Does Attachment Taxonomies have any unpatched vulnerabilities?

No. All known vulnerabilities in Attachment Taxonomies have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Attachment Taxonomies compatible with WordPress 6.9.4?

According to WordPress.org data, Attachment Taxonomies 1.2.1 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Attachment Taxonomies compatible with PHP 7.0+?

Attachment Taxonomies requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Attachment Taxonomies updated?

Attachment Taxonomies was last updated on Nov 24, 2025. Frequent updates are generally a positive security signal.

What is Attachment Taxonomies's security score?

Attachment Taxonomies has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Attachment Taxonomies Security & Risk Analysis

wordpress.org/plugins/attachment-taxonomies

This plugin adds categories and tags to the WordPress media library - lightweight and developer-friendly.

1K active installs v1.2.1 PHP 7.0+ WP 6.1+ Updated Nov 24, 2025

attachmentcategoriesmediatagstaxonomies

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Attachment Taxonomies Safe to Use in 2026?

Generally Safe

Score 100/100

Attachment Taxonomies has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago

Risk Assessment

The "attachment-taxonomies" plugin version 1.2.1 exhibits a strong security posture based on the provided static analysis. The absence of any detected AJAX handlers, REST API routes, shortcodes, cron events, or dangerous functions indicates a very limited attack surface and a lack of direct user-facing entry points that could be exploited. Furthermore, the code demonstrates good practices by exclusively using prepared statements for its SQL queries and properly escaping a high percentage of its output. The lack of file operations and external HTTP requests further minimizes potential vulnerabilities.

The vulnerability history is also clean, with no known CVEs recorded for this plugin. This, combined with the absence of critical or high severity taint flows, suggests a well-written and secure codebase. The presence of capability checks, even without a large attack surface, shows an awareness of access control, although the complete absence of nonce checks is a minor concern given the limited entry points. Overall, the plugin appears to be very secure, with minimal identified risks. The primary area for minimal improvement would be the inclusion of nonce checks on any potential future interactions, even if currently none exist.

Key Concerns

No nonce checks detected

Vulnerabilities

None known

Attachment Taxonomies Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Attachment Taxonomies Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

34 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

89% escaped38 total outputs

Attack Surface

Attachment Taxonomies Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 24

actionmuplugins_loadedattachment-taxonomies.php:122

actionplugins_loadedattachment-taxonomies.php:124

actioninitattachment-taxonomies.php:153

actionadmin_footerinc\Attachment_Taxonomies_Admin.php:228

actionadmin_footerinc\Attachment_Taxonomies_Admin.php:340

actionwp_footerinc\Attachment_Taxonomies_Admin.php:341

actioncustomize_controls_print_footer_scriptsinc\Attachment_Taxonomies_Admin.php:342

actionedit_attachmentinc\Attachment_Taxonomies_Hooks.php:53

actionadd_attachmentinc\Attachment_Taxonomies_Hooks.php:54

actionrestrict_manage_postsinc\Attachment_Taxonomies_Hooks.php:55

actionwp_enqueue_mediainc\Attachment_Taxonomies_Hooks.php:56

actionwp_enqueue_mediainc\Attachment_Taxonomies_Hooks.php:57

filterwp_prepare_attachment_for_jsinc\Attachment_Taxonomies_Hooks.php:58

filterattachment_fields_to_editinc\Attachment_Taxonomies_Hooks.php:59

actionwp_enqueue_mediainc\Attachment_Taxonomies_Hooks.php:60

filterrest_request_before_callbacksinc\Attachment_Taxonomies_Hooks.php:63

actionrest_after_insert_attachmentinc\Attachment_Taxonomies_Hooks.php:64

filtermap_meta_capinc\Attachment_Taxonomies_Hooks.php:67

filtershortcode_atts_galleryinc\Attachment_Taxonomies_Hooks.php:70

actionedit_attachmentinc\Attachment_Taxonomies_Hooks.php:73

actionadd_attachmentinc\Attachment_Taxonomies_Hooks.php:74

actionrest_api_initinc\Attachment_Taxonomies_Hooks.php:75

actionadmin_initinc\Attachment_Taxonomies_Hooks.php:76

actionadmin_initinc\Attachment_Taxonomies_Hooks.php:77

Maintenance & Trust

Attachment Taxonomies Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedNov 24, 2025

PHP min version7.0

Downloads64K

Community Trust

Rating92/100

Number of ratings10

Active installs1K

Alternatives

Attachment Taxonomies Alternatives

Automatic Galleries

simple-media-taxonomy-galleries

Create automatic galleries in posts based on media categories or tags. Saves time by automatically creating WordPress galleries using custom categori …

10 No CVEs

Enhanced Media Library

enhanced-media-library

This plugin would be handy for those who need to manage a lot of media files.

70K 1 CVE

Media Library Assistant

media-library-assistant

Enhances the Media Library; powerful gallery and list shortcodes, full taxonomy support, IPTC/EXIF/XMP/PDF processing, bulk/quick edit.

70K 26 CVEs

WP Required Taxonomies – Categories and Tags Mandatory

required-taxonomies

Force users to select a taxonomy term when publishing posts. For example, make category or tags required

1K No CVEs

WP Media Categories

wp-media-categories

Add categories to media & attachments.

800 1 unpatched

Developer Profile

Attachment Taxonomies Developer Profile

Felix Arntz

12 plugins · 18K total installs

trust score

Avg Security Score

95/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Attachment Taxonomies

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/attachment-taxonomies/inc/css/attachment-taxonomies-admin.css/wp-content/plugins/attachment-taxonomies/inc/css/attachment-taxonomies-frontend.css/wp-content/plugins/attachment-taxonomies/inc/js/attachment-taxonomies-admin.js

Script Paths

/wp-content/plugins/attachment-taxonomies/inc/js/attachment-taxonomies-admin.js

Version Parameters

attachment-taxonomies/inc/css/attachment-taxonomies-admin.css?ver=attachment-taxonomies/inc/css/attachment-taxonomies-frontend.css?ver=attachment-taxonomies/inc/js/attachment-taxonomies-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

attachment-taxonomies-admin-wrap

Data Attributes

data-attachment-taxonomies-terms

JS Globals

AttachmentTaxonomiesAdmin

FAQ