WP-Safety

Easy Folders – WordPress Media Library Folders, File Manager Security & Risk Analysis

wordpress.org/plugins/easy-folders

🔥 Easily arrange WordPress media files, pages & posts into folders or categories.

40 active installs v1.0.1 PHP + WP 3.0.0+ Updated Apr 23, 2023
file-managerfoldersmedia-foldermedia-librarymedia-library-folders
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Easy Folders – WordPress Media Library Folders, File Manager Safe to Use in 2026?

Generally Safe

Score 85/100

Easy Folders – WordPress Media Library Folders, File Manager has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2yr ago
Risk Assessment

The 'easy-folders' plugin, version 1.0.1, exhibits a mixed security posture. On the positive side, the plugin demonstrates good practices regarding SQL queries and output escaping, with a high percentage of prepared statements and properly escaped outputs respectively. The absence of known CVEs and critical/high severity taint flows further suggests a relatively clean history and development process. However, significant security concerns arise from the attack surface analysis. The presence of two AJAX handlers without any authentication checks represents a direct entry point for potential attackers. This lack of authorization is a critical weakness that could allow unauthorized actions if these AJAX handlers are exploitable. Furthermore, the taint analysis, while not revealing critical or high severity issues, did identify six flows with unsanitized paths, indicating a potential for directory traversal or other file-related vulnerabilities, even if they didn't reach a critical severity in this analysis. The absence of nonce checks on AJAX handlers, coupled with the lack of explicit capability checks on the unprotected AJAX endpoints, significantly elevates the risk associated with these entry points. In conclusion, while 'easy-folders' shows strengths in data handling and has a clean vulnerability history, the unprotected AJAX endpoints and the presence of unsanitized paths are substantial risks that require immediate attention.

Key Concerns

  • AJAX handlers without authentication checks
  • Unsanitized paths in taint flows
  • No nonce checks on AJAX handlers
Vulnerabilities
None known

Easy Folders – WordPress Media Library Folders, File Manager Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Easy Folders – WordPress Media Library Folders, File Manager Code Analysis

Dangerous Functions
0
Raw SQL Queries
35
127 prepared
Unescaped Output
13
137 escaped
Nonce Checks
0
Capability Checks
29
File Operations
5
External Requests
5
Bundled Libraries
0

SQL Query Safety

78% prepared162 total queries

Output Escaping

91% escaped150 total outputs
Data Flows
6 unsanitized

Data Flow Analysis

7 flows6 with unsanitized paths
getLocationInfoByIp (admin\helpers\class-easy-folders-helper.php:365)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

Easy Folders – WordPress Media Library Folders, File Manager Attack Surface

Entry Points2
Unprotected2

AJAX Handlers 2

authwp_ajax_dismiss_noticeincludes\class-easy-folders.php:351
authwp_ajax_save_usage_trackingincludes\class-easy-folders.php:355
WordPress Hooks 58
filtermanage_media_columnsadmin\hooks\class-easy-folders-media-hook.php:87
actionmanage_media_custom_columnadmin\hooks\class-easy-folders-media-hook.php:88
filtermanage_page_posts_columnsadmin\hooks\class-easy-folders-media-hook.php:93
actionmanage_page_posts_custom_columnadmin\hooks\class-easy-folders-media-hook.php:94
filtermanage_posts_columnsadmin\hooks\class-easy-folders-media-hook.php:99
actionmanage_posts_custom_columnadmin\hooks\class-easy-folders-media-hook.php:100
filtermanage_upload_sortable_columnsadmin\hooks\class-easy-folders-media-hook.php:105
filterwp_kses_allowed_htmladmin\hooks\class-easy-folders-media-hook.php:108
filterwp_prepare_attachment_for_jsadmin\hooks\class-easy-folders-media-hook.php:113
actionrestrict_manage_postsadmin\hooks\class-easy-folders-media-hook.php:120
filtereasyfolders_pre_creating_foldersadmin\hooks\class-easy-folders-media-hook.php:138
filtereasyfolders_current_user_folders_whereadmin\hooks\class-easy-folders-media-hook.php:140
filtereasyfolders_current_user_idadmin\hooks\class-easy-folders-media-hook.php:142
actionefs_action_before_folder_media_relationadmin\hooks\class-easy-folders-media-hook.php:145
filterwp_get_attachment_image_srcadmin\repositories\svg\class-easy-folders-svg-support.php:22
filterwp_handle_upload_prefilteradmin\repositories\svg\class-easy-folders-svg-support.php:23
filterwp_prepare_attachment_for_jsadmin\repositories\svg\class-easy-folders-svg-support.php:24
filterwp_check_filetype_and_extadmin\repositories\svg\class-easy-folders-svg-support.php:25
filteradmin_post_thumbnail_htmladmin\repositories\svg\class-easy-folders-svg-support.php:26
filterwp_get_attachment_metadataadmin\repositories\svg\class-easy-folders-svg-support.php:27
filterupload_mimesadmin\repositories\svg\class-easy-folders-svg-support.php:28
filterwp_calculate_image_srcset_metaadmin\repositories\svg\class-easy-folders-svg-support.php:29
actionget_image_tagadmin\repositories\svg\class-easy-folders-svg-support.php:30
filterwp_generate_attachment_metadataadmin\repositories\svg\class-easy-folders-svg-support.php:31
actionplugins_loadedincludes\class-easy-folders.php:180
actionadmin_enqueue_scriptsincludes\class-easy-folders.php:195
actionadmin_enqueue_scriptsincludes\class-easy-folders.php:196
actionadmin_initincludes\class-easy-folders.php:205
actioninitincludes\class-easy-folders.php:208
actioncron_schedulesincludes\class-easy-folders.php:211
actionwp_enqueue_scriptsincludes\class-easy-folders.php:238
actionwp_enqueue_scriptsincludes\class-easy-folders.php:240
actionrest_api_initincludes\class-easy-folders.php:291
actionadd_attachmentincludes\class-easy-folders.php:293
filterwp_handle_upload_prefilterincludes\class-easy-folders.php:295
actiondeleteAttachmentincludes\class-easy-folders.php:297
actionajax_query_attachments_argsincludes\class-easy-folders.php:299
actionmla_media_modal_query_final_termsincludes\class-easy-folders.php:301
actionposts_clausesincludes\class-easy-folders.php:303
actioneasyfolders_extend_fetch_count_where_queryincludes\class-easy-folders.php:305
filterpre-upload-uiincludes\class-easy-folders.php:307
actionadmin_menuincludes\class-easy-folders.php:318
actionadmin_headincludes\class-easy-folders.php:321
actionrest_api_initincludes\class-easy-folders.php:324
actionadmin_initincludes\class-easy-folders.php:327
actionplugin_row_metaincludes\class-easy-folders.php:330
actionadmin_noticesincludes\class-easy-folders.php:334
actionnetwork_admin_noticesincludes\class-easy-folders.php:335
actionadmin_noticesincludes\class-easy-folders.php:337
actionnetwork_admin_noticesincludes\class-easy-folders.php:338
actionadmin_noticesincludes\class-easy-folders.php:343
actionactivated_pluginincludes\class-easy-folders.php:344
actiondeactivated_pluginincludes\class-easy-folders.php:345
actionadmin_noticesincludes\class-easy-folders.php:348
actionadmin_noticesincludes\class-easy-folders.php:354
actionadmin_noticesincludes\class-easy-folders.php:358
actionadmin_initincludes\class-easy-folders.php:361
actionplugins_loadedincludes\class-easy-folders.php:364
Maintenance & Trust

