WP-Safety

EZOptimize Image Optimizer Security & Risk Analysis

wordpress.org/plugins/ez-optimize-media-optimizer

Optimize your images without losing quality for pagespeed, SEO or simply performance optimization

0 active installs v2.0.2 PHP 5.6+ WP 4.0.0+ Updated Feb 10, 2020
image-optimizationpagespeed-optimize-imagesreduce-image-sizeseo-optimize-images
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is EZOptimize Image Optimizer Safe to Use in 2026?

Generally Safe

Score 85/100

EZOptimize Image Optimizer has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6yr ago
Risk Assessment

The "ez-optimize-media-optimizer" v2.0.2 plugin exhibits a concerning security posture primarily due to its unprotected entry points and lack of output escaping. While the plugin demonstrates good practices by utilizing prepared statements for all SQL queries and has no recorded vulnerabilities in its history, the presence of three unprotected AJAX handlers significantly increases its attack surface. This means that unauthenticated users could potentially interact with these handlers, leading to unintended actions or information disclosure if the handler's logic is flawed. The absence of any output escaping for the four identified outputs is a critical weakness, making the plugin highly susceptible to Cross-Site Scripting (XSS) vulnerabilities. Any data processed or displayed by these outputs without proper sanitization could be manipulated by an attacker to inject malicious scripts. The lack of taint analysis data is noted, but the existing code signals are strong indicators of potential issues. The plugin's history of zero vulnerabilities is positive, but it does not negate the immediate risks identified in the current analysis. Overall, the plugin has strengths in its database interaction security, but critical weaknesses in handling user input and output necessitate immediate attention to prevent exploitation.

Key Concerns

  • Unprotected AJAX handlers
  • Unescaped output
  • Missing nonce checks on AJAX
  • Missing capability checks
Vulnerabilities
None known

EZOptimize Image Optimizer Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

EZOptimize Image Optimizer Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
4
0 escaped
Nonce Checks
0
Capability Checks
0
File Operations
5
External Requests
1
Bundled Libraries
0

Output Escaping

0% escaped4 total outputs
Attack Surface
3 unprotected

EZOptimize Image Optimizer Attack Surface

Entry Points3
Unprotected3

AJAX Handlers 3

authwp_ajax_ez_optimizeoptimizer.php:79
authwp_ajax_ez_revertoptimizer.php:88
authwp_ajax_ez_api_keyoptimizer.php:103
WordPress Hooks 7
actionadd_attachmentoptimizer.php:67
actionwp_enqueue_scriptsoptimizer.php:75
actionadmin_enqueue_scriptsoptimizer.php:76
filterwp_generate_attachment_metadataoptimizer.php:113
actionadmin_menuoptimizer.php:132
actionadmin_noticesoptimizer.php:246
actionadd_attachmentoptimizer.php:270
Maintenance & Trust

EZOptimize Image Optimizer Maintenance & Trust

Maintenance Signals

WordPress version tested5.3.21
Last updatedFeb 10, 2020
PHP min version5.6
Downloads2K

Community Trust

Rating20/100
Number of ratings1
Active installs0
Alternatives

EZOptimize Image Optimizer Alternatives

Cut down uploads size

Cut down uploads size

cut-down-uploads-size

A
100

The “Cut down uploads size” plugin allows you to optimize all the images from your “uploads” folder.

0 No CVEs
Image Optimizer – Optimize Images and Convert to WebP or AVIF

Image Optimizer – Optimize Images and Convert to WebP or AVIF

image-optimization

A
99

Automatically resize, optimize, and convert images to WebP and AVIF. Compress images in bulk or on upload to boost your WordPress site performance.

1.0M 1 CVE
Imagify Image Optimization – Optimize Images | Compress Images | Convert WebP | Convert AVIF

Imagify Image Optimization – Optimize Images | Compress Images | Convert WebP | Convert AVIF

imagify

A
100

Optimize images in 1-click: compress images, convert to WebP & AVIF, resize, and boost your site with the easiest WordPress image optimization plugin!

1.0M No CVEs
Smush Image Optimization – Optimize Images | Compress & Lazy Load Images | Convert WebP & AVIF | Image CDN

Smush Image Optimization – Optimize Images | Compress & Lazy Load Images | Convert WebP & AVIF | Image CDN

wp-smushit

A
93

Optimize and compress images with lossless and lossy compression, lazy load, WebP & AVIF conversion, and global image CDN.

1.0M 6 CVEs
Converter for Media – Optimize images | Convert WebP & AVIF

Converter for Media – Optimize images | Convert WebP & AVIF

webp-converter-for-media

A
93

Speed up your website by using our WebP & AVIF Converter. Optimize images and serve WebP and AVIF images instead of standard formats!

500K 4 CVEs
Developer Profile

EZOptimize Image Optimizer Developer Profile

The Media Shop

1 plugin · 0 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect EZOptimize Image Optimizer

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/ez-optimize-media-optimizer/assets/css/ez-optimize-media-optimizer.css/wp-content/plugins/ez-optimize-media-optimizer/assets/js/ez-optimize-media-optimizer.js
Script Paths
/wp-content/plugins/ez-optimize-media-optimizer/assets/js/ez-optimize-media-optimizer.js
Version Parameters
ez-optimize-media-optimizer/assets/css/ez-optimize-media-optimizer.css?ver=ez-optimize-media-optimizer/assets/js/ez-optimize-media-optimizer.js?ver=

HTML / DOM Fingerprints

CSS Classes
ez-optimize-media-optimizer
Data Attributes
v-model="apikey"v-model="auto"
JS Globals
window.vueData
FAQ

Frequently Asked Questions about EZOptimize Image Optimizer