Does Codirun R2 Media & Static CDN have any unpatched vulnerabilities?

No. All known vulnerabilities in Codirun R2 Media & Static CDN have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Codirun R2 Media & Static CDN compatible with WordPress 6.9.4?

According to WordPress.org data, Codirun R2 Media & Static CDN 1.0.6 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Codirun R2 Media & Static CDN compatible with PHP 8.2+?

Codirun R2 Media & Static CDN requires PHP 8.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Codirun R2 Media & Static CDN updated?

Codirun R2 Media & Static CDN was last updated on Unknown. Frequent updates are generally a positive security signal.

What is Codirun R2 Media & Static CDN's security score?

Codirun R2 Media & Static CDN has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Codirun R2 Media & Static CDN Security & Risk Analysis

wordpress.org/plugins/codirun-codir2me-cdn

Upload JS, CSS, SVG, fonts and images to Cloudflare R2 and serve them via Cloudflare CDN to speed up your WordPress site and reduce server load.

10 active installs v1.0.6 PHP 8.2+ WP 6.0+ Updated Unknown

cdncloudflareimage-optimizationoffloadr2

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Codirun R2 Media & Static CDN Safe to Use in 2026?

Generally Safe

Score 100/100

Codirun R2 Media & Static CDN has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The "codirun-codir2me-cdn" plugin v1.0.6 exhibits a generally strong security posture, with a notable absence of known vulnerabilities and a robust implementation of security best practices. The static analysis reveals a comprehensive use of nonce checks and capability checks for its AJAX endpoints, and all SQL queries are properly prepared, mitigating common database-related risks. The vast majority of output is also correctly escaped, reducing the likelihood of cross-site scripting (XSS) vulnerabilities. The plugin's limited external HTTP requests and lack of bundled libraries further contribute to a cleaner security profile.

However, a single taint flow with an unsanitized path was identified. While not classified as critical or high severity in this analysis, this represents a potential avenue for attack if that path is exploited. This specific finding, though isolated, warrants attention as it indicates a point where user-supplied input might not be adequately handled before being used in a file-related operation. The lack of recorded vulnerabilities in its history is a positive indicator, suggesting a commitment to secure coding or a fortunate lack of discovery, but it should not lead to complacency given the identified taint flow.

In conclusion, the plugin demonstrates good security hygiene with strong defenses against common web attacks. The primary concern is the identified unsanitized path, which should be investigated and remediated. Otherwise, the plugin's design and implementation suggest a relatively secure integration into a WordPress site.

Key Concerns

Taint flow with unsanitized path

Vulnerabilities

None known

Codirun R2 Media & Static CDN Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Codirun R2 Media & Static CDN Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

261 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

95% escaped275 total outputs

Data Flows

1 unsanitized

Data Flow Analysis

5 flows1 with unsanitized paths

codir2me_show_our_notices (includes\admin\codir2me-block-notices.php:58)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Codirun R2 Media & Static CDN Attack Surface

Entry Points4

Unprotected0

AJAX Handlers 4

authwp_ajax_codir2me_resync_fileincludes\class-codir2me-admin.php:134

authwp_ajax_codir2me_get_image_thumbnailincludes\class-codir2me-background-processor.php:28

authwp_ajax_codir2me_process_batch_realtimeincludes\class-codir2me-background-processor.php:31

authwp_ajax_codir2me_check_environmentincludes\class-codir2me-environment-checker.php:84

WordPress Hooks 69

actionadmin_noticescodirun-codir2me-cdn.php:26

actionadmin_noticescodirun-codir2me-cdn.php:45

actionphp_error_handlercodirun-codir2me-cdn.php:281

actionupgrader_process_completecodirun-codir2me-cdn.php:282

actionadmin_initcodirun-codir2me-cdn.php:382

actionwp_loadedcodirun-codir2me-cdn.php:392

actioninitcodirun-codir2me-cdn.php:401

actionupgrader_process_completecodirun-codir2me-cdn.php:409

actioncodir2me_batch_verify_filescodirun-codir2me-cdn.php:428

actioncodir2me_files_uploadedcodirun-codir2me-cdn.php:445

filtercodir2me_cdn_get_instancecodirun-codir2me-cdn.php:462

actionadmin_noticescodirun-codir2me-cdn.php:1538

actionadmin_initcodirun-codir2me-cdn.php:1541

actioncodir2me_background_resend_eventcodirun-codir2me-cdn.php:1544

filterscript_loader_srccodirun-codir2me-cdn.php:1547

filterstyle_loader_srccodirun-codir2me-cdn.php:1548

actioninitcodirun-codir2me-cdn.php:1554

actionadmin_noticesincludes\admin\class-codir2me-admin-ui-general.php:407

actionadmin_noticesincludes\admin\class-codir2me-admin-ui-general.php:422

actionadmin_noticesincludes\admin\class-codir2me-admin-ui-general.php:449

actionadmin_noticesincludes\admin\class-codir2me-admin-ui-general.php:533

actionadmin_noticesincludes\admin\class-codir2me-admin-ui-general.php:548

actionadmin_noticesincludes\admin\class-codir2me-admin-ui-general.php:581

actionadmin_noticesincludes\admin\class-codir2me-admin-ui-thumbnails.php:179

actionadmin_enqueue_scriptsincludes\admin\class-codir2me-admin-ui.php:118

actionadmin_noticesincludes\admin\codir2me-block-notices.php:49

actionadmin_initincludes\admin\codir2me-block-notices.php:102

actionadmin_menuincludes\class-codir2me-admin.php:106

actionadmin_initincludes\class-codir2me-admin.php:107

actionadmin_enqueue_scriptsincludes\class-codir2me-admin.php:108

actionadmin_post_codir2me_download_logincludes\class-codir2me-admin.php:111

actionadmin_post_codir2me_clear_logincludes\class-codir2me-admin.php:112

actionadmin_post_codir2me_scan_filesincludes\class-codir2me-admin.php:115

actionadmin_post_codir2me_process_batchincludes\class-codir2me-admin.php:116

actionadmin_post_codir2me_scan_imagesincludes\class-codir2me-admin.php:117

actionadmin_post_codir2me_process_images_batchincludes\class-codir2me-admin.php:118

