Does Imsanity have any unpatched vulnerabilities?

No. All known vulnerabilities in Imsanity have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Imsanity compatible with WordPress 6.9.4?

According to WordPress.org data, Imsanity 2.9.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Imsanity compatible with PHP 7.4+?

Imsanity requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Imsanity updated?

Imsanity was last updated on Feb 10, 2026. Frequent updates are generally a positive security signal.

What is Imsanity's security score?

Imsanity has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Imsanity Security & Risk Analysis

wordpress.org/plugins/imsanity

Automatically resizes huge image uploads. Are contributors uploading huge photos? Tired of manually resizing your images? Imsanity to the rescue!

200K active installs v2.9.0 PHP 7.4+ WP 6.6+ Updated Feb 10, 2026

imagequalityresizescalespace-saver

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Imsanity Safe to Use in 2026?

Generally Safe

Score 100/100

Imsanity has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The "imsanity" plugin version 2.9.0 exhibits a generally strong security posture with no known historical vulnerabilities. The static analysis reveals a robust implementation of security best practices, with all identified entry points (AJAX handlers) protected by authorization checks. The plugin also demonstrates good output escaping practices, with a high percentage of outputs being properly escaped. Furthermore, the absence of taint flows with unsanitized paths indicates a cautious approach to handling user-supplied data.

Despite the positive findings, there is a single code signal of concern: the use of the `unserialize()` function. While the static analysis did not identify any direct exploitation paths from this, `unserialize()` is inherently risky as it can lead to Remote Code Execution (RCE) if used with untrusted input. The plugin's vulnerability history being completely clear is a significant positive, suggesting consistent development and security focus. However, the presence of `unserialize()` remains a potential weakness that could be exploited if input validation is ever bypassed or if a future vulnerability is introduced in how serialized data is handled.

In conclusion, "imsanity" v2.9.0 is a well-developed plugin with a strong emphasis on security. Its lack of known vulnerabilities and protected entry points are commendable. The primary area for attention is the potential risk associated with `unserialize()`. Addressing this by avoiding its use or implementing rigorous validation of serialized data would further solidify its security.

Key Concerns

Use of unserialize() function

Vulnerabilities

None known

Imsanity Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Imsanity Code Analysis

Dangerous Functions

Raw SQL Queries

2 prepared

Unescaped Output

43 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize? unserialize( $result )settings.php:482

SQL Query Safety

25% prepared8 total queries

Output Escaping

81% escaped53 total outputs

Data Flows

All sanitized

Data Flow Analysis

3 flows

imsanity_get_images (ajax.php:17)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Imsanity Attack Surface

Entry Points4

Unprotected0

AJAX Handlers 4

authwp_ajax_imsanity_get_imagesajax.php:8

authwp_ajax_imsanity_resize_imageajax.php:9

authwp_ajax_imsanity_remove_originalajax.php:10

authwp_ajax_imsanity_bulk_completeajax.php:11

WordPress Hooks 15

filterwp_handle_uploadimsanity.php:397

actionplugins_loadedimsanity.php:399

filtermanage_media_columnsimsanity.php:402

actionmanage_media_custom_columnimsanity.php:404

filterimsanity_allowed_mimesimsanity.php:406

filterimsanity_allowed_mimesimsanity.php:408

actionadmin_menusettings.php:15

actionnetwork_admin_menusettings.php:16

actionadmin_enqueue_scriptssettings.php:19

actionadmin_initsettings.php:20

filterbig_image_size_thresholdsettings.php:21

actionadmin_noticessettings.php:131

actionnetwork_admin_noticessettings.php:132

actionadmin_print_scriptssettings.php:133

actionnetwork_admin_noticessettings.php:452

Maintenance & Trust

Imsanity Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 10, 2026

PHP min version7.4

Downloads4.5M

Community Trust

Rating98/100

Number of ratings291

Active installs200K

Alternatives

Imsanity Alternatives

ShortPixel Image Optimizer – Optimize Images, Convert WebP & AVIF

shortpixel-image-optimiser

Optimize images & PDFs smartly. Create and compress next-gen WebP and AVIF formats. Smart crop and resize.

300K 6 CVEs

Resize Image After Upload

resize-image-after-upload

Automatically resize your images after uploading using this plugin. Specify height&width, the plugin will do the rest quickly and transparently.

80K 1 CVE

QODE Optimizer

qode-optimizer

100

The QODE Optimizer plugin is developed to allow you to convert, compress and adjust file sizes for all the images found on your website.

20K No CVEs

Kraken.io Image Optimizer

kraken-image-optimizer

This plugin allows you to optimize your WordPress images through the Kraken.io API, the world's most advanced image optimization and resizing API.

10K 1 unpatched

Compress, Resize & Lazy Load Images – WPvivid Image Optimization

wpvivid-imgoptim

100

Optimize, compress and resize images in WordPress in bulk. Lazy load images. Auto resize and optimize images upon upload.

10K No CVEs

Developer Profile

Imsanity Developer Profile

nosilver4u

5 plugins · 1.4M total installs

trust score

Avg Security Score

99/100

Avg Patch Time

1275 days

View full developer profile

Detection Fingerprints

How We Detect Imsanity

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/imsanity/css/settings.css/wp-content/plugins/imsanity/js/settings.js

Script Paths

/wp-content/plugins/imsanity/js/settings.js

Version Parameters

imsanity/css/settings.css?ver=imsanity/js/settings.js?ver=

HTML / DOM Fingerprints

CSS Classes

imsanity-settings-pageimsanity-form-groupimsanity-input-groupimsanity-alert

HTML Comments

+24 more

Data Attributes

data-imsanity-convert-to-jpgdata-imsanity-max-widthdata-imsanity-max-heightdata-imsanity-avif-qualitydata-imsanity-webp-quality

JS Globals

imsanity_settings_params

REST Endpoints

/wp-json/imsanity/v1/settings

FAQ