WP-Safety

Auto Image Attributes From Filename With Bulk Updater (Add Alt Text, Image Title For Image SEO) Security & Risk Analysis

wordpress.org/plugins/auto-image-attributes-from-filename-with-bulk-updater

Automatically add Image Alt Text, Title, Caption and Description from Filename. Bulk update existing images. Great for Image SEO and Accessibility.

100K active installs v4.9 PHP + WP 3.5.0+ Updated Dec 17, 2025
accessibilityalt-textbulk-edit-imagesimage-seoimage-title
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Auto Image Attributes From Filename With Bulk Updater (Add Alt Text, Image Title For Image SEO) Safe to Use in 2026?

Generally Safe

Score 100/100

Auto Image Attributes From Filename With Bulk Updater (Add Alt Text, Image Title For Image SEO) has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago
Risk Assessment

The plugin 'auto-image-attributes-from-filename-with-bulk-updater' version 4.9 exhibits a mixed security posture. On the positive side, it has no recorded vulnerabilities (CVEs), no dangerous function usage, no external HTTP requests, and no file operations, which are all good indicators. The absence of taint analysis findings and bundled libraries further suggests a relatively clean codebase in those areas.

However, significant concerns arise from the static analysis. The plugin exposes a total of 6 AJAX handlers, with one lacking any authentication checks. This is a critical oversight that could allow unauthorized users to trigger potentially sensitive actions. Additionally, all three SQL queries are executed without prepared statements, posing a risk of SQL injection. The output escaping is also a weakness, with only 45% of outputs being properly escaped, leaving room for cross-site scripting (XSS) vulnerabilities. The presence of nonces and capability checks on some entry points is a positive, but it does not mitigate the risks presented by the unprotected AJAX handler and the raw SQL queries.

Given the complete lack of historical vulnerabilities, it's possible the developers have been diligent. However, the current static analysis reveals significant potential attack vectors. The unprotected AJAX handler and the lack of prepared statements are the most pressing issues. While the plugin's lack of external interactions and file operations are strengths, the identified flaws in input handling and authentication present a notable risk that requires immediate attention.

Key Concerns

  • Unprotected AJAX handler found
  • SQL queries without prepared statements
  • Low percentage of properly escaped output
Vulnerabilities
None known

Auto Image Attributes From Filename With Bulk Updater (Add Alt Text, Image Title For Image SEO) Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Auto Image Attributes From Filename With Bulk Updater (Add Alt Text, Image Title For Image SEO) Code Analysis

Dangerous Functions
0
Raw SQL Queries
3
0 prepared
Unescaped Output
34
28 escaped
Nonce Checks
6
Capability Checks
2
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

0% prepared3 total queries

Output Escaping

45% escaped62 total outputs
Attack Surface
1 unprotected

Auto Image Attributes From Filename With Bulk Updater (Add Alt Text, Image Title For Image SEO) Attack Surface

Entry Points6
Unprotected1

AJAX Handlers 6

authwp_ajax_iaff_rename_old_imageadmin\do.php:140
authwp_ajax_iaff_count_remaining_imagesadmin\do.php:195
authwp_ajax_iaff_reset_bulk_updater_counteradmin\do.php:216
authwp_ajax_iaff_before_bulk_updateradmin\do.php:237
authwp_ajax_iaff_after_bulk_updateradmin\do.php:258
authwp_ajax_iaff_bulk_updater_skip_imageadmin\do.php:302
WordPress Hooks 19
actionadmin_menuadmin\admin-setup.php:35
actionadmin_initadmin\admin-setup.php:257
actionadmin_enqueue_scriptsadmin\admin-setup.php:450
actionadmin_post_iaff_activate_image_attributes_pro_pluginadmin\admin-setup.php:519
actionplugins_loadedadmin\basic-setup.php:41
filterplugin_action_links_auto-image-attributes-from-filename-with-bulk-updater/iaff_image-attributes-from-filename.phpadmin\basic-setup.php:56
filterplugin_row_metaadmin\basic-setup.php:78
actionadmin_noticesadmin\basic-setup.php:117
filteradmin_footer_textadmin\basic-setup.php:146
filterupdate_footeradmin\basic-setup.php:163
filtermanage_media_columnsadmin\columns-media-library.php:11
actionmanage_media_custom_columnadmin\columns-media-library.php:12
actionadd_attachmentadmin\do.php:62
actionadmin_footeradmin\do.php:563
filtermedia_send_to_editoradmin\do.php:595
filterwp_get_attachment_linkadmin\do.php:611
filterwp_handle_upload_prefilteradmin\do.php:647
filterwp_read_image_metadataadmin\do.php:834
actionadmin_initiaff_image-attributes-from-filename.php:221
Maintenance & Trust

Auto Image Attributes From Filename With Bulk Updater (Add Alt Text, Image Title For Image SEO) Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedDec 17, 2025
PHP min version
Downloads909K

Community Trust

Rating96/100
Number of ratings93
Active installs100K
Alternatives

Auto Image Attributes From Filename With Bulk Updater (Add Alt Text, Image Title For Image SEO) Alternatives

Fix Alt Text

Fix Alt Text

fix-alt-text

A
100

Manage alt text site-wide easily with Fix Alt Text. You can also force users to use alt text when adding images in Gutenberg and Classic editors.

