WP-Safety

Bulk Auto Image Alt Text (Alt tag, Alt attribute) optimizer (image SEO) Security & Risk Analysis

wordpress.org/plugins/bulk-image-alt-text-with-yoast

Auto optimize all image alt text (+ Woocommerce ), per page & product, from Yoast SEO / Rank Math optimization settings (keywords).

10K active installs v2.2.2 PHP 7.4+ WP 4.1+ Updated Jan 4, 2026
alt-attributealt-tagalt-textgoogle-imagesseo
99
A · Safe
CVEs total1
Unpatched0
Last CVEJan 8, 2026
Plugin page Download
Safety Verdict

Is Bulk Auto Image Alt Text (Alt tag, Alt attribute) optimizer (image SEO) Safe to Use in 2026?

Generally Safe

Score 99/100

Bulk Auto Image Alt Text (Alt tag, Alt attribute) optimizer (image SEO) has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Jan 8, 2026Updated 2mo ago
Risk Assessment

The plugin "bulk-image-alt-text-with-yoast" version 2.2.2 exhibits a mixed security posture. On the positive side, it demonstrates good practices by generally using prepared statements for SQL queries and implementing nonce checks and capability checks for its functions. The absence of file operations and external HTTP requests reduces the potential attack surface in those areas. Taint analysis also revealed no critical or high severity vulnerabilities related to unsanitized paths.

However, significant concerns arise from the analysis of the attack surface. The plugin exposes three AJAX handlers, and critically, all three lack authentication checks. This presents a substantial risk, as any unauthenticated user could potentially trigger these handlers. Furthermore, while the plugin has a history of known vulnerabilities, it currently has no unpatched CVEs, suggesting a reasonable track record for addressing security issues, although the presence of a past medium-severity Cross-Site Scripting vulnerability warrants ongoing vigilance.

In conclusion, while the plugin employs some solid security measures like prepared statements and nonces, the lack of authentication on all its AJAX endpoints is a critical oversight. The history of a past XSS vulnerability also highlights the importance of thorough output escaping, which is only partially implemented (48%). These weaknesses, particularly the unprotected AJAX handlers, outweigh the strengths and suggest a moderate to high risk without further security hardening.

Key Concerns

  • Unprotected AJAX handlers
  • Low output escaping coverage
  • Past medium severity CVE
Vulnerabilities
1

Bulk Auto Image Alt Text (Alt tag, Alt attribute) optimizer (image SEO) Security Vulnerabilities

CVEs by Year

1 CVE in 2026
2026
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

CVE-2025-15019medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

BIALTY - Bulk Image Alt Text (Alt tag, Alt Attribute) with Yoast SEO + WooCommerce <= 2.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

Jan 8, 2026 Patched in 2.2.2 (1d)
Code Analysis
Analyzed Mar 16, 2026

Bulk Auto Image Alt Text (Alt tag, Alt attribute) optimizer (image SEO) Code Analysis

Dangerous Functions
0
Raw SQL Queries
1
8 prepared
Unescaped Output
11
10 escaped
Nonce Checks
3
Capability Checks
4
File Operations
0
External Requests
0
Bundled Libraries
1

Bundled Libraries

Freemius1.0

SQL Query Safety

89% prepared9 total queries

Output Escaping

48% escaped21 total outputs
Data Flows
All sanitized

Data Flow Analysis

3 flows
save_options (admin\controllers\SettingsController.php:58)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
3 unprotected

Bulk Auto Image Alt Text (Alt tag, Alt attribute) optimizer (image SEO) Attack Surface