Easy Folders – WordPress Media Library Folders, File Manager Maintenance & Trust

Maintenance Signals

WordPress version tested6.2.9
Last updatedApr 23, 2023
PHP min version
Downloads2K

Community Trust

Rating0/100
Number of ratings0
Active installs40
Alternatives

Easy Folders – WordPress Media Library Folders, File Manager Alternatives

FileBird – WordPress Media Library Folders & File Manager

FileBird – WordPress Media Library Folders & File Manager

filebird

A
89

Organize thousands of WordPress media files in folders / categories with ease.

200K 10 CVEs
Real Media Library: Media Library Folder & File Manager

Real Media Library: Media Library Folder & File Manager

real-media-library-lite

A
97

Organize uploaded media in folders, collections and galleries: A file manager for WordPress. Media management made easy with Real Media Library! (Alte …

100K 4 CVEs
iFolders – Ultimate Folder Organizer for Media Library, Pages, Posts and Users

iFolders – Ultimate Folder Organizer for Media Library, Pages, Posts and Users

ifolders

A
100

Take control of your media library, posts, pages, and other content with our folder manager. Organize your WordPress data into specific categories.

300 1 CVE
MediaCommander – Bring Folders to Media, Posts, and Pages

MediaCommander – Bring Folders to Media, Posts, and Pages

mediacommander

A
99

Take control of your data with our folder manager - organize your WordPress media library, posts, and pages into specific categories with ease.

40 1 CVE
Categorify – WordPress Media Library Category & File Manager

Categorify – WordPress Media Library Category & File Manager

categorify

C
59

Organize your WordPress media files in categories via drag and drop.

1K 1 unpatched
Developer Profile

Easy Folders – WordPress Media Library Folders, File Manager Developer Profile

RipeBits

1 plugin · 40 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Easy Folders – WordPress Media Library Folders, File Manager

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/easy-folders/assets/css/media-library-folders.css/wp-content/plugins/easy-folders/assets/js/admin-media-library-folders.js/wp-content/plugins/easy-folders/assets/js/custom-uploader.js/wp-content/plugins/easy-folders/assets/js/media-library-folders.js/wp-content/plugins/easy-folders/assets/js/media-library-folders.min.js
Script Paths
/wp-content/plugins/easy-folders/assets/js/admin-media-library-folders.js/wp-content/plugins/easy-folders/assets/js/custom-uploader.js/wp-content/plugins/easy-folders/assets/js/media-library-folders.js/wp-content/plugins/easy-folders/assets/js/media-library-folders.min.js
Version Parameters
easy-folders/assets/css/media-library-folders.css?ver=easy-folders/assets/js/admin-media-library-folders.js?ver=easy-folders/assets/js/custom-uploader.js?ver=easy-folders/assets/js/media-library-folders.js?ver=easy-folders/assets/js/media-library-folders.min.js?ver=

HTML / DOM Fingerprints

CSS Classes
media-folder-rowmedia-folder-actionsmedia-folder-createmedia-folder-edit
HTML Comments
<!-- Easy Folders -->
Data Attributes
data-folder-iddata-folder-parentdata-attachment-id
JS Globals
easy_folders_ajax_objecteasy_folders_mediaeasy_folders_custom_uploader
REST Endpoints
/wp-json/ripebits/v1/folders/wp-json/ripebits/v1/attachments/wp-json/ripebits/v1/media
FAQ

Frequently Asked Questions about Easy Folders – WordPress Media Library Folders, File Manager