Does Category Thumbnail have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Category Thumbnail compatible with WordPress 4.2.39?

According to WordPress.org data, Category Thumbnail 1.5.0 has been tested up to WordPress 4.2.39. Check the plugin's changelog for the latest compatibility information.

How often is Category Thumbnail updated?

Category Thumbnail was last updated on Mar 28, 2015. Frequent updates are generally a positive security signal.

What is Category Thumbnail's security score?

Category Thumbnail has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Category Thumbnail Security & Risk Analysis

wordpress.org/plugins/dirtysuds-category-thumbnail

Adds shortcode [catthumb] to embed a thumbnail image for a category.

40 active installs v1.5.0 PHP + WP 3.5+ Updated Mar 28, 2015

imageimagespostpostswordpress

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Category Thumbnail Safe to Use in 2026?

Generally Safe

Score 85/100

Category Thumbnail has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11yr ago

Risk Assessment

The "dirtysuds-category-thumbnail" plugin version 1.5.0 exhibits a strong security posture based on the provided static analysis results. The code demonstrates excellent adherence to secure coding practices, with all SQL queries utilizing prepared statements and all output being properly escaped. The absence of dangerous functions, file operations, external HTTP requests, and the minimal attack surface further contribute to its security.

While the static analysis did not uncover any specific vulnerabilities or unsanitized taint flows, the lack of nonce checks and capability checks on the single identified shortcode is a notable concern. Although the shortcode is the only entry point, its functionality is not explicitly protected by authentication or authorization mechanisms, which could present an indirect risk if its logic were to be influenced by user input without proper validation or authorization.

The plugin's vulnerability history is clean, with no recorded CVEs. This, combined with the positive static analysis findings, suggests a generally secure and well-maintained plugin. However, the missing authorization checks on the shortcode remain a potential area for improvement to further harden its security.

Key Concerns

Shortcode lacks capability checks
Shortcode lacks nonce checks

Vulnerabilities

None known

Category Thumbnail Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Category Thumbnail Release Timeline

v1.5.0Current

v1.4.0

v1.03

v1.02

v1.01

v1.00

Code Analysis

Analyzed Mar 16, 2026

Category Thumbnail Code Analysis

Dangerous Functions

Raw SQL Queries

1 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared1 total queries

Attack Surface

Category Thumbnail Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[catthumb] thumb.php:62

Maintenance & Trust

Category Thumbnail Maintenance & Trust

Maintenance Signals

WordPress version tested4.2.39

Last updatedMar 28, 2015

PHP min version

Downloads10K

Community Trust

Rating0/100

Number of ratings0

Active installs40

Alternatives

Category Thumbnail Alternatives

Gallery Excerpt

gallery-excerpt

Replace the excerpt for posts with the post type 'Gallery' to a row of images from the post.

10 No CVEs

Newpost Catch

newpost-catch

Thumbnails in new articles setting widget.

10K 1 CVE

Superb Recent Posts With Thumbnail Images

superb-recent-posts-with-thumbnail-images

100

Responsive Recent Posts Widget With Images for WordPress. Lightweight & SEO Optimized Code. Free.

7K No CVEs

WP Image Borders

wp-image-borders

WP Image Borders makes it easy to add decorative image borders to pictures in your blog posts.

2K No CVEs

Bulk Images to Posts

bulk-images-to-posts

Bulk upload images to automatically create posts / custom posts with featured images.

1K No CVEs

Developer Profile

Category Thumbnail Developer Profile

Pat Hawks

8 plugins · 130 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Category Thumbnail

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

Shortcode Output

<a href=""><img width=" height=" class="attachment-thumbnail wp-post-image" alt="

FAQ