Does Force Featured Image have any unpatched vulnerabilities?

No. All known vulnerabilities in Force Featured Image have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Force Featured Image compatible with WordPress 3.7.41?

According to WordPress.org data, Force Featured Image 0.2.0 has been tested up to WordPress 3.7.41. Check the plugin's changelog for the latest compatibility information.

How often is Force Featured Image updated?

Force Featured Image was last updated on Feb 25, 2015. Frequent updates are generally a positive security signal.

What is Force Featured Image's security score?

Force Featured Image has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Force Featured Image Security & Risk Analysis

wordpress.org/plugins/force-featured-image

Ever wanted to force a user to publish a post with a featured image of a certain dimension? Search no more.

10 active installs v0.2.0 PHP + WP 3.5+ Updated Feb 25, 2015

adminfeaturedfeatured-imageimagetinymce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Force Featured Image Safe to Use in 2026?

Generally Safe

Score 85/100

Force Featured Image has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11yr ago

Risk Assessment

The force-featured-image plugin v0.2.0 exhibits a generally strong security posture based on the provided static analysis. The complete absence of identified AJAX handlers, REST API routes, shortcodes, and cron events with unprotected entry points is a significant positive. Furthermore, the code demonstrates a commitment to secure database interactions, with all SQL queries utilizing prepared statements, and there are no recorded critical or high-severity taint flows. The plugin also has no known vulnerabilities in its history, suggesting a well-maintained codebase.

However, there are areas for improvement that introduce minor risks. The most notable concern is the lack of output escaping for the single identified output. This could potentially lead to Cross-Site Scripting (XSS) vulnerabilities if user-supplied data is directly rendered without proper sanitization. The absence of nonce checks and capability checks, while not directly tied to specific entry points in this analysis, could be a point of weakness if future functionality introduces new interactive elements without these essential security measures. The presence of a file operation without further context also warrants cautious observation.

In conclusion, force-featured-image v0.2.0 is a relatively secure plugin due to its limited attack surface and secure database practices. The primary risk lies in the unescaped output. Addressing this, along with potentially implementing nonce and capability checks for future development, would further solidify its security.

Key Concerns

Unescaped output found
File operation without context
No nonce checks
No capability checks

Vulnerabilities

None known

Force Featured Image Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Force Featured Image Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped1 total outputs

Attack Surface

Force Featured Image Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 6

actionplugins_loadedforce-featured-image.php:58

actionafter_setup_themeforce-featured-image.php:59

filteradmin_post_thumbnail_htmlforce-featured-image.php:90

filterwp_insert_post_dataforce-featured-image.php:91

actionadmin_noticesforce-featured-image.php:92

filterredirect_post_locationforce-featured-image.php:141

Maintenance & Trust

Force Featured Image Maintenance & Trust

Maintenance Signals

WordPress version tested3.7.41

Last updatedFeb 25, 2015

PHP min version

Downloads4K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Force Featured Image Alternatives

Require Featured Image

require-featured-image

Requires content you specify to have a featured image set before they can be published.

4K No CVEs

WEN Featured Image

wen-featured-image

Add featured image column in listings. Add/change/remove featured image directly from the listing page

4K No CVEs

Add Featured Image Column

add-featured-image-column

This plugin adds a featured image column to any post type which supports featured images. See which posts have a featured image at a glance!

3K No CVEs

Featured Image Column

featured-image-column

Adds a column to any post type edit screen with the featured image if it exists.

2K No CVEs

Widget Builder

widget-builder

Widget Builder uses native WordPress editing interface to provide a unique tool to build custom widgets for your site(s).

600 No CVEs

Developer Profile

Force Featured Image Developer Profile

Jonathan Bardo

5 plugins · 710 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Force Featured Image

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/force-featured-image/force-featured-image.php

HTML / DOM Fingerprints

FAQ