Does Image Heading have any unpatched vulnerabilities?

No. All known vulnerabilities in Image Heading have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Image Heading compatible with WordPress 5.5.18?

According to WordPress.org data, Image Heading 1.0 has been tested up to WordPress 5.5.18. Check the plugin's changelog for the latest compatibility information.

Is Image Heading compatible with PHP 5.6.39+?

Image Heading requires PHP 5.6.39 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Image Heading updated?

Image Heading was last updated on Oct 11, 2020. Frequent updates are generally a positive security signal.

What is Image Heading's security score?

Image Heading has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Image Heading Security & Risk Analysis

wordpress.org/plugins/image-heading

Extends the core/heading block to allow for an image to be displayed in place of the heading text.

0 active installs v1.0 PHP 5.6.39+ WP 5.0+ Updated Oct 11, 2020

blockh1h2headingimage

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Image Heading Safe to Use in 2026?

Generally Safe

Score 85/100

Image Heading has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago

Risk Assessment

The "image-heading" plugin v1.0 demonstrates a strong adherence to security best practices based on the provided static analysis. The absence of any identified attack vectors such as AJAX handlers, REST API routes, shortcodes, or cron events significantly limits the plugin's exposure to potential threats. Furthermore, the code signals indicate a robust internal security approach: no dangerous functions were detected, all SQL queries utilize prepared statements, and output escaping is consistently applied. The lack of file operations, external HTTP requests, nonce checks, and capability checks, while potentially indicating a simple plugin, also means fewer avenues for exploitation in these areas. The taint analysis revealing zero unsanitized flows further solidifies this positive assessment. The plugin's vulnerability history is also clean, with no recorded CVEs, suggesting a well-maintained and secure codebase over time. Overall, this plugin appears to have an excellent security posture, with no immediate or evident risks based on the given data.

Vulnerabilities

None known

Image Heading Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Image Heading Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Attack Surface

Image Heading Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 2

actionadmin_enqueue_scriptsplugin.php:12

actionwp_enqueue_scriptsplugin.php:16

Maintenance & Trust

Image Heading Maintenance & Trust

Maintenance Signals

WordPress version tested5.5.18

Last updatedOct 11, 2020

PHP min version5.6.39

Downloads5K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Image Heading Alternatives

Override Post Title with First Content Heading

override-post-title-with-first-content-heading

On a singular post/page, returns the contents of the first content H1 or H2 instead of the post_title as normally. Facilitates SEO.

80 No CVEs

Visual Portfolio, Photo Gallery & Post Grid

visual-portfolio

Modern photo gallery and portfolio plugin with advanced layouts editor. Clean gallery styles with powerful settings in the Gutenberg block.

60K 4 CVEs

Lightbox for Gallery & Image Block

gallery-block-lightbox

100

Adds a simple & lightweight Lightbox to the standard WordPress Gallery & Image Block. No lock in and no dependencies.

20K No CVEs

Photo Gallery – GT3 Image Gallery & Gutenberg Block Gallery

gt3-photo-video-gallery

GT3 Image Gallery - create photo gallery, video gallery, block gallery, slider and more with ease. All photo galleries are responsive and loading fast

10K 4 CVEs

Meow Gallery

meow-gallery

Tired of slow, bloated gallery plugins? You've earned a coffee ☺️ Polished, beautiful galleries that are blazing fast.

10K 4 CVEs

Developer Profile

Image Heading Developer Profile

cy8s

2 plugins · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Image Heading

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/image-heading/build/css/style.css/wp-content/plugins/image-heading/build/js/editor.js

Script Paths

/wp-content/plugins/image-heading/build/js/editor.js

Version Parameters

image-heading/build/css/style.css?ver=1.0image-heading/build/js/editor.js?ver=1.0

HTML / DOM Fingerprints

FAQ