Does File Media Renamer for SEO have any unpatched vulnerabilities?

No. All known vulnerabilities in File Media Renamer for SEO have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is File Media Renamer for SEO compatible with WordPress 6.9.4?

According to WordPress.org data, File Media Renamer for SEO 1.1 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is File Media Renamer for SEO compatible with PHP 7.0+?

File Media Renamer for SEO requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is File Media Renamer for SEO updated?

File Media Renamer for SEO was last updated on Feb 23, 2026. Frequent updates are generally a positive security signal.

What is File Media Renamer for SEO's security score?

File Media Renamer for SEO has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

File Media Renamer for SEO Security & Risk Analysis

wordpress.org/plugins/file-media-renamer-for-seo

Rename media files with SEO-friendly names, auto-update references, alt/title sync, and 301 redirects — fast and safe.

80 active installs v1.1 PHP 7.0+ WP 4.0+ Updated Feb 23, 2026

alt-textbulk-rename-imagesimage-seoimage-titlesrename-media-files

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is File Media Renamer for SEO Safe to Use in 2026?

Generally Safe

Score 100/100

File Media Renamer for SEO has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The file-media-renamer-for-seo plugin, version 1.1, exhibits a generally good security posture with several strong security practices in place. The absence of known CVEs and a clean vulnerability history are positive indicators. The plugin also demonstrates strong adherence to secure coding standards by largely utilizing prepared statements for SQL queries and implementing robust output escaping, with nearly all outputs properly handled. Furthermore, comprehensive nonce and capability checks are present across its entry points, contributing to a reduced attack surface.

However, the static analysis reveals a significant concern regarding the use of the `unserialize` function, which is a known vector for Remote Code Execution vulnerabilities if not handled with extreme care and validation of the serialized data. The taint analysis further highlights this by identifying two flows with unsanitized paths, both flagged as high severity. These flows likely involve the `unserialize` function processing external or user-supplied data without sufficient sanitization, creating a direct risk of arbitrary code execution. The plugin's single file operation and two external HTTP requests, while not inherently problematic, could also become points of exploitation if not meticulously secured against manipulation.

In conclusion, while the plugin benefits from a clean security track record and good general practices like prepared statements and output escaping, the presence of high-severity taint flows associated with `unserialize` presents a critical security risk. This necessitates immediate investigation and remediation to ensure user data and the WordPress installation remain protected from potential attacks.

Key Concerns

High severity taint flow with unsanitized path
High severity taint flow with unsanitized path
Use of unserialize function
File operation present
External HTTP requests present

Vulnerabilities

None known

File Media Renamer for SEO Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

File Media Renamer for SEO Code Analysis

Dangerous Functions

Raw SQL Queries

8 prepared

Unescaped Output

105 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$unserialized_data = unserialize($data);fmrseo.php:857

SQL Query Safety

89% prepared9 total queries

Output Escaping

97% escaped108 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

fmrseo_check_image_redirect (includes\fmr-seo-redirects.php:86)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

File Media Renamer for SEO Attack Surface

Entry Points4

Unprotected0

AJAX Handlers 4

authwp_ajax_fmrseo_save_seo_namefmrseo.php:312

authwp_ajax_fmrseo_ai_renamefmrseo.php:313

authwp_ajax_fmrseo_bulk_renameincludes\fmr-seo-bulk-rename.php:322

authwp_ajax_fmrseo_bulk_ai_rename_stepincludes\fmr-seo-bulk-rename.php:430

WordPress Hooks 14

actionplugins_loadedfmrseo.php:82

actioninitfmrseo.php:90

filterattachment_fields_to_editfmrseo.php:306

actionadmin_enqueue_scriptsfmrseo.php:309

actionfmrseo_update_content_image_references_eventfmrseo.php:316

actionfmrseo_clear_scheduled_update_content_image_referencesfmrseo.php:324

actionplugins_loadedfmrseo.php:328

actionadmin_menuincludes\class-fmr-seo-settings.php:15

actionadmin_initincludes\class-fmr-seo-settings.php:16

filterbulk_actions-uploadincludes\fmr-seo-bulk-rename.php:18

filterhandle_bulk_actions-uploadincludes\fmr-seo-bulk-rename.php:43

actionadmin_footer-upload.phpincludes\fmr-seo-bulk-rename.php:161

actionadmin_enqueue_scriptsincludes\fmr-seo-bulk-rename.php:225

actiontemplate_redirectincludes\fmr-seo-redirects.php:115

Scheduled Events 2

fmrseo_wp_cron_hook

fmrseo_update_content_image_references_event

Maintenance & Trust

File Media Renamer for SEO Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 23, 2026

PHP min version7.0

Downloads537

Community Trust

Rating100/100

Number of ratings1

Active installs80

Alternatives

File Media Renamer for SEO Alternatives

Auto Image Attributes From Filename With Bulk Updater (Add Alt Text, Image Title For Image SEO)

auto-image-attributes-from-filename-with-bulk-updater

100

Automatically add Image Alt Text, Title, Caption and Description from Filename. Bulk update existing images. Great for Image SEO and Accessibility.

100K No CVEs

Fix Alt Text

fix-alt-text

100

Manage alt text site-wide easily with Fix Alt Text. You can also force users to use alt text when adding images in Gutenberg and Classic editors.

1K No CVEs

ImgSEO – AI Image Alt Text Generator & Image SEO Tools

imgseo-ai-alt-text-generator

100

Context-aware AI that analyzes both images and page content for accurate metadata. Process 1000+ images with 16x faster parallel processing.

400 No CVEs

Autobute: Auto Image Attribute & Bulk Updater

autobute-auto-image-attribute-bulk-updater

100

Boost image SEO with auto Title, Alt Text, Caption, and bulk updates for better rankings and accessibility.

100 No CVEs

AI Alt Text Generator for SEO & Accessibility | AutoAlt

autoaltai

100

AI-powered alt text generation for better Google rankings and EAA/ADA accessibility compliance. Made in Germany.

90 No CVEs

Developer Profile

File Media Renamer for SEO Developer Profile

Alex Somale

1 plugin · 80 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect File Media Renamer for SEO

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/file-media-renamer-for-seo/assets/css/fmrseo-admin-style.css/wp-content/plugins/file-media-renamer-for-seo/assets/js/fmrseo-admin-script.js

Script Paths

/wp-content/plugins/file-media-renamer-for-seo/assets/js/fmrseo-admin-script.js

HTML / DOM Fingerprints

CSS Classes

fmrseo-modal-contentfmrseo-bulk-rename-input

Data Attributes

data-fmrseo-id

JS Globals

fmrseo_admin_ajax

FAQ