WP-Safety

Edge Images Security & Risk Analysis

wordpress.org/plugins/edge-images

Turbocharge your WordPress images by using an edge provider (like Cloudflare or Accelerated Domains) and optimizing your HTML markup.

20 active installs v5.5.7 PHP 7.4+ WP 5.6+ Updated Jun 29, 2025
cdncloudflareimagesoptimizationperformance
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Edge Images Safe to Use in 2026?

Generally Safe

Score 100/100

Edge Images has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9mo ago
Risk Assessment

The "edge-images" plugin v5.5.7 exhibits a generally strong security posture with excellent adherence to many best practices. The static analysis reveals no directly exploitable entry points through AJAX, REST API, shortcodes, or cron events that lack authentication or permission checks. All SQL queries are properly prepared, and 100% of output is correctly escaped, significantly mitigating risks of SQL injection and Cross-Site Scripting (XSS). The presence of nonce and capability checks further bolsters its defenses against common WordPress vulnerabilities. The plugin also has no recorded vulnerability history, which is a positive indicator of its development quality and past security diligence.

However, two flows with unsanitized paths identified in the taint analysis represent a potential concern. While classified as not critical or high severity, unsanitized paths can sometimes lead to directory traversal or file inclusion vulnerabilities if not handled with extreme care in the broader context of the plugin's functionality. The presence of file operations and an external HTTP request, though not inherently dangerous, requires careful scrutiny to ensure these operations are secure and do not introduce unexpected risks. The plugin also has a moderate number of capability checks (16) and file operations (3), which while often necessary, contribute to the plugin's complexity and thus a slightly increased potential for subtle security oversights.

In conclusion, "edge-images" v5.5.7 is a well-developed plugin with a strong foundation in secure coding practices. The lack of known vulnerabilities and robust handling of SQL and output are significant strengths. The primary area for attention lies in thoroughly auditing the two identified unsanitized path flows to confirm they do not present any exploitable risks in practice. Overall, the risk is assessed as low.

Key Concerns

  • Flows with unsanitized paths found
Vulnerabilities
None known

Edge Images Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Edge Images Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
85 escaped
Nonce Checks
1
Capability Checks
16
File Operations
3
External Requests
1
Bundled Libraries
0

