Image Browser Security & Risk Analysis
wordpress.org/plugins/image-browserAllows you to browse all images on your blog by date and/or category, with the ability to also search image captions for keywords.
Is Image Browser Safe to Use in 2026?
Generally Safe
Score 85/100Image Browser has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "image-browser" plugin v0.3 demonstrates some good security practices, such as using prepared statements for all SQL queries and having a very small attack surface. There are no identified CVEs in its vulnerability history, suggesting a history of relative stability or limited scrutiny. However, the code analysis reveals a significant concern: 100% of output is not properly escaped. This indicates a high risk of Cross-Site Scripting (XSS) vulnerabilities, where malicious scripts could be injected and executed in the user's browser. Additionally, the absence of nonce checks and capability checks on the identified shortcode entry point means that any user, regardless of their role or permissions, could potentially trigger the shortcode's functionality. Taint analysis and dangerous function checks show no immediate critical risks, but the lack of proper output escaping and authorization checks presents a substantial security gap.
Key Concerns
- All outputs unescaped
- No nonce checks on entry points
- No capability checks on entry points
Image Browser Security Vulnerabilities
Image Browser Code Analysis
SQL Query Safety
Output Escaping
Image Browser Attack Surface
Shortcodes 1
WordPress Hooks 2
Maintenance & Trust
Image Browser Maintenance & Trust
Maintenance Signals
Community Trust
Image Browser Alternatives
Multi Image Metabox
multi-image-metabox
Add a multi-image metabox to your posts, pages and custom post types
MMWW
mmww
Media Metadata Workflow Wizard: Integrate your media metadata workflow with WordPress's Media Library
Multiple Gallery on Post
multiple-gallery-on-post
Very simple gallery plugin embedded on post as metaboxes, be able to add multiple metaboxes in one post with ability to insert multiple images for eac …
Remove exif and metadata
remove-exif-and-metadata
Automatically remove exif and metadata data after uploading. Just moment supported format: JPG and PNG. Using ImageMagick
Bildquellenangaben
bildquellen-copyright-statement
Bildquellen für jedes Bild ganz einfach vergeben.
Image Browser Developer Profile
7 plugins · 7K total installs
How We Detect Image Browser
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/image-browser/image-browser.css/wp-content/plugins/image-browser/image-browser.js/wp-content/plugins/image-browser/image-browser.jsimage-browser/image-browser.css?ver=image-browser/image-browser.js?ver=HTML / DOM Fingerprints
image-browser-gallerygallery-itemgallery-icongallery-captionname='imagebrowser'id='year'id='month'name='img_year'name='img_month'name='img_cat'+1 more<form name='imagebrowser'><select id='year' name='img_year'><select id='month' name='img_month'><div id='image-browser-gallery' class='gallery'>