Does Image Rights have any unpatched vulnerabilities?

No. All known vulnerabilities in Image Rights have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Image Rights compatible with WordPress 6.3.8?

According to WordPress.org data, Image Rights 1.2 has been tested up to WordPress 6.3.8. Check the plugin's changelog for the latest compatibility information.

How often is Image Rights updated?

Image Rights was last updated on Sep 8, 2023. Frequent updates are generally a positive security signal.

What is Image Rights's security score?

Image Rights has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Image Rights Security & Risk Analysis

wordpress.org/plugins/image-rights

Adds additional fields for setting image credits in the media library.

100 active installs v1.2 PHP + WP + Updated Sep 8, 2023

copyrightscustom-fieldsimage-rightsmedia-libraryphoto-credits

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Image Rights Safe to Use in 2026?

Generally Safe

Score 85/100

Image Rights has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2yr ago

Risk Assessment

The "image-rights" plugin v1.2 exhibits a generally strong security posture based on the provided static analysis. The absence of dangerous functions, external HTTP requests, file operations, and SQL queries not using prepared statements are all positive indicators. Furthermore, the plugin has no recorded vulnerability history, which suggests a consistent track record of security. However, there are areas for improvement. The lack of explicit nonce and capability checks on its single shortcode entry point is a significant concern. While the total attack surface is small, this unprotected entry point could be exploited if the shortcode handles user-supplied data, as there are no taint analysis results provided to confirm sanitization. The output escaping is also not fully comprehensive, with 25% of outputs not properly escaped, which could lead to cross-site scripting vulnerabilities.

Key Concerns

Shortcode missing nonce checks
Shortcode missing capability checks
Unescaped output detected

Vulnerabilities

None known

Image Rights Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Image Rights Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

3 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

75% escaped4 total outputs

Attack Surface

Image Rights Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[photo_credits] image-rights.php:286

WordPress Hooks 8

actionplugins_loadedimage-rights.php:45

actionadmin_enqueue_scriptsimage-rights.php:58

actionadmin_initimage-rights.php:92

actionwp_enqueue_scriptsimage-rights.php:146

filterattachment_fields_to_editimage-rights.php:170

filterattachment_fields_to_saveimage-rights.php:188

filterpost_thumbnail_htmlimage-rights.php:339

filterwp_content_img_tagimage-rights.php:383

Maintenance & Trust

Image Rights Maintenance & Trust

Maintenance Signals

WordPress version tested6.3.8

Last updatedSep 8, 2023

PHP min version

Downloads2K

Community Trust

Rating100/100

Number of ratings2

Active installs100

Alternatives

Image Rights Alternatives

Advanced Custom Fields: Real Media Library Folder Field

acf-real-media-library-field

Media library folder field for Advanced Custom Fields (ACF). Folder created by Real Media Library.

200 No CVEs

Advanced Custom Fields (ACF®)

advanced-custom-fields

ACF helps customize WordPress with powerful, professional and intuitive fields. Proudly powering over 2 million sites, WordPress developers love ACF.

2.0M 9 CVEs

Meta Box

meta-box

Meta Box plugin is a powerful, professional developer toolkit to create custom meta boxes and custom fields for your custom post types in WordPress.

500K 6 CVEs

Checkout Field Editor (Checkout Manager) for WooCommerce

woo-checkout-field-editor-pro

Checkout Field Editor (Checkout Manager) for WooCommerce – The best WooCommerce checkout manager plugin to manage WooCommerce checkout fields.

500K 3 CVEs

FileBird – WordPress Media Library Folders & File Manager

filebird

Organize thousands of WordPress media files in folders / categories with ease.

200K 10 CVEs

Developer Profile

Image Rights Developer Profile

Christian Leuenberg

4 plugins · 1K total installs

trust score

Avg Security Score

87/100

Avg Patch Time

5 days

View full developer profile

Detection Fingerprints

How We Detect Image Rights

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/image-rights/css/admin-styles.css/wp-content/plugins/image-rights/js/admin-scripts.js/wp-content/plugins/image-rights/css/styles.css

Script Paths

js/admin-scripts.js

Version Parameters

image-rights/css/admin-styles.css?ver=image-rights/js/admin-scripts.js?ver=image-rights/css/styles.css?ver=

HTML / DOM Fingerprints

CSS Classes

wndspanphoto-credits-table

Data Attributes

pcr-photographer-namepcr-photographer-platform

JS Globals

pcr_frontend_ajax_object

Shortcode Output

<table class="table photo-credits-table"><thead><tr><th style="width:25%;">Image</th><th>Image rights</th></tr></thead><tbody>

FAQ