Does Get Image have any unpatched vulnerabilities?

No. All known vulnerabilities in Get Image have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Get Image compatible with WordPress 2.7.1?

According to WordPress.org data, Get Image 1.0 has been tested up to WordPress 2.7.1. Check the plugin's changelog for the latest compatibility information.

How often is Get Image updated?

Get Image was last updated on Jun 3, 2009. Frequent updates are generally a positive security signal.

What is Get Image's security score?

Get Image has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Get Image Security & Risk Analysis

wordpress.org/plugins/get-image

Take the last image daughter of a post on the selected size.

20 active installs v1.0 PHP + WP 2.6+ Updated Jun 3, 2009

fullziseget-imageimageimagesthumbnail

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Get Image Safe to Use in 2026?

Generally Safe

Score 85/100

Get Image has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 16yr ago

Risk Assessment

The "get-image" v1.0 plugin exhibits a strong security posture based on the provided static analysis, with no identified vulnerabilities or dangerous code patterns. The absence of AJAX handlers, REST API routes, shortcodes, and cron events significantly limits its attack surface. Furthermore, all SQL queries are correctly implemented using prepared statements, and there are no file operations or external HTTP requests, mitigating common attack vectors. The lack of recorded CVEs also indicates a history of secure development.

However, a notable concern is that 100% of the identified output operations are not properly escaped. This is a critical oversight that could lead to cross-site scripting (XSS) vulnerabilities if user-supplied data is ever incorporated into these outputs. While the current static analysis doesn't reveal any tainted data flows or unsanitized paths, the potential for XSS due to unescaped output remains a significant risk. The complete absence of nonce and capability checks, while not directly exploitable given the limited entry points, represents a missed opportunity for robust security implementation and could become an issue if the plugin's functionality expands.

Key Concerns

Output escaping is not properly implemented
No nonce checks for potential entry points
No capability checks for potential entry points

Vulnerabilities

None known

Get Image Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Get Image Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped4 total outputs

Attack Surface

Get Image Attack Surface

Entry Points0

Unprotected0

Maintenance & Trust

Get Image Maintenance & Trust

Maintenance Signals

WordPress version tested2.7.1

Last updatedJun 3, 2009

PHP min version

Downloads9K

Community Trust

Rating0/100

Number of ratings0

Active installs20

Alternatives

Get Image Alternatives

Quick Featured Images

quick-featured-images

The time-saving solution for managing tons of featured images within minutes: Set, replace and delete in bulk and set default images for future posts.

50K 3 CVEs