Does Avatars have any unpatched vulnerabilities?

No. All known vulnerabilities in Avatars have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Avatars compatible with WordPress 5.8.13?

According to WordPress.org data, Avatars 1.0.0 has been tested up to WordPress 5.8.13. Check the plugin's changelog for the latest compatibility information.

Is Avatars compatible with PHP 5.6+?

Avatars requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Avatars updated?

Avatars was last updated on Aug 25, 2021. Frequent updates are generally a positive security signal.

What is Avatars's security score?

Avatars has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Avatars Security & Risk Analysis

wordpress.org/plugins/avatars

A WordPress plugin to remove avatars from your WordPress site

0 active installs v1.0.0 PHP 5.6+ WP 5.2+ Updated Aug 25, 2021

adminavatarsgravatarprofile

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Avatars Safe to Use in 2026?

Generally Safe

Score 85/100

Avatars has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago

Risk Assessment

Based on the provided static analysis and vulnerability history, the "avatars" v1.0.0 plugin exhibits a strong security posture. The static analysis reveals no identified attack surface entry points, including AJAX handlers, REST API routes, shortcodes, or cron events that are not adequately protected. Furthermore, the code demonstrates excellent adherence to secure coding practices, with no dangerous functions identified, all SQL queries utilizing prepared statements, and all output properly escaped. There are also no file operations, external HTTP requests, or missing nonce/capability checks in the analyzed code.

The vulnerability history is equally impressive, with zero known CVEs recorded. This absence of historical vulnerabilities, coupled with the clean static analysis, suggests a well-developed and secure plugin. The lack of common vulnerability types and the absence of any recorded past vulnerabilities indicate a consistent focus on security by the developers.

In conclusion, the "avatars" v1.0.0 plugin appears to be exceptionally secure. The complete absence of identified vulnerabilities in both static analysis and historical records, alongside the implementation of robust security practices, indicates a very low risk of exploitation. There are no discernible weaknesses to report based on the provided data.

Vulnerabilities

None known

Avatars Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Avatars Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Attack Surface

Avatars Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 2

actionadmin_enqueue_scriptsavatars.php:17

actionpre_option_show_avatarsavatars.php:21

Maintenance & Trust

Avatars Maintenance & Trust

Maintenance Signals

WordPress version tested5.8.13

Last updatedAug 25, 2021

PHP min version5.6

Downloads4K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Avatars Alternatives

Avatar Manager

avatar-manager

Avatar Manager for WordPress is a sweet and simple plugin for storing avatars locally and more. Easily.

6K No CVEs

One User Avatar | User Profile Picture

one-user-avatar

Use any image from your WordPress Media Library as a custom user avatar or user profile picture. Add your own Default Avatar.

100K 2 CVEs

Simple Local Avatars

simple-local-avatars

Adds an avatar upload field to user profiles. Generates requested sizes on demand just like Gravatar!

100K 6 CVEs

User Profile Picture

metronet-profile-picture

Set a custom profile image (avatar) for a user using the standard WordPress media upload tool.

40K 1 CVE

Basic User Avatars

basic-user-avatars

Add an avatar upload field on frontend pages and Edit Profile screen so users can add a custom profile picture.

20K No CVEs

Developer Profile

Avatars Developer Profile

Brad Parbs

16 plugins · 3K total installs

trust score

Avg Security Score

88/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Avatars

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

CSS Classes

user-profile-picture

FAQ