WP-Safety

Image Copyright Manager Security & Risk Analysis

wordpress.org/plugins/image-copyright-manager

Add copyright information to WordPress media files with a custom field and display them using shortcodes. Now includes JSON-LD for Image SEO.

10 active installs v1.4.0 PHP 7.4+ WP 6.4+ Updated Feb 18, 2026
attachmentscopyrightimagesmediametadata
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Image Copyright Manager Safe to Use in 2026?

Generally Safe

Score 100/100

Image Copyright Manager has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The "image-copyright-manager" v1.4.0 plugin exhibits a generally strong security posture based on the provided static analysis. The absence of any known vulnerabilities, coupled with the secure handling of SQL queries using prepared statements and a high percentage of properly escaped output, indicates good development practices. The plugin also avoids external HTTP requests and does not bundle libraries, which reduces potential attack vectors.

However, there are a couple of areas that warrant attention. The plugin lacks nonce checks, which is a critical security mechanism for preventing Cross-Site Request Forgery (CSRF) attacks, especially on any form submissions or actions initiated by the plugin. Furthermore, while the attack surface is small with only one shortcode and no unprotected entry points identified in this analysis, the absence of capability checks on this shortcode means any authenticated user could potentially trigger its functionality, regardless of their role. The lack of any recorded vulnerability history is positive, but it doesn't negate the need for robust security measures like nonce and proper capability checks.

Key Concerns

  • Missing nonce checks
  • Missing capability checks on shortcode
Vulnerabilities
None known

Image Copyright Manager Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Image Copyright Manager Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
4 prepared
Unescaped Output
3
24 escaped
Nonce Checks
0
Capability Checks
1
File Operations
2
External Requests
0
Bundled Libraries
0

SQL Query Safety

100% prepared4 total queries

Output Escaping

89% escaped27 total outputs
Attack Surface

Image Copyright Manager Attack Surface

Entry Points1
Unprotected0

Shortcodes 1

[imagcoma] includes\class-imagcoma-shortcodes.php:18
WordPress Hooks 19
actionplugins_loadedimage-copyright-manager.php:53
filtermanage_media_columnsincludes\class-imagcoma-admin-columns.php:19
actionmanage_media_custom_columnincludes\class-imagcoma-admin-columns.php:20
filtermanage_upload_sortable_columnsincludes\class-imagcoma-admin-columns.php:21
filterposts_join_pagedincludes\class-imagcoma-admin-columns.php:22
filterposts_orderbyincludes\class-imagcoma-admin-columns.php:23
actioninitincludes\class-imagcoma-core.php:29
actionadmin_initincludes\class-imagcoma-core.php:30
filterthe_contentincludes\class-imagcoma-display.php:46
actionwp_enqueue_scriptsincludes\class-imagcoma-display.php:47
filterwp_get_attachment_image_attributesincludes\class-imagcoma-display.php:48
actionwp_footerincludes\class-imagcoma-display.php:49
actionwp_headincludes\class-imagcoma-display.php:50
filterattachment_fields_to_editincludes\class-imagcoma-meta-boxes.php:22
filterattachment_fields_to_saveincludes\class-imagcoma-meta-boxes.php:23
actionadd_attachmentincludes\class-imagcoma-metadata-extractor.php:23
filterwp_generate_attachment_metadataincludes\class-imagcoma-metadata-extractor.php:24
actionadmin_menuincludes\class-imagcoma-settings.php:21
actionadmin_initincludes\class-imagcoma-settings.php:22
Maintenance & Trust

Image Copyright Manager Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 18, 2026
PHP min version7.4
Downloads582

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

Image Copyright Manager Alternatives

Image Sizes Panel

Image Sizes Panel

image-sizes-panel

A
85

Display a meta box when viewing a media item in the admin that display all generated images sizes.

100 No CVEs
WP Copyright

WP Copyright

wp-copyright

A
85

Enforces copyright discipline by blurring all uploaded images as long as the associated copyright info is undefined.

60 No CVEs
WP Tesseract

WP Tesseract

wp-tesseract

C
63

A plugin for extracting text from attached images using OCR via Tesseract.

50 1 unpatched
Auto Delete Unattached Media

Auto Delete Unattached Media

auto-delete-unattached-media

A
85

Automatically delete unattached/unused media/images/attachments every minute silently in the background.

30 No CVEs
AIR Download Attachments

AIR Download Attachments

air-download-attachments

A
85

The AIR Download Attachments plugin adds a "Download All Attachments" button to posts, allowing users to download all attached images as a z …

10 No CVEs
Developer Profile

Image Copyright Manager Developer Profile

jespermhl

1 plugin · 10 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Image Copyright Manager

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/image-copyright-manager/assets/css/imagcoma-frontend.css/wp-content/plugins/image-copyright-manager/assets/js/imagcoma-frontend.js
Script Paths
/wp-content/plugins/image-copyright-manager/assets/js/imagcoma-frontend.js
Version Parameters
image-copyright-manager/assets/css/imagcoma-frontend.css?ver=image-copyright-manager/assets/js/imagcoma-frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes
imagcoma-copyright-display
Data Attributes
data-imagcoma-attachment-id
JS Globals
imagcoma_frontend_params
REST Endpoints
/wp-json/imagcoma/v1/attachment/
Shortcode Output
[imagcoma_display_copyright
FAQ

Frequently Asked Questions about Image Copyright Manager