Does [凹凸曼]自动同步阿里云对象存储OSS have any unpatched vulnerabilities?

No. All known vulnerabilities in [凹凸曼]自动同步阿里云对象存储OSS have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is [凹凸曼]自动同步阿里云对象存储OSS compatible with WordPress 6.8.5?

According to WordPress.org data, [凹凸曼]自动同步阿里云对象存储OSS 2.2.0 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is [凹凸曼]自动同步阿里云对象存储OSS compatible with PHP 7.4+?

[凹凸曼]自动同步阿里云对象存储OSS requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is [凹凸曼]自动同步阿里云对象存储OSS updated?

[凹凸曼]自动同步阿里云对象存储OSS was last updated on Sep 11, 2025. Frequent updates are generally a positive security signal.

What is [凹凸曼]自动同步阿里云对象存储OSS's security score?

[凹凸曼]自动同步阿里云对象存储OSS has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

[凹凸曼]自动同步阿里云对象存储OSS Security & Risk Analysis

wordpress.org/plugins/apoyl-aliyunoss

设计理念，这是绿色无任何污染，可以随时关闭插件，实现手动同步和自动同步，让网站图片和附件自动同步到阿里云对象存储OSS,实现图片附件和网站代码分离，流量分流让网站打开速度更快.

0 active installs v2.2.0 PHP 7.4+ WP 6.0+ Updated Sep 11, 2025

%e9%98%bf%e9%87%8c%e4%ba%91oss%e5%90%8c%e6%ad%a5%e9%99%84%e4%bb%b6%e5%af%b9%e8%b1%a1%e5%ad%98%e5%82%a8%e4%ba%91%e5%ad%98%e5%82%a8

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is [凹凸曼]自动同步阿里云对象存储OSS Safe to Use in 2026?

Generally Safe

Score 100/100

[凹凸曼]自动同步阿里云对象存储OSS has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6mo ago

Risk Assessment

The "apoyl-aliyunoss" v2.2.0 plugin exhibits a strong security posture based on the provided static analysis. The absence of AJAX handlers, REST API routes, shortcodes, and cron events with unprotected entry points indicates a well-designed attack surface. Furthermore, the lack of critical or high-severity taint flows and the absence of recorded vulnerabilities (CVEs) are positive indicators. The plugin also demonstrates good practices regarding output escaping, with 85% of outputs properly handled. However, a significant concern is the presence of a SQL query that does not utilize prepared statements, which could be a potential avenue for SQL injection if the input is not adequately sanitized elsewhere. The lack of capability checks is also a weakness, as it implies that actions within the plugin might not be restricted to users with appropriate permissions.

Key Concerns

SQL queries without prepared statements
No capability checks found

Vulnerabilities

None known

[凹凸曼]自动同步阿里云对象存储OSS Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

[凹凸曼]自动同步阿里云对象存储OSS Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

87 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

0% prepared1 total queries

Output Escaping

85% escaped102 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

<setting> (admin\partials\setting.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

[凹凸曼]自动同步阿里云对象存储OSS Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 6

actionplugins_loadedincludes\aliyunoss.php:47

actionadmin_menuincludes\aliyunoss.php:53

actionwp_generate_attachment_metadataincludes\aliyunoss.php:57

filterwp_get_attachment_urlincludes\aliyunoss.php:58

filterwp_calculate_image_srcsetincludes\aliyunoss.php:65

actionthe_contentincludes\aliyunoss.php:66

Maintenance & Trust

[凹凸曼]自动同步阿里云对象存储OSS Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedSep 11, 2025

PHP min version7.4

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

[凹凸曼]自动同步阿里云对象存储OSS Alternatives

OSS Aliyun

oss-aliyun

使用阿里云对象存储 OSS 作为附件存储空间。(This is a plugin that uses Aliyun Object Storage Service for attachments remote saving.)

3K 1 CVE

WPOSS阿里云对象存储

wposs

100

WordPress阿里云对象存储插件（简称:WPOSS），基于阿里云OSS对象存储与WordPress实现静态资源到OSS存储。支持阿里云OSS图片编辑，水印、裁剪、压缩等。

900 No CVEs

Sync QCloud COS

sync-qcloud-cos

100

使用腾讯云对象存储服务 COS 作为附件存储空间。(Using Tencent Cloud Object Storage Service COS as Attachment Storage Space.)

400 1 CVE

WPQiNiu七牛云对象存储

wpqiniu

100

WordPress 七牛云对象存储（简称:WPQiNiu），基于七牛云对象存储与WordPress实现静态资源到对象存储中，让静态资源包括图片、附件分离WordPress根目录，提高网站打开速度。

400 No CVEs

WPCOS腾讯云对象存储COS

wpcos

100

WordPress COS（简称:WPCOS），基于腾讯云COS存储与WordPress实现静态资源到COS存储中。提高网站项目的访问速度，以及静态资源的安全存储功能。

300 No CVEs

Developer Profile

[凹凸曼]自动同步阿里云对象存储OSS Developer Profile

apoyl

27 plugins · 710 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect [凹凸曼]自动同步阿里云对象存储OSS

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/apoyl-aliyunoss/admin/css/admin.css/wp-content/plugins/apoyl-aliyunoss/admin/js/admin.js

Script Paths

/wp-content/plugins/apoyl-aliyunoss/admin/js/admin.js

Version Parameters

apoyl-aliyunoss/admin/css/admin.css?ver=apoyl-aliyunoss/admin/js/admin.js?ver=

HTML / DOM Fingerprints

Data Attributes

data-region

FAQ