WP-Safety

Bubuku Media Library Security & Risk Analysis

wordpress.org/plugins/bubuku-media-library

Manage image file size and alt text in your WordPress Media Library to improve performance, accessibility and SEO.

200 active installs v1.2.1 PHP 7.2+ WP 5.2+ Updated Mar 8, 2026
accessibilityalt-textimagesmedia-libraryseo
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Bubuku Media Library Safe to Use in 2026?

Generally Safe

Score 100/100

Bubuku Media Library has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago
Risk Assessment

The "bubuku-media-library" v1.2.1 plugin exhibits a strong security posture based on the provided static analysis and vulnerability history. The absence of any AJAX handlers, REST API routes, or shortcodes with unprotected entry points indicates a well-secured attack surface. The code also demonstrates excellent practices by using prepared statements for all SQL queries, properly escaping a high percentage of outputs, implementing nonce checks for all identified SQL queries, and performing capability checks for its cron events. The lack of any critical or high-severity taint flows further reinforces its security.

Concerns are minimal, with the primary area for potential improvement being the file operations, although the specific context and whether these operations are properly secured against manipulation is not detailed. The plugin also has no recorded vulnerabilities, past or present, which is a significant strength. This suggests a development team that prioritizes security and maintains a clean codebase.

Overall, the plugin appears to be very secure. The strengths lie in its minimal attack surface, robust data handling practices, and clean vulnerability history. The only minor point of attention would be to ensure the three file operations are indeed handled securely, but given the other positive indicators, this is unlikely to represent a significant risk. The plugin is recommended for its secure implementation.

Vulnerabilities
None known

Bubuku Media Library Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Bubuku Media Library Release Timeline

v1.2.1Current
v1.2.0
v1.1.8
v1.1.7
v1.1.6
v1.1.5
v1.1.4
v1.1.3
v1.1.2
v1.1.1
v1.1.0
v1.0.9
v1.0.8
v1.0.7
v1.0.6
v1.0.5
v1.0.4
v1.0.3
v1.0.2
v1.0.1
Code Analysis
Analyzed Mar 16, 2026

Bubuku Media Library Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
14 prepared
Unescaped Output
4
104 escaped
Nonce Checks
14
Capability Checks
3
File Operations
3
External Requests
0
Bundled Libraries
0

SQL Query Safety

100% prepared14 total queries

Output Escaping

96% escaped108 total outputs
Data Flows · Security
All sanitized

Data Flow Analysis

2 flows
export_csv_button (src\BML_filter.php:118)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Bubuku Media Library Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 28
actionadmin_menusrc\BML_admin_setup_report.php:17
actionadmin_enqueue_scriptssrc\BML_admin_setup_report.php:18
actionadmin_enqueue_scriptssrc\BML_assets.php:17
actionadmin_enqueue_scriptssrc\BML_assets.php:18
filterbulk_actions-uploadsrc\BML_bulk_action.php:22
actionhandle_bulk_actions-uploadsrc\BML_bulk_action.php:23
actionadmin_noticessrc\BML_bulk_action.php:24
filtermanage_upload_columnssrc\BML_common.php:24
actionmanage_media_custom_columnsrc\BML_common.php:26
actionadd_attachmentsrc\BML_common.php:28
actionedit_attachmentsrc\BML_common.php:29
actionsave_postsrc\BML_common.php:30
filtermanage_upload_sortable_columnssrc\BML_common.php:32
actionpre_get_postssrc\BML_common.php:34
actionload-upload.phpsrc\BML_export_filter.php:17
actionrestrict_manage_postssrc\BML_filter.php:17
actionrestrict_manage_postssrc\BML_filter.php:18
actionpre_get_postssrc\BML_filter.php:20
actionload-upload.phpsrc\BML_filter.php:21
actionplugins_loadedsrc\BML_plugin.php:15
actionbbkmedialibrary_report_eventsrc\BML_reports.php:39
actionadd_attachmentsrc\BML_reports.php:41
actiondelete_attachmentsrc\BML_reports.php:42
actionupdated_post_metasrc\BML_reports.php:43
actionadded_post_metasrc\BML_reports.php:44
actiondeleted_post_metasrc\BML_reports.php:45
actionrest_api_initsrc\BML_restapi.php:21
actionwp_dashboard_setupsrc\BML_widget_dashboard.php:11

Scheduled Events 3

bbkmedialibrary_report_event
bbkmedialibrary_report_event
bbkmedialibrary_report_event
Maintenance & Trust

Bubuku Media Library Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 8, 2026
PHP min version7.2
Downloads6K

Community Trust

Rating100/100
Number of ratings6
Active installs200
Alternatives

Bubuku Media Library Alternatives

AI Alt Text Builder

AI Alt Text Builder

ai-alt-text-builder

A
100

Generate SEO-friendly ALT text for Media Library images in one click, with scoring, bulk generation and language options.

0 No CVEs
KooKoo AI Alt Text Creator

KooKoo AI Alt Text Creator

kookoo-ai-alt-text-creator

A
100

Automatically generates descriptive Alt Text and Titles for your Media Library images using AI via OpenRouter.

0 No CVEs
Auto Image Attributes From Filename With Bulk Updater (Add Alt Text, Image Title For Image SEO)

Auto Image Attributes From Filename With Bulk Updater (Add Alt Text, Image Title For Image SEO)

auto-image-attributes-from-filename-with-bulk-updater

A
100

Automatically add Image Alt Text, Title, Caption and Description from Filename. Bulk update existing images. Great for Image SEO and Accessibility.

100K No CVEs
AI SEO Tools

AI SEO Tools

ai-seo-tools

A
100

AI SEO Tools uses AI to automatically improve your site's SEO, including generating image alt text, content refresh and auto tagging.

2K No CVEs
Filikod – ALT Text Audit & Bulk Management

Filikod – ALT Text Audit & Bulk Management

filikod

A
100

Audit your entire media library, get an ALT Quality Score from 0–100%, and fix missing, generic or duplicated ALT text in bulk. No external API.

90 No CVEs
Developer Profile

Bubuku Media Library Developer Profile

Luis Ruiz

6 plugins · 360 total installs

91
trust score
Avg Security Score
96/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Bubuku Media Library

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/bubuku-media-library/build/style-admin.css/wp-content/plugins/bubuku-media-library/src/scss/admin/style.scss/wp-content/plugins/bubuku-media-library/src/js/admin/index.js/wp-content/plugins/bubuku-media-library/build/style-widget.css/wp-content/plugins/bubuku-media-library/css/style-media-library.css/wp-content/plugins/bubuku-media-library/js/common.js
Script Paths
/wp-content/plugins/bubuku-media-library/build/admin.js/wp-content/plugins/bubuku-media-library/src/js/admin/index.js/wp-content/plugins/bubuku-media-library/js/common.js
Version Parameters
bubuku-media-library/build/style-admin.css?ver=bubuku-media-library/build/admin.js?ver=bubuku-media-library/src/scss/admin/style.scss?ver=bubuku-media-library/src/js/admin/index.js?ver=bubuku-media-library/build/style-widget.css?ver=bubuku-media-library/css/style-media-library.css?ver=bubuku-media-library/js/common.js?ver=

HTML / DOM Fingerprints

CSS Classes
bbk-media-library-app
JS Globals
BbkMediaLibrary
REST Endpoints
/wp-json/bubuku-media-library/v1/calculate-file-size
FAQ

Frequently Asked Questions about Bubuku Media Library