Entry Points3
Unprotected3

AJAX Handlers 3

authwp_ajax_bialty_optionsadmin\Settings.php:22
authwp_ajax_bialty_onboardingadmin\Settings.php:23
authwp_ajax_bialty_search_postsadmin\Settings.php:25
WordPress Hooks 18
filterthe_contentadmin\controllers\DomController.php:10
filterwoocommerce_single_product_image_thumbnail_htmladmin\controllers\DomController.php:11
filterpost_thumbnail_htmladmin\controllers\DomController.php:12
filterwoocommerce_related_products_argsadmin\controllers\DomController.php:13
actionwoocommerce_before_template_partadmin\controllers\DomController.php:19
actionwoocommerce_after_template_partadmin\controllers\DomController.php:25
actionadmin_menuadmin\Settings.php:20
actionadd_meta_boxesadmin\Settings.php:28
actionsave_postadmin\Settings.php:31
actionadmin_enqueue_scriptsadmin\Settings.php:38
filterscript_loader_tagadmin\Settings.php:41
actionadmin_headadmin\Settings.php:43
filterconnect_urlbulk-image-alt-text-with-yoast.php:70
filterafter_skip_urlbulk-image-alt-text-with-yoast.php:71
filterafter_connect_urlbulk-image-alt-text-with-yoast.php:72
filterafter_pending_connect_urlbulk-image-alt-text-with-yoast.php:73
filterconnect_messagebulk-image-alt-text-with-yoast.php:87
actioninitbulk-image-alt-text-with-yoast.php:96
Maintenance & Trust

Bulk Auto Image Alt Text (Alt tag, Alt attribute) optimizer (image SEO) Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedJan 4, 2026
PHP min version7.4
Downloads440K

Community Trust

Rating84/100
Number of ratings111
Active installs10K
Alternatives

Bulk Auto Image Alt Text (Alt tag, Alt attribute) optimizer (image SEO) Alternatives

Auto Alt Text

Auto Alt Text

auto-alt-text

A
99

This plugin allows you to automatically generate an Alt Text for images uploaded into the media library via AI.

3K 1 CVE
Ozi Image Alt Tag Fixer — Smart Image SEO & Alt Text Optimizer

Ozi Image Alt Tag Fixer — Smart Image SEO & Alt Text Optimizer

ozi-image-alt-tag-fixer

A
100

Automatically detect and fix missing image ALT text to improve accessibility, image SEO, and search visibility.

10 No CVEs
Alt Text Go

Alt Text Go

alt-text-go

A
92

Automatically generate alt text for your images. Optimized for SEO.

0 No CVEs
Auto Image Attributes From Filename With Bulk Updater (Add Alt Text, Image Title For Image SEO)

Auto Image Attributes From Filename With Bulk Updater (Add Alt Text, Image Title For Image SEO)

auto-image-attributes-from-filename-with-bulk-updater

A
100

Automatically add Image Alt Text, Title, Caption and Description from Filename. Bulk update existing images. Great for Image SEO and Accessibility.

100K No CVEs
Media Library Helper — Bulk edit image ALT, caption & description

Media Library Helper — Bulk edit image ALT, caption & description

media-library-helper

A
100

Add or edit or bulk edit image ALT tag, caption & description with one click straight from the WordPress media library to improve your SEO score.

10K 1 CVE
Developer Profile

Bulk Auto Image Alt Text (Alt tag, Alt attribute) optimizer (image SEO) Developer Profile

Pagup

17 plugins · 33K total installs

78
trust score
Avg Security Score
98/100
Avg Patch Time
439 days
View full developer profile
Detection Fingerprints

How We Detect Bulk Auto Image Alt Text (Alt tag, Alt attribute) optimizer (image SEO)

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/bulk-image-alt-text-with-yoast/assets/js/admin/settings.js/wp-content/plugins/bulk-image-alt-text-with-yoast/assets/css/admin/settings.css

HTML / DOM Fingerprints

CSS Classes
bialty-image-alt-textbialty-settings-pagebialty-tour-contentbialty-welcome-modal
HTML Comments
<!-- Bialty Auto Alt Text -->
Data Attributes
data-bialty-settingsdata-bialty-post-id
JS Globals
bialty_admin_settings
FAQ

Frequently Asked Questions about Bulk Auto Image Alt Text (Alt tag, Alt attribute) optimizer (image SEO)