Does Image Credit Companion have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Image Credit Companion compatible with WordPress 6.8.5?

According to WordPress.org data, Image Credit Companion 1.0.0 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Image Credit Companion compatible with PHP 7.4+?

Image Credit Companion requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Image Credit Companion updated?

Image Credit Companion was last updated on Nov 4, 2025. Frequent updates are generally a positive security signal.

What is Image Credit Companion's security score?

Image Credit Companion has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Image Credit Companion Security & Risk Analysis

wordpress.org/plugins/image-credit-companion

Track and display image attribution. Add author, source, and license info to images with automatic detection and flexible output options.

0 active installs v1.0.0 PHP 7.4+ WP 5.0+ Updated Nov 4, 2025

attributioncreditsimagesmediasources

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Image Credit Companion Safe to Use in 2026?

Generally Safe

Score 100/100

Image Credit Companion has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6mo ago

Risk Assessment

The "image-credit-companion" plugin v1.0.0 exhibits a strong security posture based on the static analysis results. It demonstrates excellent adherence to secure coding practices, with all SQL queries utilizing prepared statements and a very high percentage of outputs being properly escaped. The absence of dangerous functions, file operations, and external HTTP requests further bolsters its security. Crucially, there are no detected taint flows, indicating no immediate risks of code injection or unauthorized data access through untrusted input.

While the plugin's vulnerability history is clean, with zero recorded CVEs, this is a positive indicator but not an absolute guarantee of future safety. The presence of 6 shortcodes as entry points, though currently unprotected, warrants attention. However, given the overall lack of concerning signals in the static analysis and the clean vulnerability history, the immediate risk appears low. The plugin's developers seem to have a good understanding of WordPress security fundamentals.

Key Concerns

Unprotected shortcodes (entry points)

Vulnerabilities

None known

Image Credit Companion Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Image Credit Companion Release Timeline

v1.0.0Current

Code Analysis

Analyzed Apr 16, 2026

Image Credit Companion Code Analysis

Dangerous Functions

Raw SQL Queries

31 prepared

Unescaped Output

376 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared31 total queries

Output Escaping

99% escaped378 total outputs

Attack Surface

Image Credit Companion Attack Surface

Entry Points6

Unprotected0

Shortcodes 6

[imagcrco_image_sources] public/class-eiam-frontend.php:45

[imagcrco_post_image_sources] public/class-eiam-frontend.php:46

[image_sources] public/class-eiam-frontend.php:49

[post_image_sources] public/class-eiam-frontend.php:50

[imagcrco_debug] public/class-eiam-frontend.php:53

[imagcrco_test] public/class-eiam-frontend.php:54

WordPress Hooks 27

actionadmin_menuadmin/class-eiam-admin.php:27

actionadmin_enqueue_scriptsadmin/class-eiam-admin.php:28

actionadmin_initadmin/class-eiam-admin.php:29

actionadmin_noticesadmin/class-eiam-admin.php:30

actionadmin_noticesadmin/class-eiam-admin.php:31

actionplugins_loadedimage-credit-companion.php:79

actionadmin_noticesimage-credit-companion.php:90

actionadmin_noticesimage-credit-companion.php:96

actionadmin_noticesimage-credit-companion.php:116

actionadmin_noticesimage-credit-companion.php:133

actionsave_postincludes/class-eiam-plugin.php:176

actionwp_insert_postincludes/class-eiam-plugin.php:177

actiondelete_postincludes/class-eiam-plugin.php:178

actiondelete_attachmentincludes/class-eiam-plugin.php:179

actionenqueue_block_editor_assetsincludes/class-eiam-plugin.php:182

filterattachment_fields_to_editincludes/class-eiam-plugin.php:185

filterattachment_fields_to_saveincludes/class-eiam-plugin.php:186

actionadmin_enqueue_scriptsincludes/class-eiam-plugin.php:187

actionadd_attachmentincludes/class-eiam-plugin.php:190

actioninitincludes/class-eiam-plugin.php:193

actionupdated_post_metaincludes/class-eiam-plugin.php:196

actionupdated_optionincludes/class-eiam-plugin.php:197

actionrest_api_initincludes/class-eiam-rest.php:28

actionadmin_initincludes/class-eiam-settings.php:74

actioninitpublic/class-eiam-frontend.php:27

actionwp_enqueue_scriptspublic/class-eiam-frontend.php:28

filterthe_contentpublic/class-eiam-frontend.php:93

Maintenance & Trust

Image Credit Companion Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedNov 4, 2025

PHP min version7.4

Downloads168

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Image Credit Companion Alternatives

Image Source Control Lite – Show Image Credits and Captions

image-source-control-isc

Show image credits, image captions, and copyrights. Manage image sources and warn if they are missing. The original plugin since 2012.

3K 5 CVEs

Picnote Image Annotations

picnote-image-annotations

100

Add professional source attributions and licenses to images in your WordPress content with overlays and organized lists.

0 No CVEs

Instant Images – One-click Image Uploads from Unsplash, Openverse, Pixabay, Pexels, and Giphy

instant-images

One-click uploads from Unsplash, Openverse, Pixabay, Pexels, and Giphy directly to your WordPress media library.

200K 3 CVEs

Media Cleaner: Clean your WordPress!

media-cleaner

100

Clean your WordPress! Eliminate unused and broken media files. For a faster, and better website.

90K 1 CVE

Media Library Assistant

media-library-assistant

Enhances the Media Library; powerful gallery and list shortcodes, full taxonomy support, IPTC/EXIF/XMP/PDF processing, bulk/quick edit.

70K 29 CVEs

Developer Profile

Image Credit Companion Developer Profile

Desk9 Design

5 plugins · 220 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Image Credit Companion

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/image-credit-companion/dist/css/eiam-admin.css/wp-content/plugins/image-credit-companion/dist/js/eiam-admin.js

Script Paths

/wp-content/plugins/image-credit-companion/dist/js/eiam-admin.js

Version Parameters

image-credit-companion/dist/css/eiam-admin.css?ver=image-credit-companion/dist/js/eiam-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

eiam-admin-pageeiam-setup-notice

Data Attributes

data-eiam-modal-id

JS Globals

EIAMAdmin

FAQ