WP-Safety

ThumbPress – Image Management Suite for Performance and Optimization Security & Risk Analysis

wordpress.org/plugins/image-sizes

Disable Thumbnails, Regenerate Thumbnails, Compress Images, Convert to WebP, Find Unused and Large Images, Edit Images, and more with ThumbPress.

30K active installs v5.8.37 PHP 7.0+ WP 6.0+ Updated Jan 13, 2026
compress-imagesdisable-thumbnailsimage-editoroptimize-imagesregenerate-thumbnails
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is ThumbPress – Image Management Suite for Performance and Optimization Safe to Use in 2026?

Generally Safe

Score 100/100

ThumbPress – Image Management Suite for Performance and Optimization has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago
Risk Assessment

The 'image-sizes' plugin v5.8.37 demonstrates a generally strong security posture with good practices in place. The plugin effectively utilizes prepared statements for most SQL queries and shows a high percentage of properly escaped output, minimizing common vulnerabilities. The absence of known CVEs, critical taint flows, and dangerous functions further contributes to its good security standing.

However, a significant concern arises from the presence of one unprotected AJAX handler. This creates an easily exploitable entry point for attackers, as it lacks authentication or authorization checks. While the plugin has a low attack surface overall, this single unprotected handler presents a critical risk.

In conclusion, 'image-sizes' v5.8.37 is largely well-secured, with excellent adherence to best practices for SQL and output handling. The plugin's history of zero vulnerabilities is a positive indicator. The primary weakness lies in the single unprotected AJAX endpoint, which, despite the overall good security, represents a notable security gap that should be addressed.

Key Concerns

  • Unprotected AJAX handler found
Vulnerabilities
None known

ThumbPress – Image Management Suite for Performance and Optimization Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

ThumbPress – Image Management Suite for Performance and Optimization Code Analysis

Dangerous Functions
0
Raw SQL Queries
4
17 prepared
Unescaped Output
22
261 escaped
Nonce Checks
8
Capability Checks
3
File Operations
1
External Requests
1
Bundled Libraries
0

SQL Query Safety

81% prepared21 total queries

Output Escaping

92% escaped283 total outputs
Data Flows
All sanitized

Data Flow Analysis

8 flows
dismiss_notice (app\AJAX.php:43)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
1 unprotected

ThumbPress – Image Management Suite for Performance and Optimization Attack Surface

Entry Points1
Unprotected1

AJAX Handlers 1

authwp_ajax_thumbpress_year_end_hide_noticeclasses\Notice.php:35
WordPress Hooks 2
filteris_year_end_campaign_activeapp\Admin.php:131
actionadmin_noticesclasses\Notice.php:92

Scheduled Events 1

codexpert-daily
Maintenance & Trust

ThumbPress – Image Management Suite for Performance and Optimization Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedJan 13, 2026
PHP min version7.0
Downloads1.2M

Community Trust

Rating72/100
Number of ratings106
Active installs30K
Alternatives

ThumbPress – Image Management Suite for Performance and Optimization Alternatives

Imagify Image Optimization – Optimize Images | Compress Images | Convert WebP | Convert AVIF

Imagify Image Optimization – Optimize Images | Compress Images | Convert WebP | Convert AVIF

imagify

A
100

Optimize images in 1-click: compress images, convert to WebP & AVIF, resize, and boost your site with the easiest WordPress image optimization plugin!

1.0M No CVEs
Smush Image Optimization – Optimize Images | Compress & Lazy Load Images | Convert WebP & AVIF | Image CDN

Smush Image Optimization – Optimize Images | Compress & Lazy Load Images | Convert WebP & AVIF | Image CDN

wp-smushit

A
93

Optimize and compress images with lossless and lossy compression, lazy load, WebP & AVIF conversion, and global image CDN.

1.0M 6 CVEs
Converter for Media – Optimize images | Convert WebP & AVIF

Converter for Media – Optimize images | Convert WebP & AVIF

webp-converter-for-media

A
93

Speed up your website by using our WebP & AVIF Converter. Optimize images and serve WebP and AVIF images instead of standard formats!

500K 4 CVEs
ShortPixel Image Optimizer – Optimize Images, Convert WebP & AVIF

ShortPixel Image Optimizer – Optimize Images, Convert WebP & AVIF

shortpixel-image-optimiser

A
95

Optimize images & PDFs smartly. Create and compress next-gen WebP and AVIF formats. Smart crop and resize.

300K 6 CVEs
Compress, Resize & Lazy Load Images – WPvivid Image Optimization

Compress, Resize & Lazy Load Images – WPvivid Image Optimization

wpvivid-imgoptim

A
100

Optimize, compress and resize images in WordPress in bulk. Lazy load images. Auto resize and optimize images upon upload.

10K No CVEs
Developer Profile

ThumbPress – Image Management Suite for Performance and Optimization Developer Profile

Codexpert, Inc

10 plugins · 41K total installs

75
trust score
Avg Security Score
81/100
Avg Patch Time
39 days
View full developer profile
Detection Fingerprints

How We Detect ThumbPress – Image Management Suite for Performance and Optimization

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/image-sizes/assets/css/main.css/wp-content/plugins/image-sizes/assets/css/tooltip.css/wp-content/plugins/image-sizes/assets/css/responsive.css/wp-content/plugins/image-sizes/assets/js/main.js/wp-content/plugins/image-sizes/assets/js/tooltip.js/wp-content/plugins/image-sizes/assets/js/responsive.js
Version Parameters
image-sizes/assets/css/main.css?ver=image-sizes/assets/css/tooltip.css?ver=image-sizes/assets/css/responsive.css?ver=image-sizes/assets/js/main.js?ver=image-sizes/assets/js/tooltip.js?ver=image-sizes/assets/js/responsive.js?ver=

HTML / DOM Fingerprints

CSS Classes
cx-thumbpress-settingscx-thumbpress-welcomecx-thumbpress-upgradecx-thumbpress-upgrade-modalcx-thumbpress-upgrade-noticecx-thumbpress-tooltipcx-thumbpress-responsive
HTML Comments
<!-- ThumbPress Welcome Modal --><!-- ThumbPress Upgrade Modal --><!-- ThumbPress Upgrade Notice --><!-- ThumbPress Tooltip -->+1 more
Data Attributes
data-cx-tooltipdata-cx-responsive-breakpoint
JS Globals
window.cx_responsive_settings
FAQ

Frequently Asked Questions about ThumbPress – Image Management Suite for Performance and Optimization