Does Cloudimage have any unpatched vulnerabilities?

No. All known vulnerabilities in Cloudimage have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Cloudimage compatible with WordPress 6.8.5?

According to WordPress.org data, Cloudimage 4.0.6 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Cloudimage compatible with PHP 5.6+?

Cloudimage requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Cloudimage updated?

Cloudimage was last updated on Jan 23, 2026. Frequent updates are generally a positive security signal.

What is Cloudimage's security score?

Cloudimage has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Cloudimage Security & Risk Analysis

wordpress.org/plugins/cloudimage

The easiest way to resize, compress, optimise and deliver lightning fast images to your users on any device via CDN.

300 active installs v4.0.6 PHP 5.6+ WP 4.8+ Updated Jan 23, 2026

cdnconvert-webpimage-resizingoptimize-imagesseo

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Cloudimage Safe to Use in 2026?

Generally Safe

Score 100/100

Cloudimage has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago

Risk Assessment

The cloudimage plugin v4.0.6 exhibits a mixed security posture. On the positive side, it demonstrates good practices by exclusively using prepared statements for SQL queries, avoiding dangerous functions, and not performing file operations. The plugin also has a clean vulnerability history, with no known CVEs, suggesting a generally stable and well-maintained codebase. However, significant security concerns are present due to the static analysis results. The presence of an unprotected AJAX handler represents a critical entry point that could be exploited without proper authentication or authorization checks, increasing the risk of unauthorized actions. While the taint analysis found no critical or high-severity flows, the presence of two flows with unsanitized paths is a red flag that warrants further investigation, as it could indicate potential for unintended data handling. The low percentage of properly escaped output further heightens the risk of cross-site scripting (XSS) vulnerabilities. Despite a clean history, the current code has identifiable weaknesses that need addressing.

Key Concerns

Unprotected AJAX handler
Flows with unsanitized paths
Low percentage of properly escaped output

Vulnerabilities

None known

Cloudimage Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Cloudimage Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

87 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

83% escaped105 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

cloudimage_check_v7 (admin\class-cloudimage-admin.php:310)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

Cloudimage Attack Surface

Entry Points1

Unprotected1

AJAX Handlers 1

authwp_ajax_cloudimage_check_v7includes\class-cloudimage.php:191

WordPress Hooks 26

actionshutdownincludes\class-cloudimage-output-buffering.php:40

actionplugins_loadedincludes\class-cloudimage.php:155

actionadmin_enqueue_scriptsincludes\class-cloudimage.php:172

actionadmin_enqueue_scriptsincludes\class-cloudimage.php:173

actionadmin_menuincludes\class-cloudimage.php:176

actionadmin_initincludes\class-cloudimage.php:183

actionadmin_noticesincludes\class-cloudimage.php:186

actionadmin_noticesincludes\class-cloudimage.php:189

actionwp_enqueue_scriptsincludes\class-cloudimage.php:208

actionwp_enqueue_scriptsincludes\class-cloudimage.php:209

filterwp_get_attachment_urlincludes\class-cloudimage.php:212

filterwp_calculate_image_srcsetincludes\class-cloudimage.php:218

filterwp_prepare_attachment_for_jsincludes\class-cloudimage.php:224

filterimage_downsizeincludes\class-cloudimage.php:231

actionwp_headincludes\class-cloudimage.php:238

actioninitincludes\class-cloudimage.php:241

filterthe_contentpublic\class-cloudimage-public.php:1281

actionadmin_menuv4\cloudimage.php:12

actionadmin_initv4\cloudimage.php:15

actionwp_enqueue_scriptsv4\cloudimage.php:18

filterwp_calculate_image_srcsetv4\cloudimage.php:21

actionwp_headv4\cloudimage.php:24

filterwp_headv4\cloudimage.php:25

filterwp_get_attachment_image_attributesv4\cloudimage.php:26

filterplugin_action_linksv4\cloudimage.php:30

actionplugins_loadedv4\cloudimage.php:1178

Maintenance & Trust

Cloudimage Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedJan 23, 2026

PHP min version5.6

Downloads48K

Community Trust

Rating88/100

Number of ratings8

Active installs300

Alternatives

Cloudimage Alternatives

Imagify Image Optimization – Optimize Images | Compress Images | Convert WebP | Convert AVIF

imagify

100

Optimize images in 1-click: compress images, convert to WebP & AVIF, resize, and boost your site with the easiest WordPress image optimization plugin!

1.0M No CVEs

Smush Image Optimization – Optimize Images | Compress & Lazy Load Images | Convert WebP & AVIF | Image CDN

wp-smushit

Optimize and compress images with lossless and lossy compression, lazy load, WebP & AVIF conversion, and global image CDN.

1.0M 6 CVEs

SpeedyCache – Cache, Optimization, Performance

speedycache

SpeedyCache is a WordPress cache plugin that helps you improve performance of your WordPress site by caching, minifying, and compressing your website.

600K 4 CVEs

Converter for Media – Optimize images | Convert WebP & AVIF

webp-converter-for-media

Speed up your website by using our WebP & AVIF Converter. Optimize images and serve WebP and AVIF images instead of standard formats!

500K 4 CVEs

ShortPixel Image Optimizer – Optimize Images, Convert WebP & AVIF

shortpixel-image-optimiser

Optimize images & PDFs smartly. Create and compress next-gen WebP and AVIF formats. Smart crop and resize.

300K 6 CVEs

Developer Profile

Cloudimage Developer Profile

Scaleflex

3 plugins · 310 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Cloudimage

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/cloudimage/css/cloudimage-admin.css/wp-content/plugins/cloudimage/js/debounce.js/wp-content/plugins/cloudimage/js/cloudimage-admin.js

Script Paths

https://cdn.scaleflex.com/prod/cloudimage-lazy-load/3.1.2/cloudimage-lazy-load.min.js

Version Parameters

cloudimage-admin.css?ver=debounce.js?ver=cloudimage-admin.js?ver=cloudimage-lazy-load.min.js?ver=

HTML / DOM Fingerprints

Data Attributes

data-cloudimage-gen

JS Globals

Cloudimage

FAQ