysis

Dangerous Functions
4
Raw SQL Queries
1
39 prepared
Unescaped Output
3
263 escaped
Nonce Checks
11
Capability Checks
1
File Operations
1
External Requests
2
Bundled Libraries
0

Dangerous Functions Found

unserialize$seo_data = unserialize($seo_data[0]->seo);includes\class-alttextlab-seo-keywords.php:259
unserialize$keyword_data = unserialize(unserialize($keyword_data));includes\class-alttextlab-seo-keywords.php:280
unserialize$keyword_data = unserialize(unserialize($keyword_data));includes\class-alttextlab-seo-keywords.php:280
unserialize$focus_keywords = unserialize($raw_focus_keywords);includes\class-alttextlab-seo-keywords.php:311

SQL Query Safety

98% prepared40 total queries

Output Escaping

99% escaped266 total outputs
Data Flows · Security
1 unsanitized

Data Flow Analysis

4 flows1 with unsanitized paths
render_media_alt_filter_dropdown (includes\class-alttextlab-attachment.php:492)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
11 unprotected

AI Alt Text Generator for Images – AltTextLab Attack Surface

Entry Points11
Unprotected11

AJAX Handlers 11

authwp_ajax_alttextlab_expire_insufficient_credits_noticeincludes\class-alttextlab.php:171
authwp_ajax_alttextlab_save_review_settingsincludes\class-alttextlab.php:172
authwp_ajax_alttextlab_single_generateincludes\class-alttextlab.php:178
authwp_ajax_alttextlab_edit_historyincludes\class-alttextlab.php:180
authwp_ajax_alttextlab_bulk_generate_for_imageincludes\class-alttextlab.php:181
authwp_ajax_alttextlab_bulk_generateincludes\class-alttextlab.php:182
authwp_ajax_alttextlab_check_image_eligibilityincludes\class-alttextlab.php:183
authwp_ajax_alttextlab_enrich_post_contentincludes\class-alttextlab.php:193
authwp_ajax_prepare_transitionincludes\class-alttextlab.php:194
authwp_ajax_alttextlab_enrich_post_generateincludes\class-alttextlab.php:195
authwp_ajax_alttextlab_check_enrich_post_content_transientincludes\class-alttextlab.php:196
WordPress Hooks 27
actionactivated_pluginalttextlab.php:62
actionplugins_loadedincludes\class-alttextlab.php:159
actionadmin_enqueue_scriptsincludes\class-alttextlab.php:162
actionadmin_enqueue_scriptsincludes\class-alttextlab.php:163
actionadmin_initincludes\class-alttextlab.php:164
actionadmin_menuincludes\class-alttextlab.php:167
actionadmin_menuincludes\class-alttextlab.php:168
actionadmin_menuincludes\class-alttextlab.php:169
actionadmin_initincludes\class-alttextlab.php:170
actionadmin_initincludes\class-alttextlab.php:173
filterpre_update_option_alttextlab_api_keyincludes\class-alttextlab.php:174
actionadd_attachmentincludes\class-alttextlab.php:179
filterbulk_actions-uploadincludes\class-alttextlab.php:184
filterhandle_bulk_actions-uploadincludes\class-alttextlab.php:185
actionrestrict_manage_postsincludes\class-alttextlab.php:186
actionpre_get_postsincludes\class-alttextlab.php:187
actiondeleted_postincludes\class-alttextlab.php:191
actionadd_meta_boxesincludes\class-alttextlab.php:192
actionadmin_initincludes\class-alttextlab.php:197
actionadmin_enqueue_scriptsincludes\class-alttextlab.php:198
actionadmin_noticesincludes\class-alttextlab.php:201
actionadmin_noticesincludes\class-alttextlab.php:202
actionadmin_noticesincludes\class-alttextlab.php:203
actionadmin_noticesincludes\class-alttextlab.php:204
actionadmin_noticesincludes\class-alttextlab.php:205
actionadmin_noticesincludes\class-alttextlab.php:206
actionadmin_noticesincludes\class-alttextlab.php:207
Maintenance & Trust

AI Alt Text Generator for Images – AltTextLab Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedApr 6, 2026
PHP min version7.0
Downloads2K

Community Trust

Rating100/100
Number of ratings4
Active installs70
Alternatives

AI Alt Text Generator for Images – AltTextLab Alternatives

AI Image Alt Text Generator & Image SEO – ImageCraft

AI Image Alt Text Generator & Image SEO – ImageCraft

imagecraft-ai-alt-text-file-renamer-image-seo

A
100

AI-powered image alt text generator, file renamer & image SEO. Use OpenAI, Claude, or Gemini with your own API key (BYOK).

0 No CVEs
Alt Text AI – Automatically generate image alt text for SEO and accessibility

Alt Text AI – Automatically generate image alt text for SEO and accessibility

alttext-ai

A
93

Automatically sets the descriptive alt text of your images. Boosts your SEO and accessibility.

20K 4 CVEs
Alt Magic: AI Image Alt Text Generator for WP & Image Rename

Alt Magic: AI Image Alt Text Generator for WP & Image Rename

alt-magic-ai-powered-alt-texts

A
100

AI alt text generator for WordPress with free monthly credits, fast bulk generation for existing and new images, and optional AI image renaming.

1K No CVEs
AI Image Alt Text

AI Image Alt Text

ai-image-alt-text

A
100

Generate accurate, accessible image alt text with OpenAI. Boost SEO, improve accessibility, and save time with auto-generated alt tags.

90 No CVEs
Alt Text Generator AI – Auto Generate & Bulk Update Alt Texts For Images

Alt Text Generator AI – Auto Generate & Bulk Update Alt Texts For Images

alt-text-generator

A
99

Automatically generate alt text for images using AI technology to improve WordPress website accessibility and SEO.

20 1 CVE
Developer Profile

AI Alt Text Generator for Images – AltTextLab Developer Profile

AltTextLab

1 plugin · 70 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect AI Alt Text Generator for Images – AltTextLab

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/alttextlab/admin/css/alttextlab-global.css/wp-content/plugins/alttextlab/admin/js/admin.js/wp-content/plugins/alttextlab/admin/js/account-settings.js/wp-content/plugins/alttextlab/admin/css/tailwind.min.css
Script Paths
/wp-content/plugins/alttextlab/admin/js/admin.js/wp-content/plugins/alttextlab/admin/js/account-settings.js
Version Parameters
alttextlab-global?ver=admin.js?ver=account-settings.js?ver=tailwind.min.css?ver=

HTML / DOM Fingerprints

CSS Classes
alttextlab-buttonalttextlab-image-preview
HTML Comments
<!-- AltTextLab AI Alt Text Generator --><!-- AltTextLab Image Preview -->
Data Attributes
data-alttextlab-image-iddata-alttextlab-generated-altdata-alttextlab-action
JS Globals
alttextlabAltTextLab_Utility
REST Endpoints
/wp-json/alttextlab/v1/generate_alt_text/wp-json/alttextlab/v1/get_settings/wp-json/alttextlab/v1/save_settings
Shortcode Output
[alttextlab_generate_button][alttextlab_image_gallery]
FAQ

Frequently Asked Questions about AI Alt Text Generator for Images – AltTextLab