actionadmin_noticesincludes\class-codir2me-admin.php:121

actionadmin_post_codir2me_cancel_uploadincludes\class-codir2me-admin.php:127

actionadmin_post_codir2me_cancel_deleteincludes\class-codir2me-admin.php:128

actionadmin_post_codir2me_clear_uploaded_filesincludes\class-codir2me-admin.php:131

actionadmin_enqueue_scriptsincludes\class-codir2me-admin.php:137

actionadmin_post_codir2me_update_reprocessing_settingsincludes\class-codir2me-admin.php:140

actionadmin_headincludes\class-codir2me-admin.php:506

actionadmin_footerincludes\class-codir2me-admin.php:1876

filterstyle_loader_srcincludes\class-codir2me-assets-handler.php:100

filterscript_loader_srcincludes\class-codir2me-assets-handler.php:101

filterthe_contentincludes\class-codir2me-assets-handler.php:104

filterwidget_text_contentincludes\class-codir2me-assets-handler.php:105

filterwp_get_custom_cssincludes\class-codir2me-assets-handler.php:108

actionadmin_enqueue_scriptsincludes\class-codir2me-i18n.php:38

filterload_textdomain_mofileincludes\class-codir2me-i18n.php:41

filterplugin_localeincludes\class-codir2me-i18n.php:44

actionadd_attachmentincludes\class-codir2me-images-handler.php:90

actionwp_generate_attachment_metadataincludes\class-codir2me-images-handler.php:93

filterwp_get_attachment_image_srcincludes\class-codir2me-images-handler.php:143

filterwp_get_attachment_urlincludes\class-codir2me-images-handler.php:144

filterwp_calculate_image_srcsetincludes\class-codir2me-images-handler.php:145

filterthe_contentincludes\class-codir2me-images-handler.php:148

filterpost_thumbnail_htmlincludes\class-codir2me-images-handler.php:149

actionsave_postincludes\class-codir2me-page-assets-auto-handler.php:116

actionelementor/editor/after_saveincludes\class-codir2me-page-assets-auto-handler.php:119

actioncustomize_save_afterincludes\class-codir2me-page-assets-auto-handler.php:122

actioncodir2me_process_page_assetsincludes\class-codir2me-page-assets-auto-handler.php:729

actioncodir2me_process_general_assetsincludes\class-codir2me-page-assets-auto-handler.php:737

actionadmin_noticesincludes\class-codir2me-static-media-cdn.php:217

actionwp_loadedincludes\class-codir2me-static-media-cdn.php:358

actionupdate_option_codir2me_auto_upload_thumbnailsincludes\class-codir2me-static-media-cdn.php:361

actionadmin_enqueue_scriptsincludes\class-codir2me-static-media-cdn.php:364

filterwp_redirectincludes\class-codir2me-static-media-cdn.php:397

Scheduled Events 8

codir2me_background_reprocessing_event

codir2me_background_resend_event

codir2me_batch_verify_files

codir2me_process_page_assets

codir2me_process_general_assets

Maintenance & Trust

Codirun R2 Media & Static CDN Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedUnknown

PHP min version8.2

Downloads491

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Codirun R2 Media & Static CDN Alternatives

TP Media Offload & Edge CDN

tp-media-offload-edge-cdn

100

Offload WordPress media to Cloudflare R2 storage and serve via CDN with automatic image optimization.

0 No CVEs

Media Cloud for Bunny CDN, Amazon S3, Cloudflare R2, Google Cloud Storage, DigitalOcean and more

ilab-media-tools

Automatically store media on Amazon S3, Cloudflare R2, Google Cloud Storage, DigitalOcean Spaces + others. Serve CSS/JS assets through CDNs.

7K 1 CVE

Techvila image optimization and CDN

techvila-image-optimization-and-cdn

100

Completely automatic image optimization and load static rerouces from cdn

0 No CVEs

Advanced Media Offloader

advanced-media-offloader

100

Save server space & speed up your site by automatically offloading media to Amazon S3, Cloudflare R2 & more.

3K No CVEs

Offload, AI & Optimize with Cloudflare Images

cf-images

Offload you media library images to the Cloudflare Images service. Store, resize, optimize and deliver images in a fast and secure manner.

1K 1 CVE

Developer Profile

Codirun R2 Media & Static CDN Developer Profile

Codirun

2 plugins · 10 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Codirun R2 Media & Static CDN

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/codirun-codir2me-cdn/assets/css/style.css

Script Paths

/wp-content/plugins/codirun-codir2me-cdn/assets/js/codirun-codir2me-cdn.js

Version Parameters

codirun-codir2me-cdn/assets/css/style.css?ver=codirun-codir2me-cdn/assets/js/codirun-codir2me-cdn.js?ver=

HTML / DOM Fingerprints

HTML Comments

+26 more

FAQ