Output Escaping

100% escaped85 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

4 flows2 with unsanitized paths
maybe_transform_image (classes\edge-providers\class-native.php:406)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Edge Images Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 60
actionadmin_menuclasses\class-admin-page.php:164
actionadmin_initclasses\class-admin-page.php:165
actionadmin_enqueue_scriptsclasses\class-admin-page.php:166
actionadmin_post_edge_images_update_settingsclasses\class-admin-page.php:167
actionadmin_noticesclasses\class-admin-page.php:168
filterwp_get_attachment_image_attributesclasses\class-handler.php:87
filterwp_get_attachment_imageclasses\class-handler.php:90
filterwp_img_tag_add_width_and_height_attrclasses\class-handler.php:93
filterwp_get_attachment_image_attributesclasses\class-handler.php:96
filterwp_get_attachment_imageclasses\class-handler.php:97
filterimage_downsizeclasses\class-handler.php:100
filterwp_calculate_image_srcsetclasses\class-handler.php:103
filterwp_img_tag_add_width_and_height_attrclasses\class-handler.php:106
filterthe_contentclasses\class-handler.php:109
actionwp_enqueue_scriptsclasses\class-handler.php:112
filterbig_image_size_thresholdclasses\class-handler.php:115
filterwp_get_attachment_image_attributesclasses\class-handler.php:118
actionupdate_option_edge_images_providerclasses\class-rewrites.php:34
filterquery_varsclasses\class-rewrites.php:42
actioninitclasses\class-rewrites.php:45
actioninitclasses\class-rewrites.php:48
actionadmin_noticesclasses\class-rewrites.php:52
filterget_avatar_urlclasses\features\class-avatars.php:48
filterget_avatarclasses\features\class-avatars.php:49
actionsave_postclasses\features\class-cache.php:56
actiondeleted_postclasses\features\class-cache.php:57
actionattachment_updatedclasses\features\class-cache.php:58
actiondelete_attachmentclasses\features\class-cache.php:59
actionupdate_optionclasses\features\class-cache.php:62
actionupgrader_process_completeclasses\features\class-cache.php:65
actionload-settings_page_edge-imagesclasses\features\class-htaccess-cache.php:137
actionadmin_noticesclasses\features\class-htaccess-cache.php:265
filteredge_images_disable_transformclasses\integrations\bricks\class-bricks.php:42
actionenable-media-replace-upload-doneclasses\integrations\enable-media-replace\class-enable-media-replace.php:47
filterrank_math/json_ldclasses\integrations\rank-math\class-schema-images.php:73
filterrank_math/opengraph/facebook/og_imageclasses\integrations\rank-math\class-social-images.php:73
filterrank_math/opengraph/facebook/og_image_secure_urlclasses\integrations\rank-math\class-social-images.php:74
filterrank_math/opengraph/twitter/imageclasses\integrations\rank-math\class-social-images.php:77
filterrank_math/opengraph/facebook/og_image_widthclasses\integrations\rank-math\class-social-images.php:80
filterrank_math/opengraph/facebook/og_image_heightclasses\integrations\rank-math\class-social-images.php:81
filterrank_math/sitemap/entryclasses\integrations\rank-math\class-xml-sitemaps.php:71
filterrank_math/sitemap/enable_cachingclasses\integrations\rank-math\class-xml-sitemaps.php:75
filterrelevanssi_live_search_post_contentclasses\integrations\relevanssi\class-live-ajax-search.php:49
filterwpseo_schema_imageobjectclasses\integrations\yoast-seo\class-schema-images.php:66
filterwpseo_schema_organizationclasses\integrations\yoast-seo\class-schema-images.php:67
filterwpseo_schema_webpageclasses\integrations\yoast-seo\class-schema-images.php:68
filterwpseo_schema_articleclasses\integrations\yoast-seo\class-schema-images.php:69
filterwpseo_schema_webpageclasses\integrations\yoast-seo\class-schema-images.php:70
filterwpseo_schema_articleclasses\integrations\yoast-seo\class-schema-images.php:71
filterwpseo_opengraph_imageclasses\integrations\yoast-seo\class-social-images.php:78
filterwpseo_twitter_imageclasses\integrations\yoast-seo\class-social-images.php:79
filterwpseo_opengraph_image_widthclasses\integrations\yoast-seo\class-social-images.php:80
filterwpseo_opengraph_image_heightclasses\integrations\yoast-seo\class-social-images.php:81
filterwpseo_xml_sitemap_img_srcclasses\integrations\yoast-seo\class-xml-sitemaps.php:70
actioninitedge-images.php:56
actioninitedge-images.php:65
actionplugins_loadededge-images.php:74
actioninitedge-images.php:82
actioninitedge-images.php:90
actioninitedge-images.php:98
Maintenance & Trust

Edge Images Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedJun 29, 2025
PHP min version7.4
Downloads2K

Community Trust

Rating100/100
Number of ratings5
Active installs20
Alternatives

Edge Images Alternatives

Techvila image optimization and CDN

Techvila image optimization and CDN

techvila-image-optimization-and-cdn

A
100

Completely automatic image optimization and load static rerouces from cdn

0 No CVEs
Image Optimizer by 10web – Image Optimizer and Compression plugin

Image Optimizer by 10web – Image Optimizer and Compression plugin

image-optimizer-wd

A
91

Image Optimizer by 10Web optimizes and preserves image quality. Improve your website speed, bounce rate, and SEO with Image Optimizer.

4K 4 CVEs
Offload, AI & Optimize with Cloudflare Images

Offload, AI & Optimize with Cloudflare Images

cf-images

A
99

Offload you media library images to the Cloudflare Images service. Store, resize, optimize and deliver images in a fast and secure manner.

1K 1 CVE
GoCache

GoCache

gocache-cdn

B
70

Acelere seu site e reduza seus custos com cloud.

1K 1 unpatched
Servebolt Optimizer

Servebolt Optimizer

servebolt-optimizer

A
100

This plugin implements Servebolt's WordPress best practices, and connects your site to the Servebolt Admin Panel.

1K No CVEs
Developer Profile

Edge Images Developer Profile

Jono Alderson

2 plugins · 120 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Edge Images

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/edge-images/assets/css/editor.css/wp-content/plugins/edge-images/assets/css/admin.css/wp-content/plugins/edge-images/assets/js/editor.js/wp-content/plugins/edge-images/assets/js/admin.js
Script Paths
/wp-content/plugins/edge-images/assets/js/editor.js/wp-content/plugins/edge-images/assets/js/admin.js
Version Parameters
edge-images/assets/css/editor.css?ver=edge-images/assets/css/admin.css?ver=edge-images/assets/js/editor.js?ver=edge-images/assets/js/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
edge-images-admin-settings
Data Attributes
data-edge-images-upload
JS Globals
EdgeImagesEditorEdgeImagesAdmin
FAQ

Frequently Asked Questions about Edge Images