Does Image Hotspot have any unpatched vulnerabilities?

No. All known vulnerabilities in Image Hotspot have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Image Hotspot compatible with WordPress 4.5.33?

According to WordPress.org data, Image Hotspot 0.1.0 has been tested up to WordPress 4.5.33. Check the plugin's changelog for the latest compatibility information.

How often is Image Hotspot updated?

Image Hotspot was last updated on Apr 21, 2016. Frequent updates are generally a positive security signal.

What is Image Hotspot's security score?

Image Hotspot has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Image Hotspot Security & Risk Analysis

wordpress.org/plugins/image-hotspot

Image hotspot helps you control how WordPress generates the various image size in your site.

100 active installs v0.1.0 PHP + WP 4.5+ Updated Apr 21, 2016

imageresizethumbnails

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Image Hotspot Safe to Use in 2026?

Generally Safe

Score 85/100

Image Hotspot has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9yr ago

Risk Assessment

The "image-hotspot" plugin v0.1.0 demonstrates a generally good security posture based on the provided static analysis. It correctly utilizes prepared statements for all SQL queries and properly escapes all output, mitigating common risks like SQL injection and cross-site scripting. The plugin also implements nonce checks for its two identified AJAX entry points, which is a positive security practice. There are no identified dangerous functions, file operations, or external HTTP requests, further reducing the attack surface.

Key Concerns

No capability checks on AJAX handlers

Vulnerabilities

None known

Image Hotspot Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Image Hotspot Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

6 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped6 total outputs

Attack Surface

Image Hotspot Attack Surface

Entry Points2

Unprotected0

AJAX Handlers 2

authwp_ajax_hotspot_saveimage-hotspot.php:75

authwp_ajax_hotspot_deleteimage-hotspot.php:76

WordPress Hooks 7

actionplugins_loadedimage-hotspot.php:20

actioninitimage-hotspot.php:60

filterget_attached_fileimage-hotspot.php:65

filterupdate_attached_fileimage-hotspot.php:66

filterimage_resize_dimensionsimage-hotspot.php:69

actionadmin_enqueue_scriptsimage-hotspot.php:72

filterwp_prepare_attachment_for_jsimage-hotspot.php:77

Maintenance & Trust

Image Hotspot Maintenance & Trust

Maintenance Signals

WordPress version tested4.5.33

Last updatedApr 21, 2016

PHP min version

Downloads4K

Community Trust

Rating100/100

Number of ratings3

Active installs100

Alternatives

Image Hotspot Alternatives

Resize Post Thumbnails

resize-post-thumbnails

This plugin will resize post thumbnails on the fly.

100 No CVEs

AutoThumb

autothumb

The plugin is actually just a port of a plugin/snippet I wrote for MODx a while ago (see here). It scans your content's source code for <img&g …

80 No CVEs

ShortPixel Image Optimizer – Optimize Images, Convert WebP & AVIF

shortpixel-image-optimiser

Optimize images & PDFs smartly. Create and compress next-gen WebP and AVIF formats. Smart crop and resize.

300K 6 CVEs

Imsanity

imsanity

100

Automatically resizes huge image uploads. Are contributors uploading huge photos? Tired of manually resizing your images? Imsanity to the rescue!

200K No CVEs

Image Hotspot Developer Profile

Jonathan Bardo

5 plugins · 710 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Image Hotspot

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/image-hotspot/css/image-hotspot.min.css/wp-content/plugins/image-hotspot/css/image-hotspot.css/wp-content/plugins/image-hotspot/js/image-hotspot.min.js/wp-content/plugins/image-hotspot/js/image-hotspot.js

Script Paths

/wp-content/plugins/image-hotspot/js/image-hotspot.min.js/wp-content/plugins/image-hotspot/js/image-hotspot.js

Version Parameters

image-hotspot/css/image-hotspot.min.css?ver=image-hotspot/js/image-hotspot.min.js?ver=image-hotspot/css/image-hotspot.css?ver=image-hotspot/js/image-hotspot.js?ver=

HTML / DOM Fingerprints

HTML Comments

Thanks to Robert O'Rourke from interconnect/it for the inspiration and the base of this plugin! http://interconnectit.com

Data Attributes

data-attachment_iddata-hotspot_nonce

JS Globals

imagehotspot

REST Endpoints

/wp-json/wp/v2/media?hotspot_id=

FAQ