Does andW Image Control have any unpatched vulnerabilities?

No. All known vulnerabilities in andW Image Control have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is andW Image Control compatible with WordPress 6.8.5?

According to WordPress.org data, andW Image Control 0.5.1 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is andW Image Control compatible with PHP 8.1+?

andW Image Control requires PHP 8.1 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is andW Image Control updated?

andW Image Control was last updated on Oct 23, 2025. Frequent updates are generally a positive security signal.

What is andW Image Control's security score?

andW Image Control has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

andW Image Control Security & Risk Analysis

wordpress.org/plugins/andw-image-control

Advanced media control plugin with JPEG quality, PNG conversion, SVG safety, and custom image sizes.

10 active installs v0.5.1 PHP 8.1+ WP 6.0+ Updated Oct 23, 2025

compressionimage-qualityjpegmediapng

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is andW Image Control Safe to Use in 2026?

Generally Safe

Score 100/100

andW Image Control has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5mo ago

Risk Assessment

The 'andw-image-control' plugin v0.5.1 exhibits a generally strong security posture based on the provided static analysis. The absence of known CVEs, critical taint flows, and raw SQL queries is highly commendable. Furthermore, the plugin demonstrates good practices by implementing nonce checks and capability checks for its entry points, and all SQL queries utilize prepared statements. This indicates a conscientious effort by the developers to secure the plugin against common attack vectors.

However, a notable area for improvement is the output escaping. With 64 total outputs and only 64% properly escaped, there is a significant portion of output that remains vulnerable to cross-site scripting (XSS) attacks. The presence of two AJAX handlers, while protected by capability checks, still represents an attack surface that could be exploited if those checks were ever bypassed or misconfigured. The limited scope of the taint analysis (0 flows analyzed) prevents a complete assessment of potential vulnerabilities in this area, but the existing output escaping issue is a concrete concern.

In conclusion, the plugin has a solid foundation with no critical vulnerabilities identified in its history or taint analysis. The developers have incorporated essential security features. The primary weakness lies in the incomplete output escaping, which should be addressed to mitigate XSS risks. The lack of known vulnerabilities further supports its current relative safety, but the output escaping issue warrants attention.

Key Concerns

Incomplete output escaping

Vulnerabilities

None known

andW Image Control Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

andW Image Control Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

41 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

64% escaped64 total outputs

Attack Surface

andW Image Control Attack Surface

Entry Points2

Unprotected0

AJAX Handlers 2

authwp_ajax_andw_get_mime_typeincludes\class-media-ui.php:11

authwp_ajax_andw_get_mime_types_batchincludes\class-media-ui.php:12

WordPress Hooks 22

actionadmin_noticesandw-image-control.php:18

actionplugins_loadedandw-image-control.php:33

actionafter_setup_themeincludes\class-image-sizes.php:25

filterimage_size_names_chooseincludes\class-image-sizes.php:26

actionadmin_initincludes\class-image-sizes.php:27

filterjpeg_qualityincludes\class-jpeg-quality.php:10

filterwp_editor_set_qualityincludes\class-jpeg-quality.php:11

filterwp_generate_attachment_metadataincludes\class-jpeg-quality.php:14

filterimage_make_intermediate_sizeincludes\class-jpeg-quality.php:15

actionadmin_enqueue_scriptsincludes\class-media-ui.php:10

filterwp_prepare_attachment_for_jsincludes\class-media-ui.php:13

filterwp_handle_upload_prefilterincludes\class-png-converter.php:10

actionadd_attachmentincludes\class-png-converter.php:11

actionadmin_initincludes\class-settings.php:46

actionadmin_menuincludes\class-settings.php:47

actionadmin_initincludes\class-settings.php:48

filterpre_update_option_thumbnail_cropincludes\class-settings.php:476

actionadmin_enqueue_scriptsincludes\class-settings.php:479

filterupload_mimesincludes\class-svg-support.php:10

filterwp_check_filetype_and_extincludes\class-svg-support.php:11

filterwp_handle_upload_prefilterincludes\class-svg-support.php:12

actionadmin_enqueue_scriptsincludes\class-svg-support.php:13

Maintenance & Trust

andW Image Control Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedOct 23, 2025

PHP min version8.1

Downloads159

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

andW Image Control Alternatives

Image Quality

image-quality

100

Lets you adjust the quality of image thumbnails that WordPress generates.

400 No CVEs

Compress PNG for WP

compress-png-for-wp

Compress PNG files using the TinyPNG API.

200 No CVEs

Another simple image optimizer

another-simple-image-optimizer

Automatically optimize uploaded images using the Spatie image-optimizer library and binary files on your host system (e. g. jpegoptim, optipng)

20 No CVEs

Smart Image Optimizer

umii-image-optimizer

100

Smart Image Optimizer compresses image sizes and converts them to modern formats like JPEG, PNG, AVIF, and more — for faster websites and better SEO.

0 No CVEs

Image Converter for WebP

image-converter-webp

100

Convert your WordPress JPG and PNG images to efficient WebP format, improving performance, reducing file size, and enhancing website speed.

2K No CVEs

Developer Profile

andW Image Control Developer Profile

yasuo3o3

4 plugins · 10 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect andW Image Control

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/andw-image-control/assets/css/media-ui.css/wp-content/plugins/andw-image-control/assets/js/media-ui.js

Script Paths

/wp-content/plugins/andw-image-control/assets/js/media-ui.js

Version Parameters

andw-image-control/assets/css/media-ui.css?ver=andw-image-control/assets/js/media-ui.js?ver=

HTML / DOM Fingerprints

CSS Classes

andw-mime-jpgandw-mime-pngandw-mime-gifandw-mime-svgandw-mime-webpandw-mime-other

Data Attributes

andw_mime_labelandw_mime_class

JS Globals

andwMediaUI

REST Endpoints

/wp-json/andw-image-control/v1/settings

FAQ