WP-Safety

Image Alt Sync Security & Risk Analysis

wordpress.org/plugins/image-alt-sync

Replace tag alt attributes in posts with the alt stored in the media library. Batch processing, date/status filters, ID ranges, skip & exclude op …

10 active installs v1.4.11 PHP + WP 5.4+ Updated Oct 10, 2025
accessibilityalt-textbatchimagesseo
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Image Alt Sync Safe to Use in 2026?

Generally Safe

Score 100/100

Image Alt Sync has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7mo ago
Risk Assessment

The image-alt-sync v1.4.11 plugin exhibits a mixed security posture. On the positive side, it demonstrates excellent output escaping practices, with 100% of its outputs being properly escaped. Furthermore, there is no recorded history of vulnerabilities, including critical or high severity ones, and no outdated bundled libraries are present. This suggests a generally well-maintained and secure codebase.

However, the static analysis reveals significant security concerns related to its attack surface. The plugin exposes four AJAX handlers, with two of them lacking any authentication checks. This is a critical oversight, as it allows any unauthenticated user to potentially trigger these handlers, leading to unauthorized actions or information disclosure if they are exploitable. While taint analysis and SQL query issues are absent, the unprotected AJAX endpoints present a clear and present risk that needs immediate attention. The presence of nonces and capability checks on two handlers is good, but insufficient given the two unprotected entry points.

In conclusion, while the plugin's coding hygiene regarding output and its vulnerability history are strong indicators of good development, the unprotected AJAX handlers represent a significant security weakness. This plugin should be considered moderately risky due to these exposed entry points. Remediation of these unprotected AJAX handlers is crucial to improve its security posture.

Key Concerns

  • AJAX handlers without authentication
  • SQL queries without prepared statements
Vulnerabilities
None known

Image Alt Sync Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Image Alt Sync Release Timeline

v1.4.11Current
Code Analysis
Analyzed Mar 16, 2026

Image Alt Sync Code Analysis

Dangerous Functions
0
Raw SQL Queries
2
0 prepared
Unescaped Output
0
18 escaped
Nonce Checks
2
Capability Checks
2
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

0% prepared2 total queries

Output Escaping

100% escaped18 total outputs
Attack Surface
2 unprotected

Image Alt Sync Attack Surface

Entry Points4
Unprotected2

AJAX Handlers 4

authwp_ajax_iasplugin_prepareimage-alt-sync.php:32
authwp_ajax_iasplugin_process_batchimage-alt-sync.php:33
authwp_ajax_iasplugin_get_lowest_idimage-alt-sync.php:34
authwp_ajax_iasplugin_get_highest_idimage-alt-sync.php:35
WordPress Hooks 2
actionadmin_menuimage-alt-sync.php:30
actionadmin_enqueue_scriptsimage-alt-sync.php:31
Maintenance & Trust

Image Alt Sync Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedOct 10, 2025
PHP min version
Downloads249

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

Image Alt Sync Alternatives

Auto Image Attributes From Filename With Bulk Updater (Add Alt Text, Image Title For Image SEO)

Auto Image Attributes From Filename With Bulk Updater (Add Alt Text, Image Title For Image SEO)

auto-image-attributes-from-filename-with-bulk-updater

A
100

Automatically add Image Alt Text, Title, Caption and Description from Filename. Bulk update existing images. Great for Image SEO and Accessibility.

100K No CVEs
AI SEO Tools

AI SEO Tools

ai-seo-tools

A
100

AI SEO Tools uses AI to automatically improve your site's SEO, including generating image alt text, content refresh and auto tagging.

2K No CVEs
Bubuku Media Library

Bubuku Media Library

bubuku-media-library

A
100

Manage image file size and alt text in your WordPress Media Library to improve performance, accessibility and SEO.

200 No CVEs
Auto Alt Text From File Name – Made by Saad

Auto Alt Text From File Name – Made by Saad

madebysaad-auto-alt-text-from-filename

A
100

Automatically generate SEO-friendly alt text and media captions based on filenames. Boost accessibility and save time.

60 No CVEs
AI Auto Alt Text Generator

AI Auto Alt Text Generator

ai-auto-alt-text-generator

A
100

Automatically generates alt text and image titles for your WordPress media uploads with selectable OpenAI models (defaulting to GPT-4o mini), improvin …

40 No CVEs
Developer Profile

Image Alt Sync Developer Profile

dufour_l

2 plugins · 10 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Image Alt Sync

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/image-alt-sync/assets/admin.css/wp-content/plugins/image-alt-sync/assets/admin.js
Script Paths
/wp-content/plugins/image-alt-sync/assets/admin.js
Version Parameters
image-alt-sync/assets/admin.css?ver=image-alt-sync/assets/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
ias-cardias-controlsias-rowias-btnias-badgesias-logias-grid-3ias-grid-2+2 more
Data Attributes
data-range
JS Globals
IASPLUGIN
REST Endpoints
/wp-json/image-alt-sync/
FAQ

Frequently Asked Questions about Image Alt Sync