WP-Safety

[凹凸曼]同步图片附件到腾讯云COS Security & Risk Analysis

wordpress.org/plugins/apoyl-tencentcos

Design philosophy: This plugin is green and pollution-free. It does not modify the original system's database image paths, preventing issues if c …

0 active installs v2.3.0 PHP 7.4+ WP 6.0+ Updated Mar 18, 2026
cloud-storagecosobject-storagesync-attachmentstencent-cloud
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is [凹凸曼]同步图片附件到腾讯云COS Safe to Use in 2026?

Generally Safe

Score 100/100

[凹凸曼]同步图片附件到腾讯云COS has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago
Risk Assessment

The "apoyl-tencentcos" plugin v2.3.0 exhibits a generally strong security posture based on the static analysis. The absence of any recorded CVEs and a clean vulnerability history are significant positive indicators. The code signals also show good practices, with a high percentage of outputs being properly escaped and the presence of nonce and capability checks, although the latter is zero, which is a concern.

However, there are several areas that warrant attention. The plugin uses one SQL query that does not utilize prepared statements, posing a potential risk for SQL injection if the data involved is user-controllable and not sufficiently sanitized elsewhere. Furthermore, the plugin performs 12 file operations, and without detailed inspection, the security implications of these operations are unknown and could represent an attack vector. The single external HTTP request also requires careful scrutiny to ensure it doesn't lead to vulnerabilities like SSRF.

While the plugin has a clean past and a seemingly small attack surface according to the provided metrics, the lack of capability checks is a significant weakness, as it implies that any authenticated user could potentially trigger sensitive actions. The absence of any recorded vulnerabilities could be due to a lack of thorough auditing, a small user base, or simply good fortune. It's crucial to balance this positive history with the identified code weaknesses to maintain a robust security posture.

Key Concerns

  • Raw SQL query without prepared statements
  • No capability checks found
  • Unsanitized file operations (12 total)
  • External HTTP request without clear validation
Vulnerabilities
None known

[凹凸曼]同步图片附件到腾讯云COS Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

[凹凸曼]同步图片附件到腾讯云COS Release Timeline

No version history available.
Code Analysis
Analyzed Mar 17, 2026

[凹凸曼]同步图片附件到腾讯云COS Code Analysis

Dangerous Functions
0
Raw SQL Queries
1
0 prepared
Unescaped Output
11
37 escaped
Nonce Checks
2
Capability Checks
0
File Operations
12
External Requests
1
Bundled Libraries
0

SQL Query Safety

0% prepared1 total queries

Output Escaping

77% escaped48 total outputs
Data Flows · Security
All sanitized

Data Flow Analysis

2 flows
<setting> (admin\partials\setting.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

[凹凸曼]同步图片附件到腾讯云COS Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 6
actionplugins_loadedincludes\tencentcos.php:49
actionadmin_menuincludes\tencentcos.php:55
actionwp_generate_attachment_metadataincludes\tencentcos.php:57
filterwp_get_attachment_urlincludes\tencentcos.php:58
filterwp_calculate_image_srcsetincludes\tencentcos.php:66
actionthe_contentincludes\tencentcos.php:67
Maintenance & Trust

[凹凸曼]同步图片附件到腾讯云COS Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 18, 2026
PHP min version7.4
Downloads1K

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

[凹凸曼]同步图片附件到腾讯云COS Alternatives

Cloud S3 Storage

Cloud S3 Storage

cloud-s3-storage

A
100

Manage your WordPress media files with ease using S3-compatible object storage services.

10 No CVEs
Cost Calculator Builder

Cost Calculator Builder

cost-calculator-builder

B
82

WP Cost Calculator is a simple and powerful tool that lets you create price estimation forms. Easily give your clients information about your services &hellip;

30K 15 CVEs
Cost of Goods: Product Cost & Profit Calculator for WooCommerce

Cost of Goods: Product Cost & Profit Calculator for WooCommerce

cost-of-goods-for-woocommerce

A
95

Unlock detailed insights into products profitability, calculate COGS & profit margins, and get a better financial analytics insights with our Cost &hellip;

10K 5 CVEs
Min Max Quantities – Set Minimum/Maximum Quantity & Price Limits with Step Control for WooCommerce

Min Max Quantities – Set Minimum/Maximum Quantity & Price Limits with Step Control for WooCommerce

wc-min-max-quantities

A
100

Set minimum and maximum order quantities or amounts for individual products, categories, or globally, with quantity-step control for WooCommerce store &hellip;

10K No CVEs
Cost Calculator for Contact Form 7 – Price Calculator Free

Cost Calculator for Contact Form 7 – Price Calculator Free

cf7-cost-calculator-price-calculation

A
100

With Contact Form 7 Cost Calculator – Price Calculation Form you can create forms with dynamically calculated fields to display the calculated values!

6K No CVEs
Developer Profile

[凹凸曼]同步图片附件到腾讯云COS Developer Profile

apoyl

29 plugins · 740 total installs

92
trust score
Avg Security Score
97/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect [凹凸曼]同步图片附件到腾讯云COS

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/apoyl-tencentcos/admin/css/admin.css/wp-content/plugins/apoyl-tencentcos/admin/js/admin.js
Script Paths
/wp-content/plugins/apoyl-tencentcos/admin/js/admin.js
Version Parameters
apoyl-tencentcos/css/admin.css?ver=apoyl-tencentcos/js/admin.js?ver=

HTML / DOM Fingerprints

FAQ

Frequently Asked Questions about [凹凸曼]同步图片附件到腾讯云COS