1K No CVEs
AI Alt Text Generator for SEO & Accessibility | AutoAlt

AI Alt Text Generator for SEO & Accessibility | AutoAlt

autoaltai

A
100

AI-powered alt text generation for better Google rankings and EAA/ADA accessibility compliance. Made in Germany.

90 No CVEs
File Media Renamer for SEO

File Media Renamer for SEO

file-media-renamer-for-seo

A
100

Rename media files with SEO-friendly names, auto-update references, alt/title sync, and 301 redirects — fast and safe.

80 No CVEs
Filikod – ALT Text Audit & Bulk Management

Filikod – ALT Text Audit & Bulk Management

filikod

A
100

Audit every image in your media library, get an ALT Quality Score, and fix missing or weak ALT text in bulk. No AI. No external API. Full control.

80 No CVEs
Alt Bot – AI Image Alt Text, Caption & Description Generator

Alt Bot – AI Image Alt Text, Caption & Description Generator

alt-bot

A
100

Automatically generate alt text for images using EXIF, filename, or title. Includes bulk actions, media library, and missing ALT management.

40 No CVEs
Developer Profile

Auto Image Attributes From Filename With Bulk Updater (Add Alt Text, Image Title For Image SEO) Developer Profile

Arun Basil Lal

4 plugins · 110K total installs

90
trust score
Avg Security Score
94/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Auto Image Attributes From Filename With Bulk Updater (Add Alt Text, Image Title For Image SEO)

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/auto-image-attributes-from-filename-with-bulk-updater/admin/css/bootstrap.min.css/wp-content/plugins/auto-image-attributes-from-filename-with-bulk-updater/admin/css/bootstrap-datetimepicker.min.css/wp-content/plugins/auto-image-attributes-from-filename-with-bulk-updater/admin/css/bootstrap-select.min.css/wp-content/plugins/auto-image-attributes-from-filename-with-bulk-updater/admin/css/jquery.dataTables.min.css/wp-content/plugins/auto-image-attributes-from-filename-with-bulk-updater/admin/css/select2.min.css/wp-content/plugins/auto-image-attributes-from-filename-with-bulk-updater/admin/css/sweetalert.css/wp-content/plugins/auto-image-attributes-from-filename-with-bulk-updater/admin/css/theme.css/wp-content/plugins/auto-image-attributes-from-filename-with-bulk-updater/admin/js/bootstrap.min.js+18 more
Script Paths
/wp-content/plugins/auto-image-attributes-from-filename-with-bulk-updater/admin/js/bootstrap.min.js/wp-content/plugins/auto-image-attributes-from-filename-with-bulk-updater/admin/js/bootstrap-datetimepicker.min.js/wp-content/plugins/auto-image-attributes-from-filename-with-bulk-updater/admin/js/bootstrap-select.min.js/wp-content/plugins/auto-image-attributes-from-filename-with-bulk-updater/admin/js/chart.bundle.min.js/wp-content/plugins/auto-image-attributes-from-filename-with-bulk-updater/admin/js/chart.min.js/wp-content/plugins/auto-image-attributes-from-filename-with-bulk-updater/admin/js/chartjs-plugin-datalabels.min.js+13 more
Version Parameters
/wp-content/plugins/auto-image-attributes-from-filename-with-bulk-updater/admin/css/theme.css?ver=/wp-content/plugins/auto-image-attributes-from-filename-with-bulk-updater/admin/js/script.js?ver=

HTML / DOM Fingerprints

CSS Classes
iaff-bulk-upload-modaliaff-import-data-modaliaff-settings-formiaff-settings-field
HTML Comments
<!-- START AUTO IMAGE ATTRIBUTES FROM FILENAME WITH BULK UPDATER v4.9 --><!-- END AUTO IMAGE ATTRIBUTES FROM FILENAME WITH BULK UPDATER -->
Data Attributes
data-iaff-bulk-uploaddata-iaff-import-data
JS Globals
IAFF_Admin_Scriptiaff_settings_object
FAQ

Frequently Asked Questions about Auto Image Attributes From Filename With Bulk Updater (Add Alt Text, Image Title For Image